Bug#893663: freeplane: CVE-2018-1000069 XXE vulnerability
Salvatore Bonaccorso
carnil at debian.org
Tue Apr 3 08:36:26 UTC 2018
Hi Felix,
On Sun, Apr 01, 2018 at 06:04:27PM +0200, Markus Koschany wrote:
>
>
> Am 01.04.2018 um 17:57 schrieb Felix Natter:
> [...]
> > Thanks, done.
> > BTW: Is it ok to close the bug with the stretch-security upload even if
> > the jessie-security upload is still pending?
>
> Yes, that's ok. You can close the bug with both uploads.
>
> > What is there to do next?
>
> As soon as the security team has approved the changes, I can upload your
> packages to security-master.
Thanks for working on it, the issue is severe enought that it warrants
a DSA. Could you send the security team alias
(team at security.debian.org) debdiffs resulting from the build and
tested packages for a short review + ack?
Regards,
Salvatore
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 963 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20180403/48dad844/attachment.sig>
More information about the pkg-java-maintainers
mailing list