On 08/05/2026 01:53, Moritz Mühlenhoff wrote:
CVE-2026-4786 is only an issue if for CVE-2026-4519 is incompletely fixed, but my patches for for CVE-2026-4519 contain the full fix compromised of three upstream patches, so 3.13 was never affected by CVE-2026-4786 in trixie.I'd suggest to simply do the same for 3.11.
Ack, thanks for the explanation. I did the same for 3.11, and I just filed the upload request at: https://bugs.debian.org/1136382 -- Arnaud
