Hi Roberto, On Thu, May 21, 2026 at 08:18:14AM -0400, Roberto C. Sánchez wrote: > Hi Salvatore, > > On Thu, May 21, 2026 at 07:29:02AM +0200, Salvatore Bonaccorso wrote: > > > > If you fix the vulnerability please also make sure to include the > > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > > This was already fixed in versions 2.3.0-1, 1.30.4-1+deb13u2, and > 1.23.1-1+deb12u3. Those last two went into the point release last > weekend, but that was before the CVE had been allocated.
Oh I seem to have had a version skew, the fix is in 2.2.4 so yes. I will update the tracker shortly. Regards, Salvatore
