Hi Roman Thank you for this information.
Marked this as not vulnerable now. // Ola On 24 December 2016 at 09:34, Roman Tsisyk <ro...@tarantool.org> wrote: > Dear Ola, > >>Saturday, December 24, 2016 1:36 AM +03:00 from Ola Lundqvist >><o...@inguza.com>: >> >>Hello dear maintainer(s), >> >>the Debian LTS team would like to fix the security issues which are >>currently open in the Wheezy version of tarantool: >>https://security-tracker.debian.org/tracker/CVE-2016-9036 >>https://security-tracker.debian.org/tracker/CVE-2016-9037 >> >>Would you like to take care of this yourself? > > Fixed version ( 1.7.2.385.g952d79e-1) is already uploaded to unstable [1]. > > [1]: https://tracker.debian.org/news/824254 > > Tarantool 1.4.6 in oldstable and 1.5.2 in stable are NOT AFFECTED by these > security vulnerabilities. > > -- > WBR, > Roman Tsisyk <ro...@tarantool.org> > http://tarantool.org/ - an efficient in-memory data store and a Lua > application server -- --- Inguza Technology AB --- MSc in Information Technology ---- / o...@inguza.com Folkebogatan 26 \ | o...@debian.org 654 68 KARLSTAD | | http://inguza.com/ Mobile: +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / ---------------------------------------------------------------
