Bug#906042: stretch-pu: package libxcursor/1:1.1.14-1+deb9u2
Control: tags -1 + confirmed
FWIW, CCing both a p-u bug and debian-release is a little redundant.
On Thu, 2018-08-16 at 09:44 +0100, Chris Lamb wrote:
> Chris Lamb wrote:
>
> > libxcursor (1:1.1.14-1+deb9u2) stretch; urgency=high
> >
> > * Fix a denial of service or potentially code execution via
> > a one-byte heap overflow. (CVE-2015-9262) Closes: #906012)
>
> Would it be possible to get a "yay/nay" on this s-p-u request?
Please go ahead.
> I wouldn't normally press for a response but this is somewhat
> affecting what my next moves are for oldstable and oldoldstable.
Isn't oldoldstable an ex-release now?
Regards,
Adam
Reply to: