Package: golang-github-jackc-pgproto3 Version: 2.2.0-1 X-Debbugs-CC: [email protected] Tags: security upstream
This is a bug to track the security vulnerability described here: https://github.com/jackc/pgx/issues/2507 https://security-tracker.debian.org/tracker/CVE-2026-4427 Upstream project is EOL so likely there won't be a new release, but we could apply the trivial patch ourselves. This package (and the vulnerability) is in the call path of jackc/pgx v4 which is widely deployed. IMHO the severity of the vulnerability is inflated, but still this would be nice to fix. /Simon
signature.asc
Description: PGP signature
