Hi Salvatore, Matthieu, I'm going to bump unstable to 2.3.1, this should address the four currently open issues.
Matthieu, if you want to double check the debdiff before upload, let me know. :)
I might prepare a small jessie update for CVE-2018-21010. I had a quick
look, and so far it seems that this vulnerability would allow significant
heap write overflow. Hard to exploit, but this is enough for a DLA, in my
opinion.
Regarding stretch and buster, I don't think this is worth a DSA, but we
could fix this via a point update later on.
cheers,
Hugo
--
Hugo Lefeuvre (hle) | www.owl.eu.com
RSA4096_ 360B 03B3 BF27 4F4D 7A3F D5E8 14AA 1EB8 A247 3DFD
ed25519_ 37B2 6D38 0B25 B8A2 6B9F 3A65 A36F 5357 5F2D DC4C
signature.asc
Description: PGP signature
