Bug#786919: wheezy-pu: package exactimage/0.8.5-5+deb7u4

To: Sven Eckelmann <sven@narfation.org>, 786919@bugs.debian.org
Subject: Bug#786919: wheezy-pu: package exactimage/0.8.5-5+deb7u4
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Wed, 27 May 2015 07:42:44 +0100
Message-id: <[🔎] 40b065421c66bdb0244f9261ae44bdb8@mail.adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 786919@bugs.debian.org
In-reply-to: <[🔎] 9553236.b74uiPuGAm@bentobox>
References: <[🔎] 9553236.b74uiPuGAm@bentobox>

Control: tags -1 + confirmed

On 2015-05-26 20:05, Sven Eckelmann wrote:

I'd like to upload the attached patch to oldstable-proposed-updates tofix#786785 (CVE-2015-3885). The security team marked this one as no-dsabut askedme to propose the fixes for a point release. Would this be ok? Thechangematches exactimage 0.9.1-5 + the backported "dependency" patch to gettheljpeg_start result validation after the ljpeg_start call. The latterchange
was in unstable before 0.9.1-5 and is required to test the patch.


Please go ahead.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#786919: wheezy-pu: package exactimage/0.8.5-5+deb7u4
  - From: Sven Eckelmann <sven@narfation.org>
- Bug#786919: wheezy-pu: package exactimage/0.8.5-5+deb7u4
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#786919: wheezy-pu: package exactimage/0.8.5-5+deb7u4
  - From: Sven Eckelmann <sven@narfation.org>

Prev by Date: Processed: Re: Bug#786918: jessie-pu: package exactimage/0.8.9-7+deb8u1
Next by Date: Processed: Re: Bug#786919: wheezy-pu: package exactimage/0.8.5-5+deb7u4
Previous by thread: Bug#786919: wheezy-pu: package exactimage/0.8.5-5+deb7u4
Next by thread: Bug#786919: wheezy-pu: package exactimage/0.8.5-5+deb7u4
Index(es):
- Date
- Thread