On Mon, Dec 30, 2024 at 03:00:40PM +0100, Santiago Vila wrote: > Hi. > > I've just made a team upload which fixes this in unstable. > > Is this the kind of security issue which deserves a DSA + upload for security, > or should we handle this using stable-proposed-updates? > > (In the first case: Can we still help by preparing an upload > without uploading it?)
I think this should be fixed via bookworm-security, so if you could prepare an update, that would be great! There's also two low severity issues: https://security-tracker.debian.org/tracker/CVE-2024-54132 https://security-tracker.debian.org/tracker/CVE-2024-53858 If these affect 2.23 and can be sensibly backported it would be good to also fix them along. Cheers, Moritz
