[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#841724: jessie-pu: package guile-2.0/2.0.11+1-9

"Adam D. Barratt" <adam@adam-barratt.org.uk> writes:

> Control: tags -1 + moreinfo
> Control: severity -1 normal
>
> On Sat, 2016-10-22 at 13:10 -0500, Rob Browning wrote:
>> I'd like to propose an update for jessie as described by the attached
>> debdiff.  Though the final upload/diff might be slightly different
>> (i.e. the dpm hashes).
>> 
>> Both of the changes (patches) have been cherry-picked from upstream as
>> described in the patch headers.
>
> The security tracker indicates that both issues - CVE-2016-8605 and
> CVE-2016-8606 - still affect the guile-2.0 packages in unstable. Is that
> correct? If so then that would be a prerequisite to applying the fixes
> in stable.

Hmm, well I'm also preparing 2.0.13+1-1 packages for unstable that include
(upstream) both fixes.  Should I upload those first?

Thanks
-- 
Rob Browning
rlb @defaultvalue.org and @debian.org
GPG as of 2011-07-10 E6A9 DA3C C9FD 1FF8 C676 D2C4 C0F0 39E9 ED1B 597A
GPG as of 2002-11-03 14DD 432F AE39 534D B592 F9A0 25C8 D377 8C7E 73A4
Reply to: