Control: tags -1 + pending On Thu, 2017-01-05 at 19:51 +0000, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Mon, 2017-01-02 at 17:27 +0000, Gianfranco Costamagna wrote: > > CVE-2016-10087 is not worth a DSA, Security Team asked for a point release > > update. > > > > diff -Nru libpng-1.2.50/debian/changelog libpng-1.2.50/debian/changelog > > --- libpng-1.2.50/debian/changelog 2016-01-07 20:39:14.000000000 +0100 > > +++ libpng-1.2.50/debian/changelog 2017-01-02 18:24:35.000000000 +0100 > > @@ -1,3 +1,10 @@ > > +libpng (1.2.50-2+deb8u3) jessie; urgency=medium > > + > > + * debian/patches/CVE-2016-10087.patch: > > + - cherry-pick upstream fix for CVE-2016-10087 > > Please go ahead.
Uploaded and flagged for acceptance. Regards, Adam
