Francesco Poli schreef op wo 28-01-2026 om 01:02 [+0100]: > Control: forcemerge 1125030 -1 > > > On Tue, 27 Jan 2026 14:15:33 +0100 wim wrote: > > > Package: apt-listbugs > > Version: 0.1.40 > > Severity: grave > > Tags: security > > Justification: user security hole > > X-Debbugs-Cc: [email protected], Debian Security Team > > <[email protected]> > > Hello wim, > please do not inflate the severity: not being able to use apt- > listbugs > is unfortunate, but not a "user security hole"...
Hello Francesco, my apologies, in my view it is a security problem, also for example in combination with unattended-upgrades > > This means that you are seeing the same issue with > reportbug/querybts, > which are python programs, totally unrelated to apt-listbugs. > The only thing in common is that both apt-listbugs and querybts use > the > Debian BTS SOAP interface. > And the problem is on the server side, see bug [#1126340] > > [#1126340]: <https://bugs.debian.org/1126340> tnx, i'll follow up there mvg, Wim
