Sean Whitton
unread,Dec 24, 2023, 4:30:04 AM12/24/23You do not have permission to delete messages in this group
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to
Hello,
I have taken responsibility for fixing these CVEs in libssh in buster,
as part of Freexian-funded LTS work. I would like to see if I can help
get them fixed in bullseye & bookworm in parallel, to avoid a situation
where they're fixed in buster but not fixed in releases to which LTS
users might soon upgrade their machines.
I see the fixes are all in sid. Are you expecting to issue DSAs for
bullseye and bookworm? I would be grateful for some information on the
sec team's plans for these fixes.
Thanks!
--
Sean Whitton