Hi all, On Fr, 10 Dez 2021, Chris Lamb wrote:
> >> Since the two CVEs are tagged "minor issue" on security-tracker, I'm > >> not sure whether it's worth doing a LTS upload for this. > > > > Thank you for getting in touch. I'll defer the decision to roll out the > > DLA to Chris, who's at front desk. If he thinks it worth doing an > > upload, I'll take it from here and prep the upload and roll the > > announcement like last time. :) > > Given that the package has been prepared and (presumably) well-tested > by Roland, please go ahead and upload... if only to reduce the diff in > a subsequent update. The second CVE (CVE-2021-44543) looks like it > might, in some configurations, be remotely exploitable. Okay, I just uploaded the package to security-master. Greetings Roland
