Hi Alexandre, On Fri, Mar 20, 2026 at 05:21:02PM +0000, Debian Bug Tracking System wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > Format: 1.8 > Date: Fri, 20 Mar 2026 17:52:40 +0100 > Source: pyasn1 > Architecture: source > Version: 0.6.3-1 > Distribution: unstable > Urgency: high > Maintainer: Debian Python Team <[email protected]> > Changed-By: Alexandre Detiste <[email protected]> > Closes: 1126615 1131371 > Changes: > pyasn1 (0.6.3-1) unstable; urgency=high > . > * New upstream version 0.6.3 (Closes: #1131371) with fix for > CVE-2026-30922: Denial of Service attack caused by uncontrolled recursion > * Add myself as Uploader > . > [ Francesco Poli ] > * update Homepage (Closes: #1126615)
Ah perfect, then I have not to propose the https://debusine.debian.net/debian/developers/work-request/522136/ as NMU. I plan to look for it for a DSA as we did release the earlier and related CVE as well via a DSA, so I think thi will be warranted. Regards, Salvatore
