Bug#949826: buster-pu: package haproxy/1.8.19-1
Hi Vincent,
On Sat, Aug 01, 2020 at 03:11:22PM +0200, Vincent Bernat wrote:
> ❦ 31 juillet 2020 10:14 +02, Salvatore Bonaccorso:
>
> >> > > > This needs to be rebased to the 1.8.19-1+deb10u1 which was released
> >> > > > as
> >> > > > DSA 4577-1 AFAICT.
> >> > >
> >> > > Oh, sorry. Here is the updated patch.
> >> >
> >> > Please go ahead.
> >>
> >> Too late for buster 10.4 but actually this would need to be rebased to
> >> the 1.8.19-1+deb10u2 as there was another DSA for haproxy (but not
> >> including this CVE fix). So the version will be 1.8.19-1+deb10u3 by
> >> now.
> >>
> >> If before the next point release will be another haproxy update this
> >> fix for the CVE can be included as well, IMHO.
> >
> > Did you saw the acknowledgement from vom Adam? Could you upload to
> > buster-proposed-updates?
>
> Hello Salvatore,
>
> I've just uploaded it.
Thank you!
Regards,
Salvatore
Reply to: