[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Addressing Mojolicious CVE-2024-58134 and CVE-2024-58135 in sid



Hi,

On 22/05/2025 14:59, Salvatore Bonaccorso wrote:
Do "nothing" (for now) and mark the issue as <no-dsa> or its substate
<ignored> for your older suites. We keep the status as it is for
unstable and once/if things changes upstream align it with those.

If we expect change in the future, let's use "<postponed> (..., revisit when fixed upstream)" rather than "<ignored>" for older dists. We usually consider <ignored> definitive hence we won't recheck it (ever).

Cheers!
Sylvain


Reply to: