Hi Enrico,
please pay attention that marking the CVE as no-dsa for LTS release
means that it still needs to be fixed!
We do not have point releases for o-o-stable so this state can just postpone
the upload, but it still needs to be fixed somehow.
If you feel that the patch is too destructive or
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3050-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
June 10, 2022
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 10 Jun 2022 13:37:42 +0200
Source: vlc
Binary: vlc libvlc-dev libvlc5 libvlccore-dev libvlccore9 libvlc-bin vlc-bin
vlc-data vlc-l10n vlc-plugin-base vlc-plugin-access-extra
vlc-plugin-video-output vlc-plugin-video-splitter
On Wed, Jun 08, 2022 at 06:56:33AM +0200, Salvatore Bonaccorso wrote:
> FWIW, for the regular security supported suites we in fact marked
> CVE-2022-27227 already as no-dsa. Unauthoritative answer here, but I
> guess I would do the same for pdns in stretch.
Thank you! I marked it as no-dsa for