Hi Ivo, On Tue, Nov 12, 2019 at 06:55:45PM +0100, Ivo De Decker wrote: > package: pam-python > version: 1.0.7-1 > severity: important > > Hi, > > The latest upload of pam-python contains maintainer binaries, which blocks the > transition to testing. Please do a source-only upload to allow the migration.
As this did fix https://security-tracker.debian.org/tracker/CVE-2019-16729 (allowing for local root escalation in certain PAM setups), I think this should be RC in the sense we would not want 1.0.6-1.1 in 'bullseye' (if we would be short before the release). 1.0.6-1.1+deb10u1 Contains the fix so I guess this would "prop-up" at point release time to testing? Regards, Salvatore
