Richard Atterer wrote:
> > Since CVE-2009-2625 doesn't allow code injection, but only DoS and given
> > that libwww in oldstable is only used by wmweather, I think we can ignore
> > it, unless Nico wants to work on an update?
>
> Well, I've already prepared new versions of the packages, although they are
> completely untested ATM, except that I had a look at them with
> debdiff/interdiff: <http://atterer.net/libwww/>
Please upload this for a oldstable point update. Please use
distribution=oldstable
and file a bug against release.debian.org (with reportbug from
testing/unstable),
so that the stable release managers can ack the upload.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
