On Thu, 28 Sept 2023 at 21:13, Adam D. Barratt <a...@adam-barratt.org.uk> wrote: > > On Tue, 2023-09-19 at 08:59 +0100, Luca Boccassi wrote: > > On Tue, 19 Sept 2023 at 08:21, Salvatore Bonaccorso < > > car...@debian.org> wrote: > [...] > > > Two obervations: Can you please close #1043598 in the > > > debian/changelog as well as the update addresses CVE-2023-3153. > [...] > > Changelog mentions CVE and bug: > > > > ovn (23.03.1-1~deb12u1) bookworm; urgency=medium > > > > * Team upload. > > * Update upstream source from tag 'upstream/23.03.1' > > - Add CoPP for the svc_monitor_mac. This addresses CVE-2023-3153. > > (Closes: #1043598) > > * d/p/*vif-plug-representor*: Lower severity of failure to set udev > > receive buffer size (LP: #2034700). > > > > In fact, the debdiff that was attached to the request does not contain > that bug closure: > > + * Team upload. > + * Update upstream source from tag 'upstream/23.03.1' > + - Add CoPP for the svc_monitor_mac. This addresses CVE-2023-3153. > + * d/p/*vif-plug-representor*: Lower severity of failure to set udev > + receive buffer size (LP: #2034700). > > Is it not the correct debdiff?
Yes it was the old one, I just downloaded it from the original mail, forgetting that we made that change later. New one: https://pastebin.ubuntu.com/p/5TV6fWFYtx/
