Control: tags -1 + confirmed On Mon, 2017-01-02 at 17:27 +0000, Gianfranco Costamagna wrote: > CVE-2016-10087 is not worth a DSA, Security Team asked for a point release > update. > > diff -Nru libpng-1.2.50/debian/changelog libpng-1.2.50/debian/changelog > --- libpng-1.2.50/debian/changelog 2016-01-07 20:39:14.000000000 +0100 > +++ libpng-1.2.50/debian/changelog 2017-01-02 18:24:35.000000000 +0100 > @@ -1,3 +1,10 @@ > +libpng (1.2.50-2+deb8u3) jessie; urgency=medium > + > + * debian/patches/CVE-2016-10087.patch: > + - cherry-pick upstream fix for CVE-2016-10087
Please go ahead. Regards, Adam
