Hi Adrian, On Wed, Jun 24, 2026 at 03:05:19PM +0300, Adrian Bunk wrote: > Package: release.debian.org > Severity: normal > Tags: trixie > X-Debbugs-Cc: [email protected], [email protected] > Control: affects -1 + src:python-memray > User: [email protected] > Usertags: pu > > * CVE-2026-32722: XSS in generated HTML reports via unescaped > command-line metadata (Closes: #1131372)
> diffstat for python-memray-1.17.0+dfsg python-memray-1.17.0+dfsg > > changelog | 8 ++ > patches/0001-Fix-escaping-in-HTML-reports.patch | 88 > ++++++++++++++++++++++++ > patches/series | 1 > 3 files changed, 97 insertions(+) > > diff -Nru python-memray-1.17.0+dfsg/debian/changelog > python-memray-1.17.0+dfsg/debian/changelog > --- python-memray-1.17.0+dfsg/debian/changelog 2025-04-04 > 22:28:26.000000000 +0300 > +++ python-memray-1.17.0+dfsg/debian/changelog 2026-06-24 > 14:32:46.000000000 +0300 > @@ -1,3 +1,11 @@ > +python-memray (1.17.0+dfsg-1.1) trixie; urgency=medium Small glitch here: That should ideally be 1.17.0+dfsg-1+deb13u1. Regards Salvatore

