Control: tags -1 + confirmed On Tue, 2015-06-09 at 19:53 +0200, Philip Rinn wrote: > rawtherapee is affected by the security issue CVE-2015-3885. It's marked > no-dsa > that's why I want to coordinate the update with you. > > I attached the debdiff.
+rawtherapee (4.0.9-4+deb7u1) wheezy-security; urgency=high + + * Add patch debian/patches/04-fix_CVE-2015-3885.patch: + - Fix dcraw imput sanitization errors (CVE-2015-3885) As with the jessie update, please drop "-security" from the distribution and go ahead. Regards, Adam -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/1433873787.32653.3.ca...@adam-barratt.org.uk
