I goofed about the CVE. still a new release is available and a ajor update is coming to adapt software to new feature integrated in Linux 5.4 (from github pull requests).
----- Mail original ----- > De: "Paride Legovini" <p...@ninthfloor.org> > À: "Eric Valette" <eric.vale...@free.fr>, 945...@bugs.debian.org > Envoyé: Mardi 26 Novembre 2019 10:10:24 > Objet: Re: Bug#945398: fscrypt: a new version is available > > Eric Valette wrote on 24/11/2019: > > Package: fscrypt > > Version: 0.2.4-2+b10 > > Severity: wishlist > > > > A new version has been published that contains the CVE fix. > > Hello Eric, > > Thanks for the reminder, I should be able to get to it soon. > > Are you sure v0.2.5 fixes a CVE? The release notes at [1] do not > mention > it, while whey mention a CVE being fixed in v0.2.4, which is the > current > version in Debian. > > Paride > > https://github.com/google/fscrypt/releases >
