Hi Jörg, On Sat, 25 Feb 2017, Jörg Frings-Fürst wrote: > > the Debian LTS team would like to fix the security issues which are > > currently open in the Wheezy version of sane-backends: > > https://security-tracker.debian.org/tracker/CVE-2017-6318 > > > > Would you like to take care of this yourself? > > Yes, I do it. > > At the moment I'm waiting for a response from upstream. I think the > patch breaks with the intention of the buggy function.
What's the status? More than 50 days elapsed already... and since you are affected to the issue, nobody else from the LTS team is looking at it. I saw you tagged #854804 as pending but I have not seen any fix in the packaging git repository: https://anonscm.debian.org/cgit/collab-maint/sane-backends.git The issue has been marked "no-dsa" in jessie. Do you intend to upload a stable upload for jessie? Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: https://www.freexian.com/services/debian-lts.html Learn to master Debian: https://debian-handbook.info/get/
