Hi Moritz, On Fri, 21 Aug 2015 14:23:25 +0200 Moritz Muehlenhoff <j...@debian.org> wrote: > Source: haskell-tls > Severity: important > Tags: security > > The Debian Security Tracker still lists haskell-tls as affected by > https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169, can > you please check with upstream whether that is addressed, I couldn't > find a reference in the changelog.
tricky, as not even upstream can give a definite answer: https://github.com/vincenthz/hs-tls/issues/117 So I guess you can consider this to be not addressed. What are the implications of that? Greetings, Joachim -- -- Joachim "nomeata" Breitner Debian Developer nome...@debian.org | ICQ# 74513189 | GPG-Keyid: F0FBF51F JID: nome...@joachim-breitner.de | http://people.debian.org/~nomeata
signature.asc
Description: This is a digitally signed message part