Comment 63 for bug 1754671

Any word on when this CVE will be fixed?

In the meantime I have put the 1.10.14-0ubuntu2 package into an apt repository at http://david.woodhou.se/cve-2018-1000135/ for users who need it. I couldn't work out how to copy it into a PPA without rebuilding it.

In the short term can someone please at least confirm that no new update will be shipped for Bionic which *doesn't* fix this, so that I don't have to play games with keeping a package in that repository "newer" than the latest in bionic-updates?