Bug#906042: stretch-pu: package libxcursor/1:1.1.14-1+deb9u2

To: Chris Lamb <lamby@debian.org>, 906042@bugs.debian.org
Subject: Bug#906042: stretch-pu: package libxcursor/1:1.1.14-1+deb9u2
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Thu, 16 Aug 2018 18:41:50 +0100
Message-id: <[🔎] 1534441310.24088.27.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 906042@bugs.debian.org
In-reply-to: <[🔎] 1534409096.2574193.1475958584.2AEF7EA1@webmail.messagingengine.com>
References: <[🔎] 1534409096.2574193.1475958584.2AEF7EA1@webmail.messagingengine.com> <[🔎] 1534170387.1420721.1472500432.38DD19BC@webmail.messagingengine.com>

Control: tags -1 + confirmed

FWIW, CCing both a p-u bug and debian-release is a little redundant.

On Thu, 2018-08-16 at 09:44 +0100, Chris Lamb wrote:
> Chris Lamb wrote:
> 
> >  libxcursor (1:1.1.14-1+deb9u2) stretch; urgency=high
> >  
> >    * Fix a denial of service or potentially code execution via
> >      a one-byte heap overflow. (CVE-2015-9262) Closes: #906012)
> 
> Would it be possible to get a "yay/nay" on this s-p-u request?

Please go ahead.

> I wouldn't normally press for a response but this is somewhat
> affecting what my next moves are for oldstable and oldoldstable. 

Isn't oldoldstable an ex-release now?

Regards,

Adam

Reply to:

References:
- Re: stretch-pu: package libxcursor/1:1.1.14-1+deb9u2
  - From: Chris Lamb <lamby@debian.org>
- Bug#906042: stretch-pu: package libxcursor/1:1.1.14-1+deb9u2
  - From: Chris Lamb <lamby@debian.org>

Prev by Date: Re: stretch-pu: package libxcursor/1:1.1.14-1+deb9u2
Next by Date: Processed: Re: stretch-pu: package libxcursor/1:1.1.14-1+deb9u2
Previous by thread: Bug#906042: stretch-pu: package libxcursor/1:1.1.14-1+deb9u2
Next by thread: Processed: Re: stretch-pu: package libxcursor/1:1.1.14-1+deb9u2
Index(es):
- Date
- Thread