Control: tags -1 + confirmed On Sun, 2016-11-06 at 14:58 +0100, Reiner Herrmann wrote: > musl in jessie is affected by CVE-2016-8859. > The attached patch cherry-picks the upstream commit, > which fixes this issue. > The security team marked it as no-dsa, so I'm requesting > it to be included in the next jessie update.
+musl (1.1.5-2+deb8u1) jessie-security; urgency=high That should be "jessie" for a non-security upload. With the above change, and assuming that the resulting package has been tested on jessie, please go ahead. Regards, Adam
