Am Tue, Apr 09, 2024 at 10:01:11AM +0200 schrieb Andreas Beckmann:
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: Bastien Roucariès <rouca@debian.org>
Control: affects -1 + src:json-smart
Control: block 1039985 with -1
Control: block 1033474 with -1
[ Reason ]
Two CVEs were fixed in buster-lts, but not yet in bullseye or later, causing version skew on upgrades:
CVE-2023-1370 / #1033474 is unfixed in sid, and being fixed in unstable
is a pre condition for a point update.
Bastien, since you fixed it in buster-lts, can you please also take care
of addressing unstable?
Cheers,
Moritz
Le samedi 13 avril 2024, 14:00:00 UTC Moritz Mühlenhoff a écrit :
Hi,
Am Tue, Apr 09, 2024 at 10:01:11AM +0200 schrieb Andreas Beckmann:
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: Bastien Roucariès <rouca@debian.org>
Control: affects -1 + src:json-smart
Control: block 1039985 with -1
Control: block 1033474 with -1
[ Reason ]
Two CVEs were fixed in buster-lts, but not yet in bullseye or later, causing version skew on upgrades:
CVE-2023-1370 / #1033474 is unfixed in sid, and being fixed in unstable
is a pre condition for a point update.
Bastien, since you fixed it in buster-lts, can you please also take care
of addressing unstable?
Ok will do
Cheers,
Moritz
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 307 |
Nodes: | 16 (2 / 14) |
Uptime: | 52:28:13 |
Calls: | 6,912 |
Calls today: | 2 |
Files: | 12,379 |
Messages: | 5,430,164 |