On Wed, 20 Jan 2016 16:25:31 +0100 Salvatore Bonaccorso <car...@debian.org> wrote: > Hi Michael, > > Thanks for your reply. > > On Wed, Jan 20, 2016 at 04:01:22PM +0100, Michael Biebl wrote: > > On Sat, 25 Apr 2015 15:08:19 +0200 Salvatore Bonaccorso > > <car...@debian.org> wrote: > > > Source: network-manager > > > Version: 0.9.10.0-7 > > > Severity: normal > > > Tags: security upstream > > > > > > Hi, > > > > > > the following vulnerability was published for network-manager. > > > > > > CVE-2015-2924[0]: > > > IPv6 Hop limit lowering via RA messages > > > > > > If you fix the vulnerability please also make sure to include the > > > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > > > > > For further information see: > > > > > > [0] https://security-tracker.debian.org/tracker/CVE-2015-2924 > > > [1] https://bugzilla.redhat.com/show_bug.cgi?id=1209902 > > > > > > Please adjust the affected versions in the BTS as needed. > > > > The current versions in unstable/testing are not affected (fixed in > > 1.0.2, marked accordingly) > > Thanks I have updated the security-tracker accordingly. > > > Do you consider this issue important enough for a stable-security > > upload? > > We think it's not needed to release a fix via a DSA for it, but if you > can, a fix via a stable point release would be great. Cf. the 'no-dsa' > tag in https://security-tracker.debian.org/tracker/CVE-2015-2924 . > > Regards and thanks for your work,
Hm, this somehow fell through the cracks. I'm not planing an old-stable upload myself now (for the simple reason that I no longer have a jessie test system), but maybe the debian-lts team is interested, so CCing them. Regards, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
