Package: release.debian.org Severity: normal Tags: stretch User: release.debian....@packages.debian.org Usertags: pu
Hey, in order to fix CVE-2017-9604: "Send Later with Delay bypasses OpenPGP" (Closes: #864803), I want to request a point update for kdepim. As discussed in #864803, the security team don't want to warrent a DSA on it's own. And propose to do a pu for kdepim. Just for keeping the overview: * for jessie we need only kdepim updated (see #869573) * for stretch the kdepim package was splitted into kf5-messagelib and kdepim, and both needs to be updated in order to fix CVE-2017-9604. Both packages are fixed in testing with the version: kdepim 4:16.04.3-4 kf5-messagelib 4:16.04.3-3 Best Regards, sandro -- System Information: Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'oldstable-updates'), (500, 'unstable'), (500, 'testing'), (500, 'oldstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.11.0-2-amd64 (SMP w/4 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE=en_US (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
