Bug#824484: jessie-pu: package libksba/1.3.2-1+deb8u1

[Salvatore Bonaccorso <carnil@debian.org>]

Hi,

On Tue, May 24, 2016 at 09:41:48PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Mon, 2016-05-16 at 17:30 +0200, Salvatore Bonaccorso wrote:
> > libksba in jessie is affected by some CVEs which do not neccessarly
> > seem to need a DSA. I would like to propose the attached
> > debdiff/update for libksba via the next jessie point release.
> > 
> > Would you accept that upload? I took the git commits without
> > modifying, thus the first patch as well updates the copyright years
> > notice in one file. I can drop that if you prefer.
> > 
> > The "Fix an OOB read access in _ksba_dn_to_str" patch is an addition
> > to CVE-2016-4356 required. If we do not apply that one libskba will be
> > affected by CVE-2016-4574.
> 
> Please go ahead.

Thank you Adam; uploaded.

Regards,
Salvatore