[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: golang-1.7 / CVE-2019-9514 / CVE-2019-9512

Brian May <bam@debian.org> writes:

> I have a patch to fix this. As attached.

I believe that there are exactly two additional packages that would need
to be rebuilt in stretch (i.e. that include the http2 server code):

- dnss
- gobgpd

Not 100% sure if these support creating a http2 server, but might be
worth rebuilding just in case.

Is it OK for me to add these to dla-needed.txt?
Brian May <bam@debian.org>

Reply to: