Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable

To: Chris Lamb <lamby@debian.org>
Cc: debian-lts@lists.debian.org
Subject: Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Mon, 27 Feb 2023 08:56:06 +0100
Message-id: <Y/xiFpvrgrwuOCRv@eldamar.lan>
Mail-followup-to: Chris Lamb <lamby@debian.org>, debian-lts@lists.debian.org
In-reply-to: <[🔎] 2a9d21fa-5504-4adf-88e6-bc2fcef9226c@app.fastmail.com>
References: <E1pUswh-00Ghxp-P6@seger.debian.org> <Y/t6tBCVvyR4Ws3s@eldamar.lan> <[🔎] 2a9d21fa-5504-4adf-88e6-bc2fcef9226c@app.fastmail.com>

On Mon, Feb 27, 2023 at 07:43:42AM +0000, Chris Lamb wrote:
> Hi Salvatore,
> 
> >>  python-cryptography (2.6.1-3+deb10u4) buster-security; urgency=high
> >>  .
> >>    * Adjust which call to CFFI's from_buffer is marked require_writable=True
> >>      to address an issue in 2.6.1-3+deb10u4's attempt to fix CVE-2023-23931.
> >
> > Does this still needs a follow-up DLA to DLA 3331-1?
> 
> Yes, indeed. This has been announced as DLA 3331-2.

Thank you, Chris!

Regards,
Salvatore

Reply to:

References:
- Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable
  - From: "Chris Lamb" <lamby@debian.org>

Prev by Date: Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable
Previous by thread: Re: Accepted python-cryptography 2.6.1-3+deb10u4 (source amd64 all) into oldstable
Index(es):
- Date
- Thread