Bug#841234: jessie-pu: package libiberty/20141014-1

To: Julien Cristau <jcristau@debian.org>, 841234@bugs.debian.org, gladk@debian.org
Subject: Bug#841234: jessie-pu: package libiberty/20141014-1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Wed, 13 Jun 2018 21:17:37 +0100
Message-id: <[🔎] 1528921057.2806.73.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 841234@bugs.debian.org
In-reply-to: <20161217104204.r7va5kofmcnxwlh5@betterave.cristau.org>
References: <147681557690.8221.9618798494427118183.reportbug@debian> <20161217104204.r7va5kofmcnxwlh5@betterave.cristau.org> <147681557690.8221.9618798494427118183.reportbug@debian>

On Sat, 2016-12-17 at 11:42 +0100, Julien Cristau wrote:
> Control: tag -1 moreinfo
> 
> On Tue, Oct 18, 2016 at 20:32:56 +0200, Anton Gladky wrote:
> 
> > Package: release.debian.org
> > Severity: normal
> > Tags: jessie
> > User: release.debian.org@packages.debian.org
> > Usertags: pu
> > 
> > Dear release team,
> > 
> > libiberty needs to be updated in Jessie, because the newer version
> > fixes many security issues:
> > 
> > CVE-2016-4487 CVE-2016-4488 CVE-2016-4489 CVE-2016-4490
> > CVE-2016-4492 CVE-2016-4493 CVE-2016-2226 CVE-2016-6131
> > 
> 
> What makes it impossible to backport just the fixes for the above
> issues, rather than importing a full new upstream release?  A short
> description of the issues so we don't have to look them up would also
> have been helpful.
> 

Ping? The above was 18 months ago, and we're within a few days of
closing updates to jessie before it becomes LTS.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#841234: jessie-pu: package libiberty/20141014-1
  - From: Anton Gladky <gladk@debian.org>

Prev by Date: Bug#804787: jessie-pu: package servefile/0.4.3-1
Next by Date: Bug#848365: jessie-pu: package coquelicot/0.9.2-4+deb8u1
Previous by thread: Bug#804787: jessie-pu: package servefile/0.4.3-1
Next by thread: Bug#841234: jessie-pu: package libiberty/20141014-1
Index(es):
- Date
- Thread