Bug#861481: unblock: weechat/1.6-1+deb9u1
Control: tags -1 confirmed moreinfo
Salvatore Bonaccorso:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
>
> Hi
>
> Disclaimer: please note, not the maintainer here, but Emmanuel is
> X-Debbug-CC'ed.
>
> Please unblock package weechat
>
> I guess 1.7-3 as in unstable, fixing CVE-2017-8073, #861121 cannot be
> unblocked, since the changes to 1.6-1 are way to much (if yes, though,
> that would great). If not, I propose a targeted fix to fix this CVE:
>
> +weechat (1.6-1+deb9u1) stretch; urgency=medium
> +
> + * Non-maintainer upload.
> + * irc: fix parsing of DCC filename (CVE-2017-8073) (Closes: #861121)
> +
> + -- Salvatore Bonaccorso <carnil@debian.org> Sat, 29 Apr 2017 16:31:58 +0200
>
> The issue is as well fixed already in stable via a DSA.
>
> unblock weechat/1.6-1+deb9u1
>
> Regards
> Salvatore
>
Ack, please ago ahead with the tpu upload.
Thanks,
~Niels
Reply to: