Hi Hugo, On 21.07.19 18:30, Hugo Lefeuvre wrote:
Dear libsdl2-image maintainers, I have prepared a jessie (LTS) update addressing libsdl2-image's current security issues. I will coordinate with the security team to possibly fix them in a future stretch/buster point update. Are you planning to address these issues in testing? Packaging upstream's latest 2.0.5 release should be sufficient, but they can also be addressed with more targeted fixes. I can provide some help if needed.
Thanks for your work! I'm preparing a 2.0.5 upload right now. As far as I can tell all CVEs in the tracker are fixed with 2.0.5. Do you agree? Cheers, Felix