Bug#836592: jessie-pu: package gdcm/2.4.4-3
Control: tags -1 + confirmed
On Sun, 2016-09-04 at 13:14 +0200, Gert Wollny wrote:
> The version of gdcm in jessie suffers from two security problems:
>
> CVE-2015-8396 [1]
> CVE-2015-8397 [2]
>
> However, the security team notified my that the issue does not warrant a DSA
> and I should instead just fix it via a jessie point release.
>
> The proposed patch against the package is enclosed, it adds the according fixes
> from the upstream repository.
+gdcm (2.4.4-3+deb8u1) jessie-proposed-updates; urgency=medium
Simply "jessie" is preferred.
Please go ahead.
Regards,
Adam
Reply to: