[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#860289: jessie-pu: package libxslt/1.1.28-2+deb8u3

Control: tags -1 + pending

On Mon, 2017-04-24 at 06:37 +0200, Salvatore Bonaccorso wrote:
> Hi,
> 
> On Sun, Apr 23, 2017 at 08:48:29PM +0100, Adam D. Barratt wrote:
> > Control: tags -1 + confirmed
> > 
> > On Fri, 2017-04-14 at 08:36 +0200, Salvatore Bonaccorso wrote:
> > > Given the next jessie point release is approaching I would like to
> > > propose a fix for CVE-2017-5029, #858546 via the upcoming point
> > > release.
> > > 
> > > Attached is the full debdiff.
> > > 
> > > The debian/changelog reads as
> > > 
> > > +libxslt (1.1.28-2+deb8u3) jessie; urgency=medium
> > > +
> > > +  * Non-maintainer upload.
> > > +  * Check for integer overflow in xsltAddTextString (CVE-2017-5029)
> > > +    (Closes: #858546)
> > 
> > Please go ahead, thanks.
> 
> Thank you, uploaded.

Flagged for acceptance into p-u, thanks.

Regards,

Adam
Reply to: