Control: tag -1 confirmed On Tue, Jul 11, 2023 at 08:01:20PM +0200, Tobias Frost wrote: > Previous o-s-p-u upload was #1040137; two additional CVEs have > been fixed since then and the fix for CVE-2023-33460 has been found > to be incomplete. > > This upload is part of fixing yajl for every release. So far sid, buster > (DLA-3492), stretch and jessie (ELA-892-1) has been targeted. > bookworm s-p-u is pending, see #1040863
Please elaborate a little on what those CVEs are about in debian/changelog; otherwise, go ahead. Thanks, -- Jonathan Wiltshire [email protected] Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
