On Tue, Aug 07, 2018 at 11:08:36AM +0200, Salvatore Bonaccorso wrote: > Hi Antonio, > > On Tue, Aug 07, 2018 at 09:55:59AM +0100, Antonio Radici wrote: > > Package: mutt > > Version: 1.7.2-1 > > Severity: grave > > Tags: security upstream > > Justification: security update > > > > Tracking bug for security updates for mutt in stretch. > > > > Details on https://security-tracker.debian.org/tracker/source-package/mutt > > FTR, There is #904051 (for those issues which are fixed in 1.10.1-1 > but not those which were affected only in the neomutt patch). > > There are a couple of CVEs which are adressed in sid by 1.9.1-1 where > it was switched to official mutt.org package without neomutt patchset > and were previous versions were shipping the neomutt patchset. > > So I think in principle we cann forcemerge 905618 into 904051.
Ack, it makes sense, I can use that one.I did open a new one because #904051 was closed. I've just finished with all the patches and they are in git right now, I'm building the package as we speak (or write).
