> > Just to clarify what's needed here - are you part of Debian LTS? > > What a difficult question to answer straight. Yes and no. Yes, I lurk on > this e-mail list, yes, I have the intention to take care of "my" own > packages as said multiple times on this list.
Oh, I didn't mean to put you in a difficult position - am fairly "new" so haven't seen you on the list before. I also didn't mean to imply anything negative, I just didn't want either of us to do unnecessary duplicated work. :) > So, if you can check and test my debdiff you can upload and announce if > you are satisfied with it Looks good, at least by eye. However, Buxy pointed me towards a supplementary CVE-2015-8377 (http://seclists.org/fulldisclosure/2015/Dec/att-57/cacti_sqli%281%29.txt) - we should probably test and upload these at the same time. Best, -- Chris Lamb chris-lamb.co.uk / @lolamby
