Control: tags -1 + confirmed On Sun, 2016-09-04 at 13:14 +0200, Gert Wollny wrote: > The version of gdcm in jessie suffers from two security problems: > > CVE-2015-8396 [1] > CVE-2015-8397 [2] > > However, the security team notified my that the issue does not warrant a DSA > and I should instead just fix it via a jessie point release. > > The proposed patch against the package is enclosed, it adds the according > fixes > from the upstream repository.
+gdcm (2.4.4-3+deb8u1) jessie-proposed-updates; urgency=medium Simply "jessie" is preferred. Please go ahead. Regards, Adam
