Am Sun, Jul 31, 2022 at 11:42:01AM +0200 schrieb Salvatore Bonaccorso: > Hi Jérôme, > > On Sat, Jul 16, 2022 at 12:42:05AM +0000, Debian Bug Tracking System wrote: > > puppetdb (7.10.1-1) experimental; urgency=medium > > . > > * New upstream version 7.10.1 (Closes: #990419, #1012577) > > When you fix known CVEs can you please include those in the > debian/changelog, this makes the tracking for the security team much > easier.
And please also add CVE-2021-27023 to the next changelog, that CVE is also fixed in the 7.x uploads: https://puppet.com/security/cve/cve-2021-27023 Cheers, Moritz
