[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1105009: Info received (Bug#1105009: Acknowledgement (bookworm-pu: package erlang/1:25.2.3+dfsg-1+deb12u2))

Hi Sergei,

On Sun, Jul 20, 2025 at 03:49:45PM +0300, Sergei Golovan wrote:
> Hi Salvatore,
> 
> On Fri, Jun 27, 2025 at 12:28 AM Salvatore Bonaccorso <carnil@debian.org> wrote:
> >
> > Hi Sergei,
> >
> > On Thu, Jun 26, 2025 at 01:38:27PM +0300, Sergei Golovan wrote:
> > > Hi!
> > >
> > > Sorry, I forgot to include links to the relevant bugreports:
> > >
> > > [1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107939
> > > [2] https://security-tracker.debian.org/tracker/CVE-2025-4748
> >
> > Just as FYI, to get the fixes accepted for the bookworm-pu it is
> > needed that they are as well fixed in unstable (and so now as well
> > trixie).
> >
> > But I see you have already #1108338, and there is though a question
> > with moreinfo tag from Paul Gevers.
> 
> Now, as #1108338 is done, and Erlang 27.3.4.1+dfsg-1 is already in testing,
> I'd like to proceed with fixing CVE-2025-4748 and CVE-2025-46712 in bookworm
> as well.

Thanks!

For bookworm, as they are considered no-dsa already, can you queue the
update for the next bookworm point release?

Regards,
Salvatore
Reply to: