Salvatore Bonaccorso writes: > Control: reopen -1 > Control: found -1 12.2.0-1 > Hi,
>> sysstat (12.2.0-1) unstable; urgency=medium >> . >> * New upstream stable version: >> + fixes double free in check_file_actlst in check_file_actlst in >> sa_common.c (CVE-2019-19725, closes: #946657). > > But this is not actually true I believe. > https://github.com/sysstat/sysstat/commit/a5c8abd4a481ee6e27a3acf00e6d9b0f023e20ed > is not applied in 12.2.0-1, and I do not see it applied as patch as I don't know why, but I've assumed that 12.2.0 fixed the issue :( Thanks for noticing my mistake; I'll apply the upstream patch in -2 shortly. Regards, robert
