On Tue, Nov 03, 2015 at 10:41:27AM +0100, Raphael Hertzog wrote: > the Debian LTS team would like to fix the security issues which are > currently open in the Squeeze version of libhtml-scrubber-perl: > https://security-tracker.debian.org/tracker/CVE-2015-5667
Thanks for the notice. I've filed #803943 to track this. The impact seems severe enough for stable updates, given that the sole purpose of HTML-Scrubber is to take core of issues like this. > Would you like to take care of this yourself? If we end up updating wheezy and jessie, I don't think squeeze would add much to the load. Conversely, if wheezy and jessie aren't updated, there's not much point in fixing squeeze. Let's see if somebody else from the pkg-perl picks this up; I'm not too keen on it but I guess I'll handle it if nobody else does. -- Niko Tyni nt...@debian.org
