Control: tags -1 - moreinfo On Sun, Aug 10, 2025 at 06:27:23AM +0300, Adrian Bunk wrote: > Package: release.debian.org > Severity: normal > Tags: bookworm, moreinfo > X-Debbugs-Cc: [email protected], [email protected] > Control: affects -1 + src:openjpeg2 > User: [email protected] > Usertags: pu > > * CVE-2025-50952: Avoid potential undefined behaviour > in opj_dwt_decode_tile() > > Tagged moreinfo, as question to the security team whether they want > this in pu or as DSA.
Does not seem severe enough to make a standalone DSA. The openjpeg2 update can be addressed in the next point release in a few weeks, thus removing the moreinfo tag. Regards, Salvatore
