On 28.02.2016 19:42, Salvatore Bonaccorso wrote: > CVE-2014-2383 should actually be already fixed in 0.6.1+dfsg-1. Is > that wrong? > > https://security-tracker.debian.org/tracker/CVE-2014-2383 > https://bugs.debian.org/745619
Thats seems to be correct, upstream mentioned it on 0.6.2 as well. I guess because CVE-2014-5013 is a follow-up for that. Will remove it from the changelog. Cheers Markus Frosch -- mar...@lazyfrosch.de / lazyfro...@debian.org http://www.lazyfrosch.de
signature.asc
Description: OpenPGP digital signature
