Bug#889681: wayland: CVE-2017-16612: fix via stable updates or security queue?

To: Héctor Orón Martínez <hector.oron@collabora.co.uk>, 889681@bugs.debian.org
Cc: team@security.debian.org
Subject: Bug#889681: wayland: CVE-2017-16612: fix via stable updates or security queue?
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 4 Mar 2018 14:04:08 +0100
Message-id: <[🔎] 20180304130408.GA11531@eldamar.local>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 889681@bugs.debian.org
In-reply-to: <[🔎] 9dc6f364-0087-86a0-e835-927ed4febc11@collabora.co.uk>
References: <151786013614.32221.17283281733773329930.reportbug@eldamar.local> <[🔎] 9dc6f364-0087-86a0-e835-927ed4febc11@collabora.co.uk> <151786013614.32221.17283281733773329930.reportbug@eldamar.local>

Hi Héctor,

On Sun, Mar 04, 2018 at 12:37:38PM +0100, Héctor Orón Martínez wrote:
> Hello,
> 
>   I plan to fix the CVE issue in stable and oldstable:
>   -
> https://salsa.debian.org/xorg-team/wayland/wayland/commit/2471b0463e9395bd981f8b875e3280f1fc6b995f
>   -
> https://salsa.debian.org/xorg-team/wayland/wayland/commit/5df34123d130816a1acf506d8e9f1a1c3e3efcc8
> 
>   While I am testing the package, should I upload to security queues or
> stable updates?

We marked it no-dsa, meaning we were not intending releasing it as
DSA. Can you schedule it via a upcoming point release?

Regards,
Salvatore

Reply to:

References:
- Bug#889681: wayland: CVE-2017-16612: fix via stable updates or security queue?
  - From: Héctor Orón Martínez <hector.oron@collabora.co.uk>

Prev by Date: Bug#889681: wayland: CVE-2017-16612: fix via stable updates or security queue?
Next by Date: Bug#888315: reproducing this bug
Previous by thread: Bug#889681: wayland: CVE-2017-16612: fix via stable updates or security queue?
Next by thread: Bug#888315: reproducing this bug
Index(es):
- Date
- Thread