There are know vulnerabilities in version 58.2 but new version 59.1 seems to be scheduled for 2017-07 according to PR218788
The mentioned PR includes patches for 58.2 fixing vulnerabilities.
Can the patch be committed with revision bump earlier?
Created attachment 182221 [details]
Patch for 58.2 vulnerabilities
Here is the patch attached directly to this PR, so we have all in one place.
I would also like to see this patched asap, instead of waiting for 59.1.
I'll take it.
A commit references this bug:
Date: Thu May 4 21:44:57 UTC 2017
New revision: 440117
Apply upstream patches to fix CVE-2017-7867 and CVE-2017-7868.