Bug#849962: jessie-pu: package libpng/1.2.50-2+deb8u3
Control: tags -1 + confirmed
On Mon, 2017-01-02 at 17:27 +0000, Gianfranco Costamagna wrote:
> CVE-2016-10087 is not worth a DSA, Security Team asked for a point release update.
>
> diff -Nru libpng-1.2.50/debian/changelog libpng-1.2.50/debian/changelog
> --- libpng-1.2.50/debian/changelog 2016-01-07 20:39:14.000000000 +0100
> +++ libpng-1.2.50/debian/changelog 2017-01-02 18:24:35.000000000 +0100
> @@ -1,3 +1,10 @@
> +libpng (1.2.50-2+deb8u3) jessie; urgency=medium
> +
> + * debian/patches/CVE-2016-10087.patch:
> + - cherry-pick upstream fix for CVE-2016-10087
Please go ahead.
Regards,
Adam
Reply to: