Hi! On Wed, 2014-10-08 at 10:42:07 +0200, Michael Vogt wrote: > On Thu, Oct 02, 2014 at 06:29:45PM +0200, Guillem Jover wrote: > > Package: apt > > Version: 0.8.7 > > Severity: serious > > Tags: security patch
> > Attached a patch fixing this. This affects all versions starting from > > the one in squeeze. > > I'm not sure if this deserves a CVE or perhaps a lower severity? > [..] > > I uploaded a fix for wheezy now, squeeze is not affected, this feature > got added in 0.8.11 in debian so we should be safe here. Oh, indeed, sorry about the wrong version. I was confused by the git history: $ git show a4c404301df135bea81f23b944dc6e1967f9ca85 $ git describe --tags a4c404301df135bea81f23b944dc6e1967f9ca85 0.8.6-22-ga4c4043 Thanks, Guillem -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
