Markus Koschany <a...@debian.org> writes: > Gradle is a Java build tool and is mainly used to build Gradle based > packages for Debian. Since we build only with system libraries, this CVE > is only relevant for people who use our Gradle version to build > non-Debian packages. I assume not many people will do that. You can > safely mark this CVE as no-dsa, minor issue.
Agreed. Will do so. -- Brian May <b...@debian.org>