Control: tags -1 + confirmed On Thu, 2019-04-11 at 22:43 +0200, Dylan Aïssi wrote: > Upstream has fixed CVE-2018-20349 which is non-dsa. > The patch is already backported to unstable/testing and now I would > like to fix the Stretch version. > Please go ahead. Regards, Adam