What would you advise to do *now* for downstream distros carying Newton? For the moment, I have opened the Debian bug for the 1st CVE, but didn't do anything else (well I prepared the fixed package, but didn't upload it yet). In other words: what's worth? The original CVE, or this bug?
Matt,
What would you advise to do *now* for downstream distros carying Newton? For the moment, I have opened the Debian bug for the 1st CVE, but didn't do anything else (well I prepared the fixed package, but didn't upload it yet). In other words: what's worth? The original CVE, or this bug?
Thanks for working on this,
Cheers,
Thomas Goirand (zigo)