Bug#876706: stretch-pu: package liblouis/3.0.0-3
Hello,
Adam D. Barratt, on jeu. 28 sept. 2017 06:46:42 +0100, wrote:
> On Mon, 2017-09-25 at 01:31 +0200, Samuel Thibault wrote:
> > Several CVEs have been reported against liblouis in Bug#874302. The
> > upstream fixes have been tested for 6 days in Debian unstable then 5
> > days in Debian testing.
>
> It might be nice to have slightly more descriptive changelog entries.
Right, I'm not used to such CVE-related uploads, I added in the
changelog the kind of security issue of the CVEs: buffer overflows and
use-after-free.
> In any case, please feel free to upload.
I have done so now.
Thanks,
Samuel
Reply to: