libcryptx-perl 0.65 (upstream commit 32f1d210ed6300b8e82f46f1b983f7316aa7eaf9) is the first version to have the fix for CVE-2019-17362 by my analysis for the bundled libtomcrypt.
It would be awesome for others if the https://security-tracker.debian.org/tracker/CVE-2019-17362 page had this information also. BTW, What is the right way to then alert the LTS team to allow them to either apply the patch or mark it as wont-fix? Andrew Bartlett -- Andrew Bartlett (he/him) https://samba.org/~abartlet/ Samba Team Member (since 2001) https://samba.org Samba Team Lead https://catalyst.net.nz/services/samba Catalyst.Net Ltd Proudly developing Samba for Catalyst.Net Ltd - a Catalyst IT group company Samba Development and Support: https://catalyst.net.nz/services/samba Catalyst IT - Expert Open Source Solutions
