[xml/sgml-pkgs] s-pu upload to fix no-dsa security issues in libxml2
Guilhem Moulin
guilhem at debian.org
Sun Jul 27 01:04:28 BST 2025
On Sun, 27 Jul 2025 at 01:50:47 +0200, Guilhem Moulin wrote:
> I'll file a bookworm-pu bug with these changes and tag it moreinfo to
> give you time to object if desired.
That's #1109947.
> The proposed debdiff also fixes CVE-2025-6170 which is marked as
> <not-important> in the security tracker; it is trivially fixable so
> there is IMHO no reason not to patch it too (note it's already fixed in
> bullseye-security). Since -pu issues need to be fixed in sid first, I
> also propose an NMU for sid.
Forgot to add, I guess this issue doesn't warrant an unblock request for
trixie (or -pu if trixie is released first). If you think otherwise I
can do the paperwork for trixie too :-)
--
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/debian-xml-sgml-pkgs/attachments/20250727/e2c53b2e/attachment.sig>
More information about the debian-xml-sgml-pkgs
mailing list