Hi! On Mon, 2024-10-07 at 13:29:31 +0000, Debian FTP Masters wrote: > Source: python-certifi > Source-Version: 2024.8.30+dfsg-1 > Done: Sebastien Delafond <[email protected]>
> Format: 1.8 > Date: Mon, 07 Oct 2024 14:43:02 +0200 > Source: python-certifi > Architecture: source > Version: 2024.8.30+dfsg-1 > Distribution: unstable > Urgency: medium > Maintainer: Sebastien Delafond <[email protected]> > Changed-By: Sebastien Delafond <[email protected]> > Closes: 947287 > Changes: > python-certifi (2024.8.30+dfsg-1) unstable; urgency=medium > . > [ Sébastien Delafond ] > * Exclude certifi/cacert.pem (Closes: #947287) It would be nice if you could retroactively include references to the three CVEs in that changelog entry: CVE-2022-23491, CVE-2023-37920, CVE-2024-39689 So that the security tracker can automatically mark them as fixed. As an aside, we use «dfsg» when repackaging sources that contain problematic files due to license or copyright issues. When repacking for other reasons, the convention is to use instead «ds» (for Debian Source), sometimes with an iteration number appended such as «ds1». To avoid confusion perhaps on the next upstream release upload you could switch the suffix? :) Thanks, Guillem
