[Pkg-auth-maintainers] Bug#906128: libykpiv1 impacted by CVE-2018-14779 and CVE-2018-14780
Salvatore Bonaccorso
carnil at debian.org
Tue Aug 14 20:55:39 BST 2018
Hi Nicolas,
On Tue, Aug 14, 2018 at 08:36:10PM +0200, Nicolas Braud-Santoni wrote:
> Hi,
>
> Gunnar Wolf sponsored the upload to sid (thanks!) and I just prepared an
> upload for stretch-security. It is available in the branch debian/stretch on:
>
> https://salsa.debian.org/auth-team/yubico-piv-tool.git
>
> If the security team finds it suitable, please upload directly.
The issue does not warrant a DSA (was marked no-dsa in the tracker
already). Can you though propose a fix to be included in the next
stretch point release?
Regards,
Salvatore
More information about the Pkg-auth-maintainers
mailing list