Bug#877442: marked as pending

Moritz Muehlenhoff Tue, 14 Nov 2017 12:36:34 -0800

On Wed, Nov 01, 2017 at 10:28:22PM +0000, Dylan Aïssi  wrote:
> 
> ---
> commit 25174e187c6211a7e05c44c0fb3eb17556484e61
> Author: Dylan Aïssi <bob.dyb...@gmail.com>
> Date:   Wed Nov 1 22:47:00 2017 +0100
> 
>     Add an upstream patch to fix CVE-2017-14731 (Closes: #877442)
> 
> diff --git a/debian/changelog b/debian/changelog
> index 9fb1aa9..103b223 100644
> --- a/debian/changelog
> +++ b/debian/changelog
> @@ -1,3 +1,9 @@
> +libofx (1:0.9.11-5) unstable; urgency=high
> +
> +  * Add an upstream patch to fix CVE-2017-14731 (Closes: #877442).
> +
> + -- Dylan Aïssi <bob.dyb...@gmail.com>  Wed, 01 Nov 2017 22:44:52 +0100


Hi Dylan,
this vulnerability doesn't warrant a DSA.

There's still the possibility to fix this via a stable point update
[1], so I was wondering whether anything of that sort is planned by
you.

Cheers,
        Moritz

[1] 
https://www.debian.org/doc/manuals/developers-reference/ch05.html#upload-stable

Bug#877442: marked as pending

Reply via email to