> Debian "py7zr" package has security issue CVE-2022-44900, > and this issue affects Debian "calibre" package because "calibre" depends > this "py7zr" module. > https://tracker.debian.org/pkg/py7zr > > Please examine Debian bug report 1032091, and fix this issue. > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1032091 > > Debian release system will auto-remove these packages from testing > distribution > on Wed 12 Apr 2023.
feel free to provide a patch to fix it. upgrading to newer upstream releases is prohibitive given the increasing amount of additional/frivolous dependencies upstream decided to rely on. -- Sandro "morph" Tosi My website: http://sandrotosi.me/ Me at Debian: http://wiki.debian.org/SandroTosi Twitter: https://twitter.com/sandrotosi
