Bug#786918: jessie-pu: package exactimage/0.8.9-7+deb8u1
Control: tags -1 + pending
On Wednesday 27 May 2015 07:44:03 Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On 2015-05-26 20:05, Sven Eckelmann wrote:
> > I'd like to upload the attached patch to stable-proposed-updates to fix
> > #786785 (CVE-2015-3885). The security team marked this one as no-dsa
> > but asked
> > me to propose the fixes for a point release. Would this be ok? The
> > change
> > matches exactimage 0.9.1-5 + the backported "dependency" patch to get
> > the
> > ljpeg_start result validation after the ljpeg_start call. The latter
> > change
> > was in unstable before 0.9.1-5 and is required to test the patch.
>
> Please go ahead; thanks.
Uploaded
Thanks,
Sven
Reply to: