On 2016-02-23 12:29, Laurent Destailleur (aka Eldy) wrote:
To fix opened securities hole into dolibarr stable package, i prepared
the following 3 patch. This patch is now already included into
unstable.
It fixes the following CVE:
* Fix CVE-2016-1912 (Closes: #812496)
* Fix CVE-2015-8685 (Closes: #812449)
* Fix CVE-2015-3935 (Closes: #787762)
This is the debdiff. Can my mentor (Raphael Hertzog) push the new
package with this patch into stable ?
Are you asking about stable or stable-security? Your changelog doesn't
say either but you appear to have CCed the Security Team whilst
following up to a release.debian.org bug.
Regards,
Adam
