Hi Chris, On Tue, Dec 03, 2019 at 09:25:42PM +0100, Chris Lamb wrote: > Dear Salvatore, > > > > Security team, would you like an upload for stable? > > > > As far I can see this issue has been introduced around 2.1 where the > > search support for view permissions and a read-only admin support was > > added. […] > > Upon further inspection that is my reading too. I was being overly- > cautious in assuming that it was vulnerable without doing any checking > first, thus leading to this noise (for which I apologise). > > I have updated data/dla-needed.txt and data/CVE/list to match.
Thanks for double-checking and confirming! Regards, Salvatore