On Wed, Jul 08, 2020 at 12:45:08PM +0200, Sylvain Beucler wrote:
> Hi,
>
> - buster update
>
> I now "up-ported" my stretch work at:
> https://www.beuc.net/tmp/debian-lts/rails-buster/
> + added the redis side of CVE-2020-8165
What do you mean with up-ported? Applying a patch made for an older release
to a more recent release will miss all code which wasn't present in
the older suite.
Cheers,
Moritz