Control: tags -1 + confirmed On Wed, 2021-03-31 at 21:50 -0400, James Valleroy wrote: > A security issue was found and reported to the security team: > https://security-tracker.debian.org/tracker/TEMP-0000000-3E4AC3 > > Since the impact is limited to specific use cases, they did not issue > a DSA. A CVE has been requested but it still pending. > > Description: After entering the first run wizard secret, other > web-sessions can continue the first run wizard without being asked > for > the first run wizard secret. >
Please go ahead. Regards, Adam
