Control: tags -1 + confirmed On Tue, 2014-04-15 at 16:45 -0400, David Prévot wrote: > As agreed with the security team, we’d like to address CVE-2014-2053 in > stable (oldstable being not affected) via pu instead of a proper DSA > because php-getid3 is a leaf package in stable and the vulnerability > likely hard to be exposed in practice. > > php-getid3 1.9.7-2 fixed the issue in unstable.
Please go ahead; thanks. Regards, Adam -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
