Hello,
Am Montag, dem 17.07.2023 um 15:28 +0200 schrieb Lennart Ackermans:
Hi,
The recent security update of erlang on Buster goes from 21.2.6 to 22.2.7.
This is a major update that can break dependencies. Was this a mistake or was
this intentional?
The upgrade was intentional.
If it was a mistake, will it be reverted?
The Kolab groupware team is trying to decide whether to rebuild packages
based on the current security version. See
https://lists.kolab.org/pipermail/devel/2023-July/015809.html. Hence, they
need to know whether it will stay like this.
We can only support packages which are currently available in Debian Buster. If
Kolab is not affected by CVE-2022-37026 or you can reasonably work around the
problem, then you don't need to upgrade your Erlang packages. Otherwise you
should consider to rebuild your packages.
Regards,
Markus