hi Andrew, On Thu, Jan 09, 2025 at 11:09:47AM +1300, Andrew Bartlett wrote: > libcryptx-perl 0.65 (upstream commit > 32f1d210ed6300b8e82f46f1b983f7316aa7eaf9) is the first version to have > the fix for CVE-2019-17362 by my analysis for the bundled libtomcrypt. > > It would be awesome for others if the > https://security-tracker.debian.org/tracker/CVE-2019-17362 page had > this information also.
Looks right and have added the information! In particular tracked as well the embedded copy. > BTW, What is the right way to then alert the LTS team to allow them to > either apply the patch or mark it as wont-fix? bullseye LTS is on 0.069-1 has already the fix, the LTS team can be reached via the [email protected] list. Regards, Salvatore
