Hi Jochen, On Tue, Feb 10, 2026 at 11:36:15AM +0100, Jochen Sprickerhof wrote: > Package: release.debian.org > Severity: normal > Tags: trixie > X-Debbugs-Cc: [email protected], Sergei Golovan > <[email protected]>, Bastien Roucaries <[email protected]> > Control: affects -1 + src:erlang > User: [email protected] > Usertags: pu > > [ Reason ] > There have been several CVEs published for the erlang programming > language that have been flagged as no DSA or unimportant affecting the > http and ssh server implementations. > > [ Impact ] > Untrusted user data processing and denial of service attacks. > > [ Tests ] > Manually tested. > > [ Risks ] > Low risk, given that those implementations are niche and the patches > mostly add safe guards. > > [ Checklist ] > [X] *all* changes are documented in the d/changelog > [X] I reviewed all changes and I approve them > [X] attach debdiff against the package in (old)stable > [X] the issue is verified as fixed in unstable > > [ Other info ] > I reached out to Sergei before sending this PU but got no answer. > Bastien merged those patches in Salsa so I assume it is fine to send > this now. @Sergei please reply if you disagree.
> diff --git a/debian/changelog b/debian/changelog > index 58b941444e..551ee27b24 100644 > --- a/debian/changelog > +++ b/debian/changelog > @@ -1,3 +1,22 @@ > +erlang (1:27.3.4.1+dfsg-1+deb14u1) trixie-proposed-updates; urgency=medium This should be 1:27.3.4.1+dfsg-1+deb13u1, can you adapt that please? Regards, Salvatore
