Bug#1053307: glib2.0 2.66.8-1+deb11u1 flagged for acceptance

To: Simon McVittie <smcv@debian.org>, 1053307@bugs.debian.org
Subject: Bug#1053307: glib2.0 2.66.8-1+deb11u1 flagged for acceptance
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sun, 03 Dec 2023 11:12:22 +0000
Message-id: <[🔎] aed76377c83839757985746c0d2f18e7d9743014.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1053307@bugs.debian.org
In-reply-to: <ZVDxy2JgwkpVb9Y-@tautology.pseudorandom.co.uk>
References: <ZRlPaZIz4Ns16pWO@tautology.pseudorandom.co.uk> <E1r2Bv8-00Eu01-As@coccia.debian.org> <ZVDxy2JgwkpVb9Y-@tautology.pseudorandom.co.uk> <ZRlPaZIz4Ns16pWO@tautology.pseudorandom.co.uk>

On Sun, 2023-11-12 at 15:39 +0000, Simon McVittie wrote:
> On Sun, 12 Nov 2023 at 14:58:42 +0000, Adam D Barratt wrote:
> > Package: glib2.0
> > Version: 2.66.8-1+deb11u1
> > 
> > Explanation: align with upstream stable fixes; fix denial of
> > service issues [CVE-2023-32665 CVE-2023-32611 CVE-2023-29499 CVE-
> > 2023-32636]; fix buffer overflow issue [CVE-2023-32643]
> 
> If you're able to adjust the release notes between now and the 11.9
> point release, you might want to change this wording so it just
> mentions the DoS issues and other stable-branch fixes, but excludes
> the buffer overflow issue CVE-2023-32643 from the description of this
> update.

Thanks for the note. I've dropped CVE-2023-32643 from the description
of the update.

Regards,

Adam

Reply to:

Prev by Date: Processed: Re: Bug#1054401: bookworm-pu: package nagios-plugins-contrib/42.20230308+deb12u1
Next by Date: Bug#1055588: jdupes 1.21.3-1+deb12u1 flagged for acceptance
Previous by thread: Re: maintainer built binary package in stable release, still (Re: Bug#1054401: bookworm-pu: package nagios-plugins-contrib/42.20230308+deb12u1)
Next by thread: Bug#1055588: jdupes 1.21.3-1+deb12u1 flagged for acceptance
Index(es):
- Date
- Thread