Bug#961579: stretch-pu: package erlang/1:19.2.1+dfsg-2+deb9u3

To: Sergei Golovan <sgolovan@nes.ru>, 961579@bugs.debian.org
Subject: Bug#961579: stretch-pu: package erlang/1:19.2.1+dfsg-2+deb9u3
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Wed, 27 May 2020 22:13:20 +0100
Message-id: <[🔎] bcab9604b8e79ad631ef7d0caa84f9fd9e6623cb.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 961579@bugs.debian.org
In-reply-to: <[🔎] 159048563502.10499.11993191995646294315.reportbug@jupiter.golovan.home>
References: <[🔎] 159048563502.10499.11993191995646294315.reportbug@jupiter.golovan.home> <[🔎] 159048563502.10499.11993191995646294315.reportbug@jupiter.golovan.home>

Control: tags -1 + confirmed

On Tue, 2020-05-26 at 12:33 +0300, Sergei Golovan wrote:
> Recently, a weak ciphers vulnerability was discovered in the Yaws web
> server, and reported as CVE-2020-12872 (see [1] and [2]).
> It turnes out that Yaws uses the default ciphers provided by Erlang,
> so I think it's better to fix this bug there. If we consider only
> Erlang packages in stretch, buster, bullseye/sid then only the
> version in stretch is vulnerable, so I'd like to propose an update
> for it.

Please go ahead.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#961579: stretch-pu: package erlang/1:19.2.1+dfsg-2+deb9u3
  - From: Sergei Golovan <sgolovan@nes.ru>

References:
- Bug#961579: stretch-pu: package erlang/1:19.2.1+dfsg-2+deb9u3
  - From: Sergei Golovan <sgolovan@nes.ru>

Prev by Date: Processed: tagging 961644
Next by Date: Processed: Re: Bug#961579: stretch-pu: package erlang/1:19.2.1+dfsg-2+deb9u3
Previous by thread: Bug#961579: stretch-pu: package erlang/1:19.2.1+dfsg-2+deb9u3
Next by thread: Bug#961579: stretch-pu: package erlang/1:19.2.1+dfsg-2+deb9u3
Index(es):
- Date
- Thread