Control: tags -1 + confirmed On Sun, 2017-01-01 at 19:59 +0100, Willi Mann wrote: > As per request of the security team, I intend to upload a security fix > (CVE-2016-10091) of the unrtf package for the next jessie point release. > > The changelog is: > unrtf (0.21.5-3+deb8u1) stable; urgency=medium > > * Add patch from upstream to fix CVE-2016-10091 (buffer overflow in various > cmd_ functions) closes: 849705 Please go ahead. Regards, Adam