Bug#1031652: bullseye-pu: package c-ares/1.17.1-1+deb11u1 CVE-2022-4904

To: Gregor Jasny <gjasny@googlemail.com>, 1031652@bugs.debian.org
Subject: Bug#1031652: bullseye-pu: package c-ares/1.17.1-1+deb11u1 CVE-2022-4904
From: Jonathan Wiltshire <jmw@debian.org>
Date: Wed, 15 Mar 2023 21:32:20 +0000
Message-id: <[🔎] ZBI5ZKF6gGkz5+Pl@powdarrmonkey.net>
Reply-to: Jonathan Wiltshire <jmw@debian.org>, 1031652@bugs.debian.org
In-reply-to: <167683713712.23543.14172443421745620139.reportbug@sid.fritz.box>
References: <167683713712.23543.14172443421745620139.reportbug@sid.fritz.box> <167683713712.23543.14172443421745620139.reportbug@sid.fritz.box>

Control: tag -1 confirmed

On Sun, Feb 19, 2023 at 09:05:37PM +0100, Gregor Jasny wrote:
> I'd like to upload a new version of c-ares which fixes
> CVE-2022-4904 (#1031525). According to the assessment of the 
> Security Team the bug is not severe enough to warrant an upload
> to bullseye-seurity but the patch should go into -proposed instead.

Please go ahead.

Thanks,


-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Reply to:

Prev by Date: Processed: Re: Bug#1031652: bullseye-pu: package c-ares/1.17.1-1+deb11u1 CVE-2022-4904
Next by Date: Auto-rejecting packages with a broken Maintainer field?
Previous by thread: Processed: Re: Bug#1031279: bullseye-pu: package flask-security/4.0.0-1+deb11u1
Next by thread: Processed: Re: Bug#1031652: bullseye-pu: package c-ares/1.17.1-1+deb11u1 CVE-2022-4904
Index(es):
- Date
- Thread