Hi, On Wed, Mar 01, 2017 at 08:51:19AM +0100, S??bastien Delafond wrote: > Hi Kevin, > > those 4 security issues were fixed via DSA-3798-1 in jessie-security, by > backporting the appropriate upstream changes (thanks to Thorsten for > doing that). > > I've verified 1.4.13 only contains those security fixes, and no new > major evolution or feature, so could you please prepare and upload it to > unstable ? The Security Team would then be able to ask for an unblock so > those problems also end up fixed in stretch.
FTR, the fixes might contain a regression, cf. #857342. But this should be clarified with upstream if the assert is too overly-scrict. (It is another aspect, if it is right to use asserts to catch the issues) or if that should be handled more gracefully. Regards, Salvatore
