Package: python3-zipp Version: 3.20.1-1 Severity: serious Looking at CVE-2024-5569 and the potential of future CVEs, I wonder whether there is any reason why reverse dependencies still need this package or whether they could use the version vendored in src:python3.*
If there is a reason, feel free to lower the severity but keep the bug open as wontfix to document it (or close the bug with a package description update).
