On Monday 29 December 2025 07:58:38 Salvatore Bonaccorso wrote: > Hi Pali, > > On Sun, Dec 28, 2025 at 12:25:40PM +0100, Pali Rohár wrote: > > Hello, Thank you for contacting me. I did not know that there some > > reported vulnerability as nobody contacted me before you. > > > > I will prepare update of debian package with the fix. > > Thank you very much. As per > https://security-tracker.debian.org/tracker/CVE-2025-50681 we think > this will not require a DSA, but once the fix is in unstable, can you > as well approach the stable release managers and make a fix via the > upcoming point releases? > > Regards, > Salvatore
Sure, the same version is in all Debian releases, so backporting would mean to just rebuild new fixed (unstable) version for older releases. Fixed package is already visible on the mentors web: https://mentors.debian.net/package/igmpproxy/
