On Sat, Aug 3, 2013 at 13:51:58 +0100, Gianfranco Costamagna wrote: > Hi Developers and release team. > > > Since libpng 1.5.11 is vulnerable to CVE-2012-3386 [1], fixed in 1.5.12 and > 1.6.3, and that this transition hadn't hit wheezy, I would like to suggest > you to change the transition directly to 1.6.3 instead of 1.5. > Not our call. Somebody needs to get a not-completely-broken newer libpng package in to experimental, then we can talk.
Cheers, Julien
signature.asc
Description: Digital signature
