On Mon, Apr 16, 2018 at 03:44:50PM +0100, Chris Lamb wrote:
> [adding t...@security.debian.org to CC]
>
> Hi,
>
> > patch: CVE-2018-1000156: input validation vulnerability when processing
> > patch files
>
> I've fixed this in wheezy; would you like for an update for jessie and
> stretch whilst it's fresh in my mind? The patch (hah!) did require some
> modification for wheezy after all.
We're not planning to issue a DSA for this, but Laszlo is working on
updates for point releases. Best to sync up directly with him if only to
compare the debdiffs you came up with.
Cheers,
Moritz
