Re: Question about patch for CVE-2017-14062 on stretch

help-libidn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Question about patch for CVE-2017-14062 on stretch

From:	Tim Rühsen
Subject:	Re: Question about patch for CVE-2017-14062 on stretch
Date:	Wed, 15 Jan 2020 21:05:17 +0100
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.3.1

Hi John,

On 15.01.20 17:22, John McCabe wrote:
> Hi, 
> I notice that a patch for CVE-2017-14062 was made available for jessie
> (security), bullseye, sid and buster but not stretch.
> 
> Could I possibly ask why stretch didn't get a fix (I assume there's a
> policy that I'm not aware of so apologies in advance for a dumb question.).

That is a decision made by Debian and we are not Debian or part of it.

Maybe someone reading this ML can answer your question. But still the
best place for such a question would IMO be https://bugs.debian.org
(package libidn11) or one of Debian's mailing lists (can say which is
the best).

Regards, Tim

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

Question about patch for CVE-2017-14062 on stretch, John McCabe, 2020/01/15
- Re: Question about patch for CVE-2017-14062 on stretch, Tim Rühsen <=

Prev by Date: Question about patch for CVE-2017-14062 on stretch
Next by Date: Bug#949705: libidn2: binary-arch target depends on makeinfo (but texinfo is in Build-Depends-Indep)
Previous by thread: Question about patch for CVE-2017-14062 on stretch
Next by thread: Bug#949705: libidn2: binary-arch target depends on makeinfo (but texinfo is in Build-Depends-Indep)
Index(es):
- Date
- Thread