Hi Salvatore, On Wed, 2017-12-06 at 20:32 +0100, Salvatore Bonaccorso wrote: > > Thank you. > > MITRE has assigned CVE-2017-17446 for this issue. > > I do not think we need a DSA for this issue, but could be fixed via a > point release.
Upstream did a new release with a fix for this very crash, and also added some more checks for preventing similar bugs to the code. I'm uploading that to unstable now. This release only really contains the fix, nothing else, and if that's all fine with you it could also go into the next stable point release.
signature.asc
Description: This is a digitally signed message part
