Bug#988455: buster-pu: package velocity/1.7-5+deb10u1

To: Chris Lamb <lamby@debian.org>, 988455@bugs.debian.org
Subject: Bug#988455: buster-pu: package velocity/1.7-5+deb10u1
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 15 May 2021 15:19:27 +0100
Message-id: <[🔎] 507cda05be3af0ce4d37bac3242d75c4c52ba59b.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 988455@bugs.debian.org
In-reply-to: <[🔎] 162090087856.2727355.17003072208861169135@tinycat.chris-lamb.co.uk>
References: <[🔎] 162090087856.2727355.17003072208861169135@tinycat.chris-lamb.co.uk> <[🔎] 162090087856.2727355.17003072208861169135@tinycat.chris-lamb.co.uk>

Control: tags -1 + confirmed

On Thu, 2021-05-13 at 11:16 +0100, Chris Lamb wrote:
> Please consider velocity (1.7-5+deb10u1) for buster:
>   
>   velocity (1.7-5+deb10u1) buster; urgency=medium
>   .
>     * CVE-2020-13936: Prevent a potential arbitrary code execution
> vulnerability
>       that can be exploited by applications that allow untrusted
> users to
>       upload/modify Velocity templates. (Closes: #985220)
> 

Please go ahead.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#988455: buster-pu: package velocity/1.7-5+deb10u1
  - From: "Chris Lamb" <lamby@debian.org>

References:
- Bug#988455: buster-pu: package velocity/1.7-5+deb10u1
  - From: "Chris Lamb" <lamby@debian.org>

Prev by Date: Processed: Re: Bug#988454: buster-pu: package ruby-websocket-extensions/0.1.2-1+deb10u1
Next by Date: Processed: Re: Bug#988455: buster-pu: package velocity/1.7-5+deb10u1
Previous by thread: Bug#988455: buster-pu: package velocity/1.7-5+deb10u1
Next by thread: Bug#988455: buster-pu: package velocity/1.7-5+deb10u1
Index(es):
- Date
- Thread