On Wed, Jan 29, 2025 at 04:15:16PM +0100, Rafał Lichwała wrote: > > But still don;t understand "Debian itself does *not* build the affected > component" as I can find "minizip" (and maybe other) package based on that > vulnerable library - see my previous post above as Re- to Hanno. > You are mistaken here. I think my other email elsewhere in this thread explaining the source and status of the minizip package you are seeing answers this precisely.
> Anyway thank you for trying to explain me things that are not obvious to > me. > No worries. We are all here to help and learn. Regards, -Roberto -- Roberto C. Sánchez
