[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Fixing CVEs fixed in ELA-909-1/DLA-3513-1 in (old)stable

Hi,

On Sun, Nov 26, 2023 at 6:05 PM Utkarsh Gupta <utkarsh@freexian.com> wrote:
>
> Hi Adrian,
>
> Thanks for working on tiff. I saw the ELA-909/DLA-3513 fixes a bunch
> of things in buster, stretch, and jessie. Great, thanks for that.
> However, https://deb.freexian.com/extended-lts/tracker/source-package/tiff
> looks a bit odd to see that (old)stable are the only releases with no
> fixes, can you please prep fixes for that, too, in coordination with
> security team and the maintainer?
>
> We've been trying to fix such issues and it'll be great if we can
> bridge such issues. Many thanks.
>

Thanks for ping on the tiff issue - there are updates prepared on
security-master for (old)stable to fix CVE-2023-3576, CVE-2023-40745
and CVE-2023-41175. I was waiting for autopkgtest results during the
weekend and it appears to be all good now, will release them shortly.


Regards,
Aron
Reply to: