On 12/7/20 10:52 AM, Sylvain Beucler wrote: > Hi, > > On Sat, 10 Oct 2020 09:45:42 +0300 "Stefan Hornburg (Racke)" > <ra...@linuxia.de> wrote: >> On 10/7/20 3:03 PM, Sylvain Beucler wrote: >> > I noticed this local root escalation yesterday and I'm working on a >> > Stretch LTS update. >> > See also https://salsa.debian.org/sympa-team/sympa/-/merge_requests/1 >> > > Are there plans to update buster? >> >> Hello Sylvain, >> >> thanks a lot of for your patch! >> >> I will talk to the security team concerning buster. > > This high-severity issue was marked with: > [buster] - sympa <no-dsa> (Will be fixed via point release) > > Consequently I am surprised that it wasn't part of last week's Debian 10.7 > point release. > > What happened? > Can we consider switching to a DSA? > > Sylvain Beucler > Debian LTS Team > >
Yes, sorry I missed that point release. If you want a DSA, that's fine for me.
Regards
Racke
--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.
OpenPGP_signature
Description: OpenPGP digital signature
