I have received a very simple patch from the upstream developers (perhaps) fixing just a minor issue regarding one of the several reported security issues.
I'm giving up here trying to get a security patch. There are way too many changes across the versions and upstream doesn't have resources to figure out the exact patches and backport them to 1.8.2. So (@security team) what do we do? Live with it? Maintain a backport? Drop the package? I'm screwed… …Christoph -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org