Bug#1105009: Info received (Bug#1105009: Acknowledgement (bookworm-pu: package erlang/1:25.2.3+dfsg-1+deb12u2))
- To: Salvatore Bonaccorso <carnil@debian.org>
- Cc: 1105009@bugs.debian.org
- Subject: Bug#1105009: Info received (Bug#1105009: Acknowledgement (bookworm-pu: package erlang/1:25.2.3+dfsg-1+deb12u2))
- From: Sergei Golovan <sgolovan@debian.org>
- Date: Sun, 20 Jul 2025 15:49:45 +0300
- Message-id: <[🔎] CAOq2pXFzuFTt_NOcSbgZi7_Zg2+mjd7fkarifnhTpJqm=W-aqw@mail.gmail.com>
- Reply-to: Sergei Golovan <sgolovan@debian.org>, 1105009@bugs.debian.org
- In-reply-to: <aF27adMvvN6CMAmS@eldamar.lan>
- References: <CAOq2pXHhigFdvzW=Cam8_+gLFNg5NAJoZ98R_eRGwUuDRSBNoA@mail.gmail.com> <handler.1105009.B1105009.17509340591356266.ackinfo@bugs.debian.org> <174682517864.143347.15697482558828109311.reportbug@jupiter.golovan.home> <CAOq2pXHjwsi2LWB=VxL0bJU5BfQOetFaYbCkA0A=OA02kRyUDA@mail.gmail.com> <aF27adMvvN6CMAmS@eldamar.lan> <174682517864.143347.15697482558828109311.reportbug@jupiter.golovan.home>
Hi Salvatore,
On Fri, Jun 27, 2025 at 12:28 AM Salvatore Bonaccorso <carnil@debian.org> wrote:
>
> Hi Sergei,
>
> On Thu, Jun 26, 2025 at 01:38:27PM +0300, Sergei Golovan wrote:
> > Hi!
> >
> > Sorry, I forgot to include links to the relevant bugreports:
> >
> > [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107939
> > [2] https://security-tracker.debian.org/tracker/CVE-2025-4748
>
> Just as FYI, to get the fixes accepted for the bookworm-pu it is
> needed that they are as well fixed in unstable (and so now as well
> trixie).
>
> But I see you have already #1108338, and there is though a question
> with moreinfo tag from Paul Gevers.
Now, as #1108338 is done, and Erlang 27.3.4.1+dfsg-1 is already in testing,
I'd like to proceed with fixing CVE-2025-4748 and CVE-2025-46712 in bookworm
as well.
Cheers!
--
Sergei Golovan
Reply to: