Hi Roberto
Please read also the very end of my email since I think maybe the most
important thing is there at the very end.
I think I need to clarify myself a little. Partially because your good
and lengthy email made me think more.
The reason why I pointed to the unimportant, low, medium and
LTS:
cpio:
- Added note that upstream considers CVE-2023-7216 (sole unfixed CVE)
normal behavior.
fontforge:
- Released DLA-3754-1, fixing CVE-2020-5395, CVE-2020-5496,
CVE-2024-25081 and CVE-2024-25082.
- Fixed CVE-2024-25081 and CVE-2024-25082 in sid.
- Fixed CVE-2024-25081 and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3785-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
April 09, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 28 Mar 2024 23:03:07 +0200
Source: gtkwave
Architecture: source
Version: 3.3.98+really3.3.118-0+deb10u1
Distribution: buster-security
Urgency: medium
Maintainer: Debian Electronics Team
Changed-By: Adrian Bunk
Closes:
Hi (especially Ola),
El 08/04/24 a las 13:59, Sylvain Beucler escribió:
> Hi,
>
> I think this requires a bit of coordination:
> - the package is basically dead upstream, there hasn't been a fix in the
> official repos, neither Debian or other distros attempted to fix them
The only "exception"