Control: tags -1 + confirmed On Wed, 2019-01-09 at 06:58 +0100, Xavier Guimard wrote: > Hello, twitter-bootstrap3 has some CVEs to fix (issues marked as > no-dsa). This patch imports related fix from twitter-bootstrap 3.4.
+twitter-bootstrap3 (3.3.7+dfsg-3+deb9u1) stretch; urgency=high stretch currently has -2, so this should be -2+deb9u1 + * Team upload. + * Fix multiples XSS vulnerabilities (Closes: #907414) "multiple". It would also be helpful to explicitly list the relevant CVEs. With the above fixes, please go ahead. Regards, Adam