Hi Simon, On Thu, Jan 21, 2021 at 06:25:25PM +0000, Simon McVittie wrote: > On Thu, 21 Jan 2021 at 17:51:34 +0000, Simon McVittie wrote: > > Security team: this is a regression in DSA 4830-1 (CVE-2021-21261), now > > fixed upstream in 1.10.1 and backported to 1.2.x. In addition to the > > regression that was reported in #980323, I looked at similar code paths > > and fixed an equivalent regression elsewhere. It's a 2-line change > > (I'll follow up with the full debdiff, which is rather larger due to > > patch headers and changelog). Do you want a DSA 4830-2 to fix this? > > Here's the proposed source debdiff. > > I've assumed that urgency=medium genuinely *is* what I want this time :-) > > smcv
Thanks for the fix! Please do upload to security-master. Regards, Salvatore
signature.asc
Description: PGP signature
