Package: chasquid
Version: 1.11-2+b2
Severity: normal
Hi all,
you might have heard about the latest SMTP smuggling vulnerability.
Author of chasquid responsed by releasing 1.13 and 1.11.1
(<https://github.com/albertito/chasquid/releases/tag/v1.11.1>) with the
backported fix. From <https://tracker.debian.org/pkg/chasquid>, I
understand that 1.13 was automatically accepted into testing, but I
didn't notice anything happening regarding 1.11.1 (my server is on
Debian stable, which only has 1.11), so I wanted to politely ask if this
could be processed as well.
I have very little knowledge about the Debian packaging and release
process, so please correct if I have any major misunderstanding of the
process and what I'm asking is unreasonable.
Thank you for your work.
Best
Matej
-- System Information:
Debian Release: 12.4
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500,
'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.1.0-10-cloud-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE
not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages chasquid depends on:
ii libc6 2.36-9+deb12u3
chasquid recommends no packages.
chasquid suggests no packages.
-- Configuration Files:
/etc/chasquid/certs/README.certs [Errno 2] No such file or directory:
'/etc/chasquid/certs/README.certs'
/etc/chasquid/chasquid.conf changed [not included]
/etc/chasquid/hooks/post-data changed [not included]
-- no debconf information
