Control: tag -1 d-i moreinfo On Fri, Dec 29, 2023 at 09:54:57PM +0100, Samuel Thibault wrote: > [ Reason ] > This upload provides fixes for CVEs. They are not a regression over > oldstable. > > [ Impact ] > Blind users using the espeak-ng speech synthesis might be at risk when > e.g. reading a webpage that contains the CVE triggers. > > [ Tests ] > CVE tests are getting added in the patch. > > [ Risks ] > The code is relatively simple, comes from upstream, and has been in > testing since December 24th.
Sorry, I hadn't spotted the udeb. d-i ack required. Thanks, -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1