[Pkg-mailman-hackers] Bug#989183: CVE-2021-33038
Jonas Meurer
jonas at freesources.org
Fri May 28 10:06:31 BST 2021
Hey Moritz,
Moritz Muehlenhoff wrote:
> This was assigned CVE-2021-33038:
> https://gitlab.com/mailman/hyperkitty/-/issues/380
>
> Patch is here:
> https://gitlab.com/mailman/hyperkitty/-/commit/9025324597d60b2dff740e49b70b15589d6804fa
Thanks a lot for reporting the security bug!
I'll upload hyperkitty 1.3.4-4 in a few minutes with the patch applied.
Will open an unblock request for Bullseye as soon as the package hit the
archive.
Do you want to take care of preparing an upload to buster-security or
shall I prepare that one as well?
Kind regards
jonas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-mailman-hackers/attachments/20210528/c6d0fbf8/attachment.sig>
More information about the Pkg-mailman-hackers
mailing list