Adam D. Barratt <[email protected]> (2019-08-05): > On Wed, 2019-07-31 at 11:13 +0100, Simon McVittie wrote: > > GLib in buster is vulnerable to CVE-2019-13012 (configuration files > > and directories created with more open permissions than intended), > > which the security team have indicated is too minor for a DSA. > > <https://bugs.debian.org/931234> > > > > GLib has a udeb, so this technically needs a d-i ack, although I > > can't imagine why d-i would either use GKeyfileSettingsBackend or > > care about the resulting permissions. > > It does seem rather unlikely, but let's do the CC-for-ack dance in any > case.
No objections, thanks. Cheers, -- Cyril Brulebois ([email protected]) <https://debamax.com/> D-I release manager -- Release team member -- Freelance Consultant
signature.asc
Description: PGP signature
