Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu
Dear Release Managers,
I'd like to have python-markdown2 updated in Buster, due to a CVE:
CVE-2020-11888.
I attached a debdiff with the bug report, and the update is the
simple adding of debian/patches/0001.
I've also added a gbp.conf to have gbp stop complaining when I don't
give it the proper branch to build, this addition doesn't change the
binary packages.
Note that I've uploaded python-markdown2 2.3.9-1 to unstable 15 minutes
ago. It ships the CVE fix, and should be visible in the archive soon.
Thanks a lot for your work! :)
-- System Information:
Debian Release: 10.4
APT prefers stable
APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-8-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_USER
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to fr_FR.UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to fr_FR.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled