Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable
Hi Salvatore,
>> python-cryptography (2.6.1-3+deb10u4) buster-security; urgency=high
>> .
>> * Adjust which call to CFFI's from_buffer is marked require_writable=True
>> to address an issue in 2.6.1-3+deb10u4's attempt to fix CVE-2023-23931.
>
> Does this still needs a follow-up DLA to DLA 3331-1?
Yes, indeed. This has been announced as DLA 3331-2.
Regards,
--
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org 🍥 chris-lamb.co.uk
`-
Reply to: