Hi Nicolas, On Sat, Dec 18, 2021 at 10:05:20AM +0100, Salvatore Bonaccorso wrote: > Hi, > > On Sat, Dec 18, 2021 at 10:03:51AM +0100, Salvatore Bonaccorso wrote: > > Hi Nicolas, > > > > On Fri, Dec 17, 2021 at 08:25:38PM -0500, Nicolas Mora wrote: > > > See attached debdiff > > > > > diff -Nru glewlwyd-2.5.2/debian/changelog glewlwyd-2.5.2/debian/changelog > > > --- glewlwyd-2.5.2/debian/changelog 2021-09-22 08:42:59.000000000 > > > -0400 > > > +++ glewlwyd-2.5.2/debian/changelog 2021-12-17 07:51:46.000000000 > > > -0500 > > > @@ -1,3 +1,9 @@ > > > +glewlwyd (2.5.2-2+deb11u2) bullseye; urgency=medium > > > + > > > + * d/patches: Fix possible privilege escalation (Closes: #1001849) > > > > This should ot close the release.d.o filled bug, but the bug in the > > BTS associates with glewlwyd if one exists. Related question: is there > > a CVE and details on the issue? > > Answering the last question to myself: As you stated the CVE was > requested :)
Any news on the CVE assignment? Did MITRE respond? Regards, Salvatore
