Package: zchunk
Version: 1.2.3
Severity: important
X-Debbugs-Cc: mariamarutun...@gmail.com

Dear Maintainer,
zchunk contains a CVE (CVE-2023-46228) which is fixed in the 1.3.2 version with 
the following
commit: 
https://github.com/zchunk/zchunk/commit/08aec2b4dfd7f709b6e3d511411ffcc83ed4efbe.
Could you please update it to address these problems?


-- System Information:
Debian Release: trixie/sid
  APT prefers noble-updates
  APT policy: (500, 'noble-updates'), (500, 'noble-security'), (500, 'noble'), 
(500, 'bionic'), (100, 'noble-backports')
Architecture: amd64 (x86_64)

Kernel: Linux 6.8.0-45-generic (SMP w/20 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages zchunk depends on:
ii  libc6        2.39-0ubuntu8.3
ii  libcurl4t64  8.5.0-2ubuntu10.4
pn  libzck1      <none>

zchunk recommends no packages.

zchunk suggests no packages.

Reply via email to