[Secure-testing-team] Bug#847485: unzip: CVE-2014-9913: buffer oveflowin "unzip -l" via list_files() in list.c
Santiago Vila
sanvila at unex.es
Wed Dec 14 20:41:57 UTC 2016
Hello Salvatore and security people.
The fixed package for this CVE (and the other "twin" CVE) is in its
way to unstable, but it will take 10 days.
If we need a shorter time, we (well, secure-testing-team I suppose)
can ask the release managers to reduce the time.
Will there be also a security upload for stable, or maybe I should try
an upload for jessie-proposed-updates in the same way we did for "tre"?
(which was low priority and did not deserve a DSA)
Thanks.
More information about the Secure-testing-team
mailing list