Bug#1013893: bullseye-pu: package rhonabwy/0.9.13-3+deb11u1

To: Nicolas Mora <babelouest@debian.org>, 1013893@bugs.debian.org
Subject: Bug#1013893: bullseye-pu: package rhonabwy/0.9.13-3+deb11u1
From: Jonathan Wiltshire <jmw@debian.org>
Date: Mon, 24 Jul 2023 18:38:35 +0100
Message-id: <[🔎] ZL63G+T6HdiJ8i4N@powdarrmonkey.net>
Reply-to: Jonathan Wiltshire <jmw@debian.org>, 1013893@bugs.debian.org
In-reply-to: <165627940222.12101.18276776410537965.reportbug@galahad>
References: <165627940222.12101.18276776410537965.reportbug@galahad> <165627940222.12101.18276776410537965.reportbug@galahad>

Control: tag -1 confirmed

On Sun, Jun 26, 2022 at 05:36:42PM -0400, Nicolas Mora wrote:
> [ Reason ]
> Fix possible buffer overflow when decrypting forged jwe with invalid iv or
> cypherkey

Please go ahead, mentioning the CVE number in the changelog.

Thanks,


-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Reply to:

Prev by Date: Bug#1036811: bullseye-pu: package ncurses/6.2+20201114-2+deb11u2
Next by Date: Processed: Re: Bug#1007787: bullseye-pu: package adduser/3.118
Previous by thread: Processed: retitle 1036145 to RM: varconf -- RoM; unstable upstream, unsuitable for Debian
Next by thread: Processed: Re: Bug#1013893: bullseye-pu: package rhonabwy/0.9.13-3+deb11u1
Index(es):
- Date
- Thread