[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#906042: stretch-pu: package libxcursor/1:1.1.14-1+deb9u2

Dear Adam,

> > >  libxcursor (1:1.1.14-1+deb9u2) stretch; urgency=high
> > >  
> > >    * Fix a denial of service or potentially code execution via
> > >      a one-byte heap overflow. (CVE-2015-9262) Closes: #906012)
> > 
> > Would it be possible to get a "yay/nay" on this s-p-u request?
> 
> Please go ahead.

Thanks; uploaded.

> > I wouldn't normally press for a response but this is somewhat
> > affecting what my next moves are for oldstable and oldoldstable. 
> 
> Isn't oldoldstable an ex-release now?

Not in ELTS:

  https://wiki.debian.org/LTS/Extended

> FWIW, CCing both a p-u bug and debian-release is a little redundant.

Mea culpa…  I wasn't sure and my apologies for any duplicates or
implications that involved.

Thank you for your work on stable.


Regards,

-- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-
Reply to: