Package: zchunk Version: 1.2.3 Severity: important X-Debbugs-Cc: mariamarutun...@gmail.com
Dear Maintainer, zchunk contains a CVE (CVE-2023-46228) which is fixed in the 1.3.2 version with the following commit: https://github.com/zchunk/zchunk/commit/08aec2b4dfd7f709b6e3d511411ffcc83ed4efbe. Could you please update it to address these problems? -- System Information: Debian Release: trixie/sid APT prefers noble-updates APT policy: (500, 'noble-updates'), (500, 'noble-security'), (500, 'noble'), (500, 'bionic'), (100, 'noble-backports') Architecture: amd64 (x86_64) Kernel: Linux 6.8.0-45-generic (SMP w/20 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages zchunk depends on: ii libc6 2.39-0ubuntu8.3 ii libcurl4t64 8.5.0-2ubuntu10.4 pn libzck1 <none> zchunk recommends no packages. zchunk suggests no packages.