On Fri, May 19, 2023 at 08:45:23PM +0200, Sylvain Beucler wrote:
On 05/05/2023 05:14, Chris Frey wrote:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035537
At first glance, it looks like this could lead to data corruption, and hence
warrant a 'grave' severity in the BTS.
Thanks for the response! Yes indeed, the split file results will be
corrupt without the fix.
Is the severity level something I control, or the maintainer?
However I believe both the Security Team (for a bullseye DSA or
point-update, probably initiated by the maintainer) and the LTS Team (for a
buster DLA, probably based on bullseye's) would rather get the coreutil's
package maintainers input on the subject first (right now the BTS entry has
no replies) :)
I'm assuming the package maintainers have a closer relationship to the
upstream maintainers than I do, but I can help if needed.