Hi, On Fri, 19 Jul 2019 20:35:19 +0200 =?UTF-8?Q?Hilmar_Preu=c3=9fe?= <hill...@web.de> wrote: > On 19.07.19 17:41, Moritz Muehlenhoff wrote: > > Hi, > > > Please see: > > http://bugs.proftpd.org/show_bug.cgi?id=4372 > > https://github.com/proftpd/proftpd/pull/816 > > > The patch from upstream applies nicely to our master branch (and would > apply to the buster package too). I could upload the fix to Debian sid > right now. Will you care about stable and oldstable?
I can take care of oldstable because I wanted to upload a new stretch-pu anyway. We can either choose to release the fix for CVE-2019-12815 via DSA separately and afterwards I merge it into the stretch-pu or we can do all at once. There are considerable changes to fix the previous memory leaks which would make the diff harder to review though. Regards, Markus
signature.asc
Description: OpenPGP digital signature
