[Pkg-haskell-maintainers] Bug#776533: Bug#776533: libghc-aeson-dev-7.0.3 has serious vulnerability to DOS attack.
Joachim Breitner
nomeata at debian.org
Thu Jan 29 09:07:43 UTC 2015
Hi,
Am Donnerstag, den 29.01.2015, 11:35 +0900 schrieb Shohei Murayama:
> The aeson-7.0.3 package has serious vulnerbility to DOS attack.
> This issue had already reported and completely fixed in upstream,
> see the URL.
>
> https://github.com/bos/aeson/issues/198
>
> The following packages had been updated in order to fix the issue.
>
> aeson-7.0.3 -> aeson-7.0.6
> scientific-0.2.0.2 -> scientific-3.2.0
> attoparsec-0.11.2.1 -> attoparsec-0.11.3.4
thanks for the report.
I doubt that we can fix this for jessie at this point in the release,
and the version waiting in experimental already has the fix.
Greetings,
Joachim
--
Joachim "nomeata" Breitner
Debian Developer
nomeata at debian.org | ICQ# 74513189 | GPG-Keyid: F0FBF51F
JID: nomeata at joachim-breitner.de | http://people.debian.org/~nomeata
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-haskell-maintainers/attachments/20150129/61d6d1a2/attachment-0001.sig>
More information about the Pkg-haskell-maintainers
mailing list