Security update of polarssl/mbedtls?

Hello James, The Debian LTS team would like to fix the security issues which are currently open in the Jessie version of polarssl/mbedtls: https://security-tracker.debian.org/tracker/CVE-2018-0498 https://security-tracker.debian.org/tracker/CVE-2018-0497 Would you like to take care of this yours

Re: twitter-bootstrap / CVE-2018-14040 / CVE-2018-14041 / CVE-2018-14042

On 2018-09-02 17:08:09, Brian May wrote: > Antoine Beaupré writes: > >> What do you think? Should we push this forward? > > I am somewhat concerned that by fixing this we might be breaking > something. Even if it is 100% broken behaviour, maybe some application > depends on this? > > Is the potent

Re: twitter-bootstrap / CVE-2018-14040 / CVE-2018-14041 / CVE-2018-14042

Antoine Beaupré writes: > What do you think? Should we push this forward? I am somewhat concerned that by fixing this we might be breaking something. Even if it is 100% broken behaviour, maybe some application depends on this? Is the potential attack bad enough to justify potential breakage? I