On 12/30/2014 01:43 PM, Matthias Klose wrote: > On 12/30/2014 01:27 PM, Alexander Cherepanov wrote: >> On 2014-12-30 14:05, Matthias Klose wrote: >>> - several fixes for CVE issues, the security team asked to include these >>> into jessie. >>> - CVE-2014-8484 (PR binutils/17509). >>> - CVE-2014-8485, CVE-2014-8504 (PR binutils/17510). >>> - CVE-2014-8501, CVE-2014-8502, CVE-2014-8503 (PR binutils/17512). >> >> Please note that PR binutils/17512 includes much more issues/fixes than those >> CVEs. And there is also PR binutils/17531 ... > > sure, that one should go in as well. I'll be mostly afk during the next two > weeks, so a NMU addressing these would be appreciated. Could you prepare one?
unfortunately, there was no help with a backport :-/ 2.25-4 now backports the changes up to the end of 2014, leaving out the new 2015 changes for 17512. I won't spend time on these, as upstream committed to backport these to the 2.25 branch themself. Matthias -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/54b906b8.6010...@debian.org
