On Fri, Jan 09, 2026 at 02:58:39PM +0000, Colin Watson wrote:
The security team asked me to fix CVE-2025-61984 and CVE-2025-61985 in the next available point release.
Would it be OK in principle if I also cherry-picked the equivalent of https://salsa.debian.org/ssh-team/openssh/-/commit/69f0251dfcbd521a8338aff46f2a8465456279b1 for https://bugs.debian.org/1080350? Some users are running into that in practice and it's definitely an annoying important bug.
Thanks, -- Colin Watson (he/him) [[email protected]]
