Dear maintainer(s), The Debian LTS team would like to fix the security issues which are currently open in the Jessie version of ssvnc: https://security-tracker.debian.org/tracker/CVE-2018-20020 https://security-tracker.debian.org/tracker/CVE-2018-20021 https://security-tracker.debian.org/tracker/CVE-2018-20022 https://security-tracker.debian.org/tracker/CVE-2018-20024 These security issues have recently become known while looking into all Debian packages that bundle some or another version of code originally derived from the libvncserver source package. I will soon send a .debdiff to the Debian bugtracker that resolves above named issues for ssvnc in Debian jessie. The patches should be easily forward-portable to ssvnc in stretch, buster and testing/unstable. Would you like to take care of the jessie LTS upload yourself? If yes, please follow the workflow we have defined here: https://wiki.debian.org/LTS/Development If that workflow is a burden to you, feel free to just review the proposed fixes in the source package and give feedback, if there is any. I, with my LTS team member hat on, will take care of the upload then. If you don't want to take care of this update at all, it's not a problem, we will do our best with your package. Just let us know whether you would like to review and/or test the updated package before it gets released. You can also opt-out from receiving future similar emails in your answer and then the LTS Team will take care of ssvnc updates for the LTS releases. Thank you very much. Mike Gabriel, on behalf of the Debian LTS team. PS: A member of the LTS team might start working on this update at any point in time. You can verify whether someone is registered on this update in this file: https://salsa.debian.org/security-tracker-team/security-tracker/raw/master/data/dla-needed.txt -- mike gabriel aka sunweaver (Debian Developer) fon: +49 (1520) 1976 148 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunweaver@debian.org, http://sunweavers.net
Attachment:
signature.asc
Description: PGP signature