On Tue, 28 Apr, 2020, 3:06 PM Ola Lundqvist, <ola@inguza.com> wrote:
I think the Debian Security team usually wants to judge that on their
own. You can write a note about it in the CVE entry.
So before the regular security team has said anything we should not do that.
Sure thing.
Given that they were CC'ed here during the entire thread, I'll leave this here for them to decide.