Bug#1034713: bullseye-pu: package php-guzzlehttp-psr7/1.7.0-1+deb11u2

To: David Prévot <taffit@debian.org>, 1034713@bugs.debian.org
Subject: Bug#1034713: bullseye-pu: package php-guzzlehttp-psr7/1.7.0-1+deb11u2
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sun, 23 Apr 2023 12:31:50 +0100
Message-id: <[🔎] 9ebf58301f2cbdafc74f5b96c70bf1ad76adfb6b.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1034713@bugs.debian.org
In-reply-to: <[🔎] ZEO0OdUOy7xQEK7n@persil.tilapin.org>
References: <[🔎] ZEO0OdUOy7xQEK7n@persil.tilapin.org> <[🔎] ZEO0OdUOy7xQEK7n@persil.tilapin.org>

Control: tags -1 + confirmed

On Sat, 2023-04-22 at 12:17 +0200, David Prévot wrote:
> I’d like to fix an improper input validation [CVE-2023-29197]
> filed as #1034581. This is a follow up from [CVE-2022-24775]
> filed as #1008236 that was fixed via a previous point release.
> The security team filed those bugs with a non-RC severity, so
> I assume they don’t expect to release a DSA for it (as for the
> previous main issue), anyway the team is X-D-Cc.
> 

The Security Tracker agrees. Please go ahead.

Regards,

Adam

Reply to:

References:
- Bug#1034713: bullseye-pu: package php-guzzlehttp-psr7/1.7.0-1+deb11u2
  - From: David Prévot <taffit@debian.org>

Prev by Date: Bug#1034621: marked as done ([pre-approval] unblock: arno-iptables-firewall/2.1.1-8)
Next by Date: Processed: Re: Bug#1034713: bullseye-pu: package php-guzzlehttp-psr7/1.7.0-1+deb11u2
Previous by thread: Processed: bullseye-pu: package php-guzzlehttp-psr7/1.7.0-1+deb11u2
Next by thread: Processed: Re: Bug#1034713: bullseye-pu: package php-guzzlehttp-psr7/1.7.0-1+deb11u2
Index(es):
- Date
- Thread