Hi, On Fri, Nov 6, 2020 at 1:48 PM Salvatore Bonaccorso <car...@debian.org> wrote: > The following vulnerability was published for tcpdump. > > CVE-2020-8037[0]: > | The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a > | large amount of memory.
Thanks for the bug report. I am aware of this CVE and working on a new upload to unstable. Is this no-dsa?
