On Mon, Feb 27, 2023 at 07:43:42AM +0000, Chris Lamb wrote: > Hi Salvatore, > > >> python-cryptography (2.6.1-3+deb10u4) buster-security; urgency=high > >> . > >> * Adjust which call to CFFI's from_buffer is marked > >> require_writable=True > >> to address an issue in 2.6.1-3+deb10u4's attempt to fix > >> CVE-2023-23931. > > > > Does this still needs a follow-up DLA to DLA 3331-1? > > Yes, indeed. This has been announced as DLA 3331-2.
Thank you, Chris! Regards, Salvatore
