Bug#841234: jessie-pu: package libiberty/20141014-1
On Sat, 2016-12-17 at 11:42 +0100, Julien Cristau wrote:
> Control: tag -1 moreinfo
>
> On Tue, Oct 18, 2016 at 20:32:56 +0200, Anton Gladky wrote:
>
> > Package: release.debian.org
> > Severity: normal
> > Tags: jessie
> > User: release.debian.org@packages.debian.org
> > Usertags: pu
> >
> > Dear release team,
> >
> > libiberty needs to be updated in Jessie, because the newer version
> > fixes many security issues:
> >
> > CVE-2016-4487 CVE-2016-4488 CVE-2016-4489 CVE-2016-4490
> > CVE-2016-4492 CVE-2016-4493 CVE-2016-2226 CVE-2016-6131
> >
>
> What makes it impossible to backport just the fixes for the above
> issues, rather than importing a full new upstream release? A short
> description of the issues so we don't have to look them up would also
> have been helpful.
>
Ping? The above was 18 months ago, and we're within a few days of
closing updates to jessie before it becomes LTS.
Regards,
Adam
Reply to: