Control: tags -1 + confirmed On Mon, 2021-11-15 at 17:56 +0100, Håvard Flaget Aasen wrote: > Control: reopen 998902 > > On Sat, 13 Nov 2021 00:17:02 +0100 > =?UTF-8?Q?H=C3=A5vard_Flaget_Aasen?= <[email protected]> wrote: > > CVE-2021-40985 has now been marked as unimportant, I'm therefore > > closing this bug, since the CVE was the sole purpose of the update. > > > > Regards, > > Håvard > > > > > After some information in [1] I'm reopening this. > > All the previous information still holds true, but the proposed > update > has been expanded to include a fix for both CVE-2021-40985 and > CVE-2021-43579. > The upstream release fixing these issues has migrated to testing > (1.9.13) and I have verified that the patches indeed prevent > buffer-overflow in bullseye. >
Please go ahead. Regards, Adam
