[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: privoxy stretch package prepared

Hi Roland,

On Sat, Feb 6, 2021 at 4:43 PM Roland Rosenfeld <roland@debian.org> wrote:
> As the maintainer of privoxy package, I just checked all new CVEs on
> https://security-tracker.debian.org/tracker/source-package/privoxy and
> prepared a stretch package with the patches fixing all CVEs.
> Only the patch for CVE-2021-20214 was not included, since this CVE
> doesn't affect 3.0.26 (the fixed tags "refresh-delay" and
> "tags-expire" where introduced with 3.0.27), this should be changed in
> the security-tracker.
> Since all other CVEs are tagged "minor issue" on security-tracker, I'm
> not sure whether it's worth doing a LTS upload for this.
> If you think so, feel free to use it or tell me, what I have to do to
> upload it...
> A patch agains 3.0.26-3 is attached.

Thanks for your pro-active work on this! \o/
I'll go through the patch and other things and will get back to you if
I have any questions or will upload as is :)

- u

Reply to: