[Pkg-auth-maintainers] Bug#906258: stretch-pu: package yubico-piv-tool/1.4.2-2

Nicolas Braud-Santoni nicolas at braud-santoni.eu
Thu Aug 16 09:01:26 BST 2018


Package: release.debian.org
Severity: normal
Tags: stretch security
User: release.debian.org at packages.debian.org
Usertags: pu
Control: block 906128 by -1

Hi,

I would like to upload a fix for #906128 (CVE-2018-14779 and CVE-2018-14780)
to stretch-pu; I already backported the fix from upstream to v1.4.2, and my
work is in the branch debian/stretch of the packaging repository:

  https://salsa.debian.org/auth-team/yubico-piv-tool.git

#906128 was marked by the security team as a minor issue not requiring a DSA
and an upload to stretch-security.


Best,

  nicoo

-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.17.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled



More information about the Pkg-auth-maintainers mailing list