Jay Berkenbilt <q...@debian.org> wrote: > Jay Berkenbilt <q...@debian.org> wrote: > >> So basically, as far as I can tell, the only remaining actions to get us >> caught up are to apply CVE-2013-1961 to tiff in squeeze. I can prepare >> a security upload for that. > > Oops, I meant to say to apply the patch from tiff in squeeze to tiff3 in > sid.
An upload to unstable of tiff3 with the tiny bit left of CVE-2013-1961 that applies to it is coming momentarily. I went ahead and upgraded to 3.9.7 which incorporates many of the existing patches. I uploaded this with urgency=low because of the new upstream version and because what's left of the security patch is so tiny. Feel free to override if that was a mistake. I believe CVE-2013-1961.patch should apply to the version in wheezy, perhaps with a small offset. It should therefore be straightforward to update the version in stable. -- Jay Berkenbilt <q...@debian.org> -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
