Le dimanche 13 octobre 2024, 11:18:12 UTC Moritz Mühlenhoff a écrit : > On Sat, Oct 12, 2024 at 07:36:46PM +0000, Bastien Roucariès wrote: > > Package: release.debian.org > > Severity: normal > > Tags: bookworm > > X-Debbugs-Cc: python-report...@packages.debian.org, secur...@debian.org > > Control: affects -1 + src:python-reportlab > > User: release.debian....@packages.debian.org > > Usertags: pu > > Control: tags -1 + security > > > > [ Reason ] > > CVE-2023-33733 > > > > [ Impact ] > > RCE > > > > [ Tests ] > > Yes package test run at build time > > > > [ Risks ] > > Low > > > > [ Checklist ] > > [X] *all* changes are documented in the d/changelog > > [X] I reviewed all changes and I approve them > > [X] attach debdiff against the package in (old)stable > > [X] the issue is verified as fixed in unstable > > > > [ Changes ] > > - CVE-2023-33733 fix > > - salsa CI > > > > [ Other info ] > > Did you prefer a DSA upload or a PU > > It's listed in data/dsa-needed.txt and the debdiff looks fine, so please > build with -sa and upload > to security-master. Thanks! Done > > Cheers, > Moritz > >
signature.asc
Description: This is a digitally signed message part.
