Hi Chris, On Wed, Feb 22, 2023 at 05:30:23PM +0000, Debian FTP Masters wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Format: 1.8 > Date: Wed, 22 Feb 2023 09:17:00 -0800 > Source: python-cryptography > Binary: python-cryptography python-cryptography-dbgsym > python-cryptography-doc python3-cryptography python3-cryptography-dbgsym > Built-For-Profiles: nocheck > Architecture: source amd64 all > Version: 2.6.1-3+deb10u4 > Distribution: buster-security > Urgency: high > Maintainer: Tristan Seligmann <mithra...@debian.org> > Changed-By: Chris Lamb <la...@debian.org> > Description: > python-cryptography - Python library exposing cryptographic recipes and > primitives (Pyt > python-cryptography-doc - Python library exposing cryptographic recipes and > primitives (doc > python3-cryptography - Python library exposing cryptographic recipes and > primitives (Pyt > Changes: > python-cryptography (2.6.1-3+deb10u4) buster-security; urgency=high > . > * Adjust which call to CFFI's from_buffer is marked require_writable=True > to address an issue in 2.6.1-3+deb10u4's attempt to fix CVE-2023-23931.
Does this still needs a follow-up DLA to DLA 3331-1? Regards, Salvatore
