Hi Chris, Le vendredi, 6 janvier 2017, 06.28:58 h CET Chris Lamb a écrit : > the Debian LTS team would like to fix the security issues which are > currently open in the Wheezy version of jbig2dec: > https://security-tracker.debian.org/tracker/source-package/jbig2dec > > Would you like to take care of this yourself?
If you are referring to [CVE-2016-9601], it seems quite premature to fix this
in Wheezy, as according to [GS:697457], there is currently no upstream fix
available (so all our releases are apparently affected).
I am not going to write a fix for that myself, at least, but feel free to
coordinate this with upstream!
--
Cheers,
OdyX
[CVE-2016-9601] https://security-tracker.debian.org/tracker/CVE-2016-9601
[GS:697457] https://bugs.ghostscript.com/show_bug.cgi?id=697457
signature.asc
Description: This is a digitally signed message part.
