Hi Michael, Thanks for your reply.
On Wed, Jan 20, 2016 at 04:01:22PM +0100, Michael Biebl wrote: > On Sat, 25 Apr 2015 15:08:19 +0200 Salvatore Bonaccorso > <[email protected]> wrote: > > Source: network-manager > > Version: 0.9.10.0-7 > > Severity: normal > > Tags: security upstream > > > > Hi, > > > > the following vulnerability was published for network-manager. > > > > CVE-2015-2924[0]: > > IPv6 Hop limit lowering via RA messages > > > > If you fix the vulnerability please also make sure to include the > > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > > > For further information see: > > > > [0] https://security-tracker.debian.org/tracker/CVE-2015-2924 > > [1] https://bugzilla.redhat.com/show_bug.cgi?id=1209902 > > > > Please adjust the affected versions in the BTS as needed. > > The current versions in unstable/testing are not affected (fixed in > 1.0.2, marked accordingly) Thanks I have updated the security-tracker accordingly. > Do you consider this issue important enough for a stable-security > upload? We think it's not needed to release a fix via a DSA for it, but if you can, a fix via a stable point release would be great. Cf. the 'no-dsa' tag in https://security-tracker.debian.org/tracker/CVE-2015-2924 . Regards and thanks for your work, Salvatore
