Hi, On 27-09-17, Debian Bug Tracking System wrote: > * New upstream version 4.5 > - Fix buffer overflow if NULL line is present in db (CVE-2017-12424) > (Closes: #756630) > - Make the sp_lstchg shadow field reproducible (Closes: #857803) > - Fix regression in useradd not loading defaults properly. > (Closes: #865762)
Thanks for the update. However, will shadow 4.5 get pushed to stretch? If stretch is stuck with shadow 4.4, then the patch I supplied should be applied to stretch to fix this issue. Thanks, Baptiste
