Bug#843411: jessie-pu: package musl/1.1.5-2
Control: tags -1 + pending
On Sun, 2016-11-06 at 14:44 +0000, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Sun, 2016-11-06 at 14:58 +0100, Reiner Herrmann wrote:
> > musl in jessie is affected by CVE-2016-8859.
> > The attached patch cherry-picks the upstream commit,
> > which fixes this issue.
> > The security team marked it as no-dsa, so I'm requesting
> > it to be included in the next jessie update.
>
> +musl (1.1.5-2+deb8u1) jessie-security; urgency=high
>
> That should be "jessie" for a non-security upload.
>
> With the above change, and assuming that the resulting package has been
> tested on jessie, please go ahead.
Uploaded and flagged for acceptance.
Regards,
Adam
Reply to: