HI Adam, Not Moritz here but can answer the question as well:
On Fri, Mar 18, 2016 at 07:22:34PM +0000, Adam D. Barratt wrote: > Control: tags -1 + moreinfo > > On Fri, 2016-03-18 at 19:33 +0100, Moritz Muehlenhoff wrote: > > I'd like to fix a security issue in GTK, which doesn't really warrant > > a DSA. Debdiff below, I've been running this on my jessie > > workstation for a day now. > > > > Cheers, > > Moritz > > > > diff -Nru gtk+2.0-2.24.25/debian/changelog gtk+2.0-2.24.25/debian/changelog > > --- gtk+2.0-2.24.25/debian/changelog 2015-03-03 19:39:59.000000000 > > +0100 > > +++ gtk+2.0-2.24.25/debian/changelog 2016-03-17 23:20:16.000000000 > > +0100 > > @@ -1,3 +1,9 @@ > > +gtk+2.0 (2.24.25-3+deb8u1) jessie; urgency=medium > > + > > + * CVE-2013-7447 (Closes: #799275) > > The Security Tracker suggests that this isn't fixed in the version of > gtk+2.0 in unstable; is that correct? Yes it is as well unfixed there. I just have proposed a NMU in https://bugs.debian.org/799275#39 Hope this helps, Regards, Salvatore
