Hi,
I was checking fwupd (which is in the dla-needed list) and the security
tracker indicates CVE-2022-3287 [1] as affecting bullseye. After
checking the vulnerability and the upstream repo, I was able to
determine that the vulnerable code was only introduced in 1.7.0 [2] and
actually used in 1.7.
Package: release.debian.org
Control: affects -1 + src:php-horde
X-Debbugs-Cc: php-ho...@packages.debian.org
User: release.debian@packages.debian.org
Usertags: rm
X-Debbugs-Cc: debian-lts@lists.debian.org, b...@beuc.net
Severity: normal
Hello Release Team,
This is a request to RM the php-hord
