Hi, On Fri, Jan 05, 2024 at 10:25:34PM +0000, Bastien Roucariès wrote: > Hi, > > I have just fix this CVE for buster and I want to know if you need help to > release a fix for unstable ? > > The LTS fix are here https://salsa.debian.org/lts-team/packages/keystone/
AFAICS this issue has been fixed upstream in 23.0.0.0rc1 and included the first time in Debian with the experimental upload of 2:23.0.0~rc1-1 (and in unstable with 2:23.0.0-3) Thomas, can you double check if this is correct and then update the Debian bug metadata accordingly? Regards, Salvatore
