On Sun, Nov 11, 2018 at 12:15:52AM +0100, Lee Garrett wrote: > Quick follow-up: I don't have a patch for CVE-2018-10875. However, the patch > in question I have is for CVE-2018-10855, which is already checked in on the > stretch branch of the packaging repo. > > For some reason the security tracker has this CVE marked as "not affected", > although I could reproduce the issue on stretch.
Thanks, I've updated the Security Tracker, it should soon show up as affected again. Cheers, Moritz