Hi On Wed, Feb 07, 2018 at 12:26:58PM +0100, Thomas Goirand wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Dear security team, > > I have built an update of miniupnpd for Stretch. However, it's unclear > to me if this should go through stretch-pu, or through stretch-security. > Please let me know. > > In case you would like to get it through stretch-security, here's a > debdiff attached.
Cf. https://security-tracker.debian.org/CVE-2017-1000494 We marked the issue as no-dsa, so no DSA via security.d.o is planned. Can you shedule fixes via upcoming point releases and contact the stable release managers? Regards, Salvatore

