Sorry for the late reply, got backlogged in my inbox.
Am Mon, Apr 12, 2021 at 11:18:16AM +0100 schrieb Ximin Luo:
> It looks like these CVEs affect all versions up to 1.52 (which is not yet
> released).
>
> Do you have links to patches fixing these bugs that can be backported to
> 1.48? We've
I made a mistake on CVE-2020-36317 and CVE-2020-36318 patches. The names of the
patches are incorrect (I put 2021 instead of 2020)
Yao Wei
(This email is sent from a phone; sorry for HTML email if it happens.)
> On Apr 25, 2021, at 08:57, Yao Wei wrote:
>
> tag -1 patch
> thanks
>
>
tag -1 patch
thanks
Attached is the proposed patch onto debian repo for this bug. Note
that because the patch order is important (one patch depends on another).
Some tests on the original PRs did not apply because there were no such
files in 1.48
Please review before apply since I don't know
It looks like these CVEs affect all versions up to 1.52 (which is not yet
released).
Do you have links to patches fixing these bugs that can be backported to 1.48?
We've had 1.48 for a while due to the migration freeze, and I've been informed
that some rust packages in Debian break with newer
Package: rustc
Severity: grave
Tags: security
X-Debbugs-Cc: Debian Security Team
5 matches
Mail list logo
