Bug#877043: stretch-pu: package weechat/1.6-1+deb9u2

To: Salvatore Bonaccorso <carnil@debian.org>, 877043@bugs.debian.org
Subject: Bug#877043: stretch-pu: package weechat/1.6-1+deb9u2
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Thu, 28 Sep 2017 06:43:59 +0100
Message-id: <[🔎] 1506577439.2243.74.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 877043@bugs.debian.org
In-reply-to: <[🔎] 150656777448.27124.18258106818113583319.reportbug@lorien.valinor.li>
References: <[🔎] 150656777448.27124.18258106818113583319.reportbug@lorien.valinor.li> <[🔎] 150656777448.27124.18258106818113583319.reportbug@lorien.valinor.li>

Control: tags -1 + confirmed

On Thu, 2017-09-28 at 05:02 +0200, Salvatore Bonaccorso wrote:
> weechat in stretch is affected by CVE-2017-14727, tracked as #876553.
> 
> >  * logger: call strftime before replacing buffer local variables
> >    (CVE-2017-14727) (Closes: #876553)
> 
> https://weechat.org/news/98/20170923-Version-1.9.1-security-release/
> 
> Attached proposed debdiff for the stretch point release.
> 

There's quite a bit of noise in such a small diff. :-( I appreciate
why, though.

Please go ahead.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#877043: stretch-pu: package weechat/1.6-1+deb9u2
  - From: Salvatore Bonaccorso <carnil@debian.org>

References:
- Bug#877043: stretch-pu: package weechat/1.6-1+deb9u2
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Processed: Re: Bug#877045: jessie-pu: package weechat/1.0.1-1+deb8u2
Next by Date: Processed: Re: Bug#877043: stretch-pu: package weechat/1.6-1+deb9u2
Previous by thread: Bug#877043: stretch-pu: package weechat/1.6-1+deb9u2
Next by thread: Bug#877043: stretch-pu: package weechat/1.6-1+deb9u2
Index(es):
- Date
- Thread