[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Accepted git 1:2.1.4-2.1+deb8u8 (source amd64 all) into oldoldstable

On Thu, Jan 23, 2020 at 10:30:42AM +0000, Adam D. Barratt wrote:
> Hi,
> On 2020-01-07 04:10, roberto@debian.org wrote:
> >  git (1:2.1.4-2.1+deb8u8) jessie-security; urgency=high
> >  .
> >    * Non-maintainer upload by the LTS Team.
> >    * Apply patches addressing the security issues CVE-2019-1348,
> >      CVE-2019-1349, CVE-2019-1352, CVE-2019-1353, and CVE-2019-1387.
> >  .
> >      Credit for finding these vulnerabilities goes to Microsoft
> >      Security Response Center, in particular to Nicolas Joly. Fixes
> >      were provided by Jeff King and Johannes Schindelin with help
> >      from Garima Singh.
> The Security Tracker has this marked as fixed in DLA-2059-1, but I can't
> find any record of an announcement for that. Did it get eaten by a
> grue^W^Wthe list server?
I'm not sure what happened there.  It is on the website (I submitted a
MR to the webml project), but you are right that it was never received
on the list.  I have now sent it again.



Roberto C. Sánchez

Reply to: