Wheezy update of vorbis-tools for CVE-2015-6749
Petter Reinholdtsen
pere at hungry.com
Sun Jul 2 08:07:41 UTC 2017
Hi. I got tired of CVE-2015-6749 showing up on
<URL: https://udd.debian.org/dmd.cgi?email1=pere%40debian.org > and
would like to provide an update for oldoldstable/Wheezy to fix the old
security issue. Alexander Wirt suggested I follow the procedure on
<URL: https://wiki.debian.org/LTS/Development >, but I must admit I am
not up to date on the latest procedure and wonder if someone might help
me.
The fixed package is available in git as
<URL: https://anonscm.debian.org/cgit/pkg-xiph/vorbis-tools.git/log/?h=debian/wheezy >.
It uses the same patch as was used to fix the issue in jessie, stretch
and beyon.
Should this update be announced on the announcement list? Does it need
a DLA? The security team tagged it no-dsa. I can build, test and
upload, but am unsure abount the announcing part.
--
Happy hacking
Petter Reinholdtsen
More information about the pkg-xiph-maint
mailing list