Package: release.debian.org Severity: normal Tags: bullseye User: release.debian....@packages.debian.org Usertags: pu X-Debbugs-Cc: a...@debian.org
Hello, I would like to update unbound in Bullseye and fix three no-dsa CVE, namely CVE-2022-3204, CVE-2022-30698 and CVE-2022-30699. The same patches have been successfully applied to older distributions and I want to make sure these CVE are fixed in Bullseye too. [ Impact ] Bullseye would still be vulnerable. [ Tests ] I have tested unbound myself on all current Debian releases and found no issues. [ Checklist ] [*] *all* changes are documented in the d/changelog [*] I reviewed all changes and I approve them [*] attach debdiff against the package in (old)stable [*] the issue is verified as fixed in unstable [ Changes ] Applied two patches to address the CVE.
