libappimage lts update

To: debian-lts@lists.debian.org
Subject: libappimage lts update
From: Scarlett Moore <scarlett.gately.moore@gmail.com>
Date: Sat, 21 Jan 2023 08:21:29 -0700
Message-id: <[🔎] 4803781.31r3eYUQgx@scarlett-inspiron1676202in1>
Reply-to: sgmoore@debian.org

Hello,
The security team pointed me here as Buster is now LTS.
I am reaching out to see if/how I should update libappimage in buster.
The bug is https://security-tracker.debian.org/tracker/CVE-2020-25265
The upstream fix is: https://github.com/AppImageCommunity/libappimage/pull/146
I followed instructions here: 
https://lts-team.pages.debian.net/wiki/Development.html#claim-the-issue-in-the-security-tracker-in-dla-needed-txt

and the CVE is not listed. I need to know how I proceed as it stated Do not 
add it, frontdesk needs to. I am a maintainer of the package and I do have the 
upstream fix.

Thank you for any assistance in the matter.
Scarlett Moore
<sgmoore@debian.org>

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

Follow-Ups:
- Re: libappimage lts update
  - From: Anton Gladky <gladk@debian.org>
- Re: libappimage lts update
  - From: Utkarsh Gupta <guptautkarsh2102@gmail.com>

Prev by Date: Re: [SECURITY] [DLA 3271-1] node-minimatch security update
Next by Date: Re: libappimage lts update
Previous by thread: Re: [SECURITY] [DLA 3271-1] node-minimatch security update
Next by thread: Re: libappimage lts update
Index(es):
- Date
- Thread