Ben Hutchings wrote:

> Given the reference to cookies in the upstream advisory, I think the
> actual bug is

[…]

Thanks for looking into this. For the avoidance of doubt I will not
proceed with an upload. 

With my "front desk" hat on, I've also added a link in the data/
CVE/list to this thread as it discusses the merits of the patch:

  
https://salsa.debian.org/security-tracker-team/security-tracker/commit/f9c0c26172f864a9fb70c332d61dabd72b47a56e


Regards,

-- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      la...@debian.org 🍥 chris-lamb.co.uk
       `-

Reply via email to