[Pkg-javascript-devel] Bug#773671: libv8-3.14: multiple security issues
Moritz Mühlenhoff
jmm at inutil.org
Mon Dec 29 02:01:51 UTC 2014
On Sun, Dec 21, 2014 at 03:19:42PM -0500, Michael Gilbert wrote:
> package: src:libv8-3.14
> severity: grave
> tags: security
>
> Hi,
>
> the following vulnerabilities were published for libv8-3.14.
So if I'm understanding the discussion on debian-devel correctly
the libv8 maintainers want to see this treated as an RC-bug.
Please clarify your intentions, do you
a) intent to fix these issues with patches and if that's not possible
remove libv8 along with its rev deps?
b) want to keep this with RC severity and tag it jessie-ignore.
I would consider that rather broken since foo-ignore is used for
issues which are ignored for once, but which will be addressed
in release+1. I don't see the libv8 situation change upstream...
c) plan something else I'm missing
Cheers,
Moritz
More information about the Pkg-javascript-devel
mailing list