Hi, Niels Thykier <ni...@thykier.net> (2019-04-21): > On Fri, 12 Apr 2019 07:54:00 +0000 Niels Thykier <ni...@thykier.net> wrote: > > Control: tags -1 d-i confirmed > > > > Salvatore Bonaccorso: > > > Package: release.debian.org > > > Severity: normal > > > User: release.debian....@packages.debian.org > > > Usertags: unblock > > > > > > Hi, > > > > > > Please unblock package wget > > > > > > It fixes CVE-2019-5953, #926389 a buffer overflow vulnerability in the > > > handling of Internationalized Resource Identifiers (IRI), it was > > > adressed as well in DSA-4425-1 for stretch. > > > > > > Attached is the debdiff between 1.20.1-1 and 1.20.1-1.1. > > > > > > unblock wget/1.20.1-1.1 > > > > > > Regards, > > > Salvatore
> > OK from here; Cc'ing KiBi for a d-i ack. > > > > Thanks, > > ~Niels > > > > > > Gentle ping on this unblock request for a CVE fix in wget. No objections, thanks. Sorry, I had closed my local todo item as I thought it was done already, but I got confused there (was probably thinking about the openssl bug fix that made wget work in d-i)… Cheers, -- Cyril Brulebois (k...@debian.org) <https://debamax.com/> D-I release manager -- Release team member -- Freelance Consultant
signature.asc
Description: PGP signature
