David Bremner <brem...@debian.org> writes: > Source: gramadoir > Version: 0.7-4 > Severity: important > Tags: security > X-Debbugs-Cc: debian-emac...@lists.debian.org, Debian Security Team > <t...@security.debian.org> > > dh_elpa prior to 1.16 is vulnerable to a path-injection bug via > $HOME. Please do a sourceful upload to rebuild against dh_elpa > 2.x. This will have the additional advantage of allowing future > maintainer script bugs to be fixed without a sourceful upload. >
As far as I can tell, dh_elpa is not actually used by the build. Feel free to close this bug if that is correct, ideally while removing the unused build dependency. d
signature.asc
Description: PGP signature
