On 30.05.2023 20:37, Salvatore Bonaccorso wrote: Hi Salvatore, hi Markus,
Short question: the web page for the security issue [1] lists a few patches. I downloaded a few of them, but no one is matches to the CVE-2023-32700.patch in the texlive-bin_2018.20181218.49446-1+deb10u1 diff. Which patch did you use?No, buster is under LTS support which does not have point releases. But as I understand this is a regression from DLA DLA-3427-1, so a regression update might be worth to be issues for it, once there is a fix known.
Thus might need to loop in debian-lts list and/or Markus as well. Does this helps you already for the admnistrativa part?
Yes, for now this answers my question. Hilmar [1] https://tug.org/~mseven/luatex.html -- sigfault
Attachment:
OpenPGP_0x0C871C4C653C1F59.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature