On Wed, Mar 22, 2017 at 12:15:49PM -0700, Felix Lechner wrote:
> Changes since the last upload:
>
> * New upstream release.
> * New major version is 10
> * New maintainer email address
> * Fixes a low level vulnerability for buffer overflow when loading a
> malformed temporary DH file
> * Fixes a medium level vulnerability for processing of OCSP response
> * Fixes CVE-2017-6076, a low level vulnerability for a potential cache attack
> on RSA operations (Closes: #856114)
According to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=856114# 20
this is not intended to be fixed in testing, is that correct?
--
WBR, wRAR