Hi,
After much digging, I believe I have found the relevant issue and
commits to fix the CVE-2017-5661 issue in fop. I have backported the
patch to our 1.0 release in LTS and it seems to compile fine. However, I
haven't performed any tests because I lack experience with that peculiar
infrastructur
Control: forwarded -1 https://issues.apache.org/jira/browse/FOP-2668
On 2017-04-26 08:07:33, Mathieu Malaterre wrote:
> Hi Ola,
>
> On Sun, Apr 23, 2017 at 9:46 PM, Ola Lundqvist wrote:
>> Dear maintainer(s),
>>
>> The Debian LTS team would like to fix the security issues which are
>> currently o
Hi,
As previously mentioned, I have worked on an update for the Batik
package. I have basically assumed the issue is the upstream BATIK-1139
issue, and used the patches refered to there:
https://issues.apache.org/jira/browse/BATIK-1139
That may be incorrect and because we don't have a reproducer
On 2017-04-23 23:06:57, Emilio Pozuelo Monfort wrote:
> On 23/04/17 21:50, Ola Lundqvist wrote:
>> Dear maintainer(s),
>>
>> The Debian LTS team would like to fix the security issues which are
>> currently open in the Wheezy version of batik:
>> https://security-tracker.debian.org/tracker/CVE-2017
Dear maintainer(s),
The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of trafficserver:
https://security-tracker.debian.org/tracker/CVE-2017-5659
Would you like to take care of this yourself?
If yes, please follow the workflow we have defin