On Thu, Dec 19, 2019 at 09:19:19PM +0100, Salvatore Bonaccorso wrote: > > The following vulnerability was published for cyrus-sasl2. > > CVE-2019-19906[0]: > Off by one in _sasl_add_string function > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > Hi Team,
Is anybody already working on this update? If not, I can start on it possibly tomorrow or perhaps the day after. Salvatore, If I (or someone else on the team) prepares the upload, do we go ahead and make the upload then let the security team handle the DSA publication? Regards, -Roberto -- Roberto C. Sánchez
