Bug#841234: jessie-pu: package libiberty/20141014-1
Control: tag -1 moreinfo
On Tue, Oct 18, 2016 at 20:32:56 +0200, Anton Gladky wrote:
> Package: release.debian.org
> Severity: normal
> Tags: jessie
> User: release.debian.org@packages.debian.org
> Usertags: pu
>
> Dear release team,
>
> libiberty needs to be updated in Jessie, because the newer version
> fixes many security issues:
>
> CVE-2016-4487 CVE-2016-4488 CVE-2016-4489 CVE-2016-4490
> CVE-2016-4492 CVE-2016-4493 CVE-2016-2226 CVE-2016-6131
>
What makes it impossible to backport just the fixes for the above
issues, rather than importing a full new upstream release? A short
description of the issues so we don't have to look them up would also
have been helpful.
Thanks,
Julien
Reply to: