Source: isc-kea Version: 1.4.0-1 Severity: grave Tags: security upstream Hi,
The following vulnerability was published for isc-kea. The version in unstable is not affected by the issue, but 1.4.0 was uploaded to experimental. To avoid the issue enters unstable, making the bug RC (technically would possibly not justify the RC severity). That is, can you please only upload a version >= 1.4.0-P1 to unstable? [In case though I missed something let me know please] CVE-2018-5739[0]: failure to release memory may exhaust system resources If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-5739 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5739 [1] https://kb.isc.org/article/AA-01626 Regards, Salvatore
