Heads-up libksba 1.6.3
Salvatore Bonaccorso
carnil at debian.org
Tue Dec 20 17:38:08 GMT 2022
Hi Andreas,
On Tue, Dec 20, 2022 at 06:34:12PM +0100, Andreas Metzler wrote:
> On 2022-12-20 Andreas Metzler <ametzler at bebt.de> wrote:
> > Hello,
>
> > the new libksba features the fix for "another vulnerability related to
> > CVE-2022-3515".
>
> > This is https://dev.gnupg.org/T6284 but has not (yet?) got its own CVE
> > number.
>
> > Patch should apply cleanly to stable/oldstable. I will upload to sid
> > this evening and can probaby also find time to propose an upload for
> > stable.
> [...]
>
> Sid uploaded, debdiff for stable attached.
>
> I will be offline until tomorrow in the evening. If you want to upload
> this you can dput the signed changes file from
> people.debian.org:~ametzler/KSBA.
If you still are reading this, debdiff looks good to me, please do
upload to security-master.
I have already requested earlier the CVE, but it's unclear if someone
else has already done so as well. But we can release independently of
it.
Regards,
Salvatore
More information about the Pkg-gnutls-maint
mailing list