Bug#796342: CVE-2013-0169
Joachim Breitner
nomeata at debian.org
Fri Aug 28 08:31:07 UTC 2015
Hi Moritz,
On Fri, 21 Aug 2015 14:23:25 +0200 Moritz Muehlenhoff <jmm at debian.org>
wrote:
> Source: haskell-tls
> Severity: important
> Tags: security
>
> The Debian Security Tracker still lists haskell-tls as affected by
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0169, can
> you please check with upstream whether that is addressed, I couldn't
> find a reference in the changelog.
tricky, as not even upstream can give a definite answer:
https://github.com/vincenthz/hs-tls/issues/117
So I guess you can consider this to be not addressed. What are the
implications of that?
Greetings,
Joachim
--
--
Joachim "nomeata" Breitner
Debian Developer
nomeata at debian.org | ICQ# 74513189 | GPG-Keyid: F0FBF51F
JID: nomeata at joachim-breitner.de | http://people.debian.org/~nomeata
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-haskell-maintainers/attachments/20150828/633446f3/attachment.sig>
More information about the Pkg-haskell-maintainers
mailing list