Bug#924642: stretch-pu: package rsync/3.1.2-1+deb9u1
Control: tags -1 + moreinfo
On Fri, 2019-03-15 at 11:23 +0100, Paul Slootman wrote:
> There are a couple of CVEs that have been fixed by 3.1.2-1+deb9u2.
> After discussing this with a member of the security team it was not
> considered important enough to warrant a DSA, but it would be good if
> it
> could be included in a point release for stretch.
>
> The changelog is:
>
> * Apply CVEs from 2016 to the zlib code.
> closes:#924509
>
> The only change was the addition of 4 patches to the zlib code.
>
> The uploaded version was compiled on a stretch system.
>
There doesn't appear to be an uploaded version anywhere that I can see.
Please attach a source debdiff to this report.
Regards,
Adam
Reply to: