Bug#981664: buster-pu: package privoxy/3.0.28-2
Am Tue, Feb 02, 2021 at 07:15:37PM +0100 schrieb Roland Rosenfeld:
> Package: release.debian.org
> Severity: normal
> Tags: buster
> User: release.debian.org@packages.debian.org
> Usertags: pu
>
> This fixes CVE-2021-20216 and CVE-2021-20217.
> Since both are tagged "<no-dsa> (Minor issue)" in security tracker, I
> tend to send this into the next point release of buster.
Hi Roland,
yesterday upstream assigned a few additional CVE IDs (also no-dsa):
https://www.openwall.com/lists/oss-security/2021/02/03/3, maybe you
also want to fold these in?
Cheers,
Moritz
Reply to: