Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable

To: "Salvatore Bonaccorso" <carnil@debian.org>, debian-lts@lists.debian.org
Subject: Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable
From: "Chris Lamb" <lamby@debian.org>
Date: Mon, 27 Feb 2023 07:43:42 +0000
Message-id: <[🔎] 2a9d21fa-5504-4adf-88e6-bc2fcef9226c@app.fastmail.com>
In-reply-to: <Y/t6tBCVvyR4Ws3s@eldamar.lan>
References: <E1pUswh-00Ghxp-P6@seger.debian.org> <Y/t6tBCVvyR4Ws3s@eldamar.lan>

Hi Salvatore,

>>  python-cryptography (2.6.1-3+deb10u4) buster-security; urgency=high
>>  .
>>    * Adjust which call to CFFI's from_buffer is marked require_writable=True
>>      to address an issue in 2.6.1-3+deb10u4's attempt to fix CVE-2023-23931.
>
> Does this still needs a follow-up DLA to DLA 3331-1?

Yes, indeed. This has been announced as DLA 3331-2.


Regards,

-- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org 🍥 chris-lamb.co.uk
       `-

Reply to:

Follow-Ups:
- Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable
  - From: Salvatore Bonaccorso <carnil@debian.org>

References:
- Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable
  - From: Salvatore Bonaccorso <carnil@debian.org>

Prev by Date: Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable
Next by Date: Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable
Previous by thread: Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable
Next by thread: Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable
Index(es):
- Date
- Thread