ksh / CVE-2019-14868
Is dla-needed.txt for Jessie or Stretch now?
ksh was removed from dla-needed.txt for Stretch and classified "minor":
https://salsa.debian.org/security-tracker-team/security-tracker/commit/87322fcf
Then it was added again:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/59a9cd9dca3afc830fea869d12baf2f3d7c21126
Should we mark it as ignored in Stretch also? Or maybe the reason (as
given in the commit message when ksh was first removed) was wrong?
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b72cc677e719d37f5f3378d616d9cb53315db927
--
Brian May <bam@debian.org>
Reply to: