* Salvatore Bonaccorso: > CVE-2021-3504[0]: > | Buffer overflow when provided invalid node key length > > Making the severity RC as I think the fix needs to go into bullseye.
Right. I contacted team@security.d.o a about the issue, including a proposed hivex/1.3.18-1+deb10u1 for stable-security a few days ago, but I'm not aware of getting an answer. Preparing a request for pre-approval/unblocking of 1.3.20-1 for the release team now. Cheers, -Hilko