Hi Guilhem [disclaimer: not part of release team, just spotted below a typo] On Wed, May 01, 2019 at 01:27:26PM +0200, Guilhem Moulin wrote: > +signing-party (2.5-1+deb9u1) stretch; urgency=medium > + > + * Backport security fix for CVE-2018-15599: unsafe shell call enabling shell ^^^^^^^^^^^^^^ That would be CVE-2019-11627 (and as well for the patch name itself). Regards, Salvatore