Control: tags -1 + pending On Sun, 2016-11-06 at 14:44 +0000, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Sun, 2016-11-06 at 14:58 +0100, Reiner Herrmann wrote: > > musl in jessie is affected by CVE-2016-8859. > > The attached patch cherry-picks the upstream commit, > > which fixes this issue. > > The security team marked it as no-dsa, so I'm requesting > > it to be included in the next jessie update. > > +musl (1.1.5-2+deb8u1) jessie-security; urgency=high > > That should be "jessie" for a non-security upload. > > With the above change, and assuming that the resulting package has been > tested on jessie, please go ahead.
Uploaded and flagged for acceptance. Regards, Adam
