Bug#906042: stretch-pu: package libxcursor/1:1.1.14-1+deb9u2
Control: tags -1 + moreinfo d-i
Hi,
On Thu, 2018-08-16 at 20:06 +0100, Chris Lamb wrote:
> Dear Adam,
>
> > > > libxcursor (1:1.1.14-1+deb9u2) stretch; urgency=high
> > > >
> > > > * Fix a denial of service or potentially code execution via
> > > > a one-byte heap overflow. (CVE-2015-9262) Closes: #906012)
> > >
> > > Would it be possible to get a "yay/nay" on this s-p-u request?
> >
> > Please go ahead.
>
> Thanks; uploaded.
I managed to miss that the package produces a udeb, so this needs a
KiBi-ack before acceptance; tagging and CCing accordingly.
> > > I wouldn't normally press for a response but this is somewhat
> > > affecting what my next moves are for oldstable and oldoldstable.
> >
> > Isn't oldoldstable an ex-release now?
>
> Not in ELTS:
>
> https://wiki.debian.org/LTS/Extended
Ah, I see.
> > FWIW, CCing both a p-u bug and debian-release is a little
> > redundant.
>
> Mea culpa… I wasn't sure and my apologies for any duplicates or
> implications that involved.
It looks like only the copy to the list showed up, so no real harm
done. It was a little confusing though. :-)
Regards,
Adam
Reply to: