On Sun, 2026-02-15 at 19:05 +0100, Salvatore Bonaccorso wrote: > Hi Jochen, > > On Tue, Feb 10, 2026 at 11:36:15AM +0100, Jochen Sprickerhof wrote: > > Package: release.debian.org > > Severity: normal > > Tags: trixie > > X-Debbugs-Cc: [email protected], Sergei Golovan > > <[email protected]>, Bastien Roucaries <[email protected]> > > Control: affects -1 + src:erlang > > User: [email protected] > > Usertags: pu > > > > [ Reason ] > > There have been several CVEs published for the erlang programming > > language that have been flagged as no DSA or unimportant affecting > > the > > http and ssh server implementations. > > > > [ Impact ] > > Untrusted user data processing and denial of service attacks. > > > > [ Tests ] > > Manually tested. > > > > [ Risks ] > > Low risk, given that those implementations are niche and the > > patches > > mostly add safe guards. > > > > [ Checklist ] > > [X] *all* changes are documented in the d/changelog > > [X] I reviewed all changes and I approve them > > [X] attach debdiff against the package in (old)stable > > [X] the issue is verified as fixed in unstable > > > > [ Other info ] > > I reached out to Sergei before sending this PU but got no answer. > > Bastien merged those patches in Salsa so I assume it is fine to > > send > > this now. @Sergei please reply if you disagree. > > > diff --git a/debian/changelog b/debian/changelog > > index 58b941444e..551ee27b24 100644 > > --- a/debian/changelog > > +++ b/debian/changelog > > @@ -1,3 +1,22 @@ > > +erlang (1:27.3.4.1+dfsg-1+deb14u1) trixie-proposed-updates; > > urgency=medium > > This should be 1:27.3.4.1+dfsg-1+deb13u1, can you adapt that please?
Please also use "trixie" as the target distribution. Regards, Adam
