Discussion:
Bug#943766: buster-pu: package libofx/1:0.9.14-1+deb10u1
Add Reply
Dylan Aïssi
2019-10-29 14:30:02 UTC
Reply
Permalink
Package: release.debian.org
Severity: normal
Tags: buster
User: ***@packages.debian.org
Usertags: pu

Dear release team,
Upstream has fixed CVE-2019-9656, this CVE is non-dsa. I already
backported patches to unstable (#924350) and now I would like to fix
the Buster version. Please find attached a debdiff.

Best,
Dylan
Adam D. Barratt
2019-11-08 22:10:02 UTC
Reply
Permalink
Control: tags -1 + confirmed
Post by Dylan Aïssi
Upstream has fixed CVE-2019-9656, this CVE is non-dsa. I already
backported patches to unstable (#924350) and now I would like to fix
the Buster version. Please find attached a debdiff.
Please go ahead.

Regards,

Adam
Adam D Barratt
2019-11-09 20:00:02 UTC
Reply
Permalink
package release.debian.org
tags 943766 = buster pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian buster.

Thanks for your contribution!

Upload details
==============

Package: libofx
Version: 0.9.14-1+deb10u1

Explanation: fix null pointer dereference issue [CVE-2019-9656]

Loading...