Hi Hugo,
On 21.07.19 18:30, Hugo Lefeuvre wrote:
Dear libsdl2-image maintainers,
I have prepared a jessie (LTS) update addressing libsdl2-image's current
security issues. I will coordinate with the security team to possibly fix
them in a future stretch/buster point update.
Are you planning to address these issues in testing? Packaging upstream's
latest 2.0.5 release should be sufficient, but they can also be addressed
with more targeted fixes.
I can provide some help if needed.
Thanks for your work!
I'm preparing a 2.0.5 upload right now.
As far as I can tell all CVEs in the tracker are fixed with 2.0.5.
Do you agree?
Cheers,
Felix
