Bug#841234: jessie-pu: package libiberty/20141014-1
Hi Adam,
I forgot about this bug. Actually I do not have any interest and time
now to make an upload. So, I think the bug can be closed.
Thanks
Anton
2018-06-13 22:17 GMT+02:00 Adam D. Barratt <adam@adam-barratt.org.uk>:
> On Sat, 2016-12-17 at 11:42 +0100, Julien Cristau wrote:
>> Control: tag -1 moreinfo
>>
>> On Tue, Oct 18, 2016 at 20:32:56 +0200, Anton Gladky wrote:
>>
>> > Package: release.debian.org
>> > Severity: normal
>> > Tags: jessie
>> > User: release.debian.org@packages.debian.org
>> > Usertags: pu
>> >
>> > Dear release team,
>> >
>> > libiberty needs to be updated in Jessie, because the newer version
>> > fixes many security issues:
>> >
>> > CVE-2016-4487 CVE-2016-4488 CVE-2016-4489 CVE-2016-4490
>> > CVE-2016-4492 CVE-2016-4493 CVE-2016-2226 CVE-2016-6131
>> >
>>
>> What makes it impossible to backport just the fixes for the above
>> issues, rather than importing a full new upstream release? A short
>> description of the issues so we don't have to look them up would also
>> have been helpful.
>>
>
> Ping? The above was 18 months ago, and we're within a few days of
> closing updates to jessie before it becomes LTS.
>
> Regards,
>
> Adam
Reply to: