Ola Lundqvist <o...@inguza.com> writes: > Dear maintainers, > > The Debian LTS team would like to fix the security issues which are > currently open in the Wheezy version of ledger: > https://security-tracker.debian.org/tracker/CVE-2017-2807 > https://security-tracker.debian.org/tracker/CVE-2017-2808 > > These two issues do not seem to be trivial to exploit in an useful way > but it is better to be safe than sorry so therefore it would be good to > have them fixed. > > Would you like to take care of this yourself?
No, I have no plans to work on LTS support for ledger. As far as I know there isn't currently a fix for these problems (in any release of Debian or upstream). If you know otherwise please follow up to Debian bug 870900.
