[Pkg-nagios-devel] Bug#991116: Bug#991116: icingaweb2: CVE-2021-32746 CVE-2021-32747
Salvatore Bonaccorso
carnil at debian.org
Thu Jul 15 05:12:01 BST 2021
Hi,
On Thu, Jul 15, 2021 at 05:47:06AM +0200, Sebastiaan Couwenberg wrote:
> On 7/14/21 9:50 PM, Salvatore Bonaccorso wrote:
> > Can you please double-check with the release team for a pre-approval
> > of 2.8.3 otherwise?
>
> Both are no-dsa issues, so it's not worth the effort to fix in bullseye
> as experience with mapserver has shown.
We seem to slightly disagreeing here as it seems; no-dsa does not mean
that the issue is not worth the effort to be fixed in that suite, just
that it is not warranted an out of order security advisory update (and
so can be fixed in an upcoming point release instead and batch it with
many other updates).
Regards,
Salvatore
More information about the Pkg-nagios-devel
mailing list