On Mon, Dec 25, 2023 at 10:32:41AM +0100, Tobias Frost wrote:
> Package: release.debian.org
> Severity: normal
> Tags: bookworm
> User: release.debian....@packages.debian.org
> Usertags: pu
> X-Debbugs-Cc: hapr...@packages.debian.org
> X-Debbugs-Cc: t...@security.debian.org
> Control: affects -1 + src:haproxy
>
> Hi,
>
> For ELTS I was fixing haproxy's CVES CVE-2023-40225 and CVE-2023-45539,
> and I also like to fix those for stable and oldstable.
Please don't just go ahead and prepare updates for bullseye/bookworm
without prior coordination.
haproxy is listed in data/dsa-needed.txt as Salvatore as working on it
(and in fact updates are already uploaded/built on security-master)
Cheers,
Moritz
