Hello James,
The Debian LTS team would like to fix the security issues which are
currently open in the Jessie version of polarssl/mbedtls:
https://security-tracker.debian.org/tracker/CVE-2018-0498
https://security-tracker.debian.org/tracker/CVE-2018-0497
Would you like to take care of this yours
On 2018-09-02 17:08:09, Brian May wrote:
> Antoine Beaupré writes:
>
>> What do you think? Should we push this forward?
>
> I am somewhat concerned that by fixing this we might be breaking
> something. Even if it is 100% broken behaviour, maybe some application
> depends on this?
>
> Is the potent
Antoine Beaupré writes:
> What do you think? Should we push this forward?
I am somewhat concerned that by fixing this we might be breaking
something. Even if it is 100% broken behaviour, maybe some application
depends on this?
Is the potential attack bad enough to justify potential breakage? I