Re: Accepted git 1:2.1.4-2.1+deb8u8 (source amd64 all) into oldoldstable
On Thu, Jan 23, 2020 at 10:30:42AM +0000, Adam D. Barratt wrote:
> Hi,
>
> On 2020-01-07 04:10, roberto@debian.org wrote:
> > git (1:2.1.4-2.1+deb8u8) jessie-security; urgency=high
> > .
> > * Non-maintainer upload by the LTS Team.
> > * Apply patches addressing the security issues CVE-2019-1348,
> > CVE-2019-1349, CVE-2019-1352, CVE-2019-1353, and CVE-2019-1387.
> > .
> > Credit for finding these vulnerabilities goes to Microsoft
> > Security Response Center, in particular to Nicolas Joly. Fixes
> > were provided by Jeff King and Johannes Schindelin with help
> > from Garima Singh.
>
> The Security Tracker has this marked as fixed in DLA-2059-1, but I can't
> find any record of an announcement for that. Did it get eaten by a
> grue^W^Wthe list server?
>
I'm not sure what happened there. It is on the website (I submitted a
MR to the webml project), but you are right that it was never received
on the list. I have now sent it again.
Regards,
-Roberto
--
Roberto C. Sánchez
Reply to: