XPost: linux.debian.devel.release
Am Tue, Apr 09, 2024 at 10:01:11AM +0200 schrieb Andreas Beckmann:
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: Bastien Roucariès <rouca@debian.org>
Control: affects -1 + src:json-smart
Control: block 1039985 with -1
Control: block 1033474 with -1
[ Reason ]
Two CVEs were fixed in buster-lts, but not yet in bullseye or later,
causing version skew on upgrades:
CVE-2023-1370 / #1033474 is unfixed in sid, and being fixed in unstable
is a pre condition for a point update.
Bastien, since you fixed it in buster-lts, can you please also take care
of addressing unstable?
Cheers,
Moritz
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)