On Fri, 2021-06-11 at 11:06 +0100, Adam D. Barratt wrote: > Control: tags -1 + confirmed d-i > > On Thu, 2021-06-03 at 13:31 +0200, Andreas Metzler wrote: > > I would like to fix the non-DSA CVE-2021-33560 for buster by > > cherrypicking the respective commit from 1.8.8. This is about weak > > ElGamal encyption when a key not generated by libgcrypt/gnupg is > > used. > > > > This was fixed in unstable's 1.8.7-6, with bullseye unblock request > > #989421 sent a couple of minutes ago. > > I'd be OK with this, but as libgcrypt20 produces a udeb it'll also > need a d-i ack; tagging and CCing appropriately.
As we're getting close to the window for 10.10 closing, please feel free to upload the package and we'll handle the d-i coordination from there. Regards, Adam
