On Sun, 20 Dec 2020 11:50:42 +0200 Adrian Bunk <b...@debian.org> wrote: > this is a regression in 1.2.1+dfsg-2 that is currently in both > buster-security (which was done on top of 1.2.1+dfsg-2 that > introduced the regression, not on top of 1.2.1+dfsg-1 in buster) and > in unstable/testing (which currently misses the CVE fixes). > > It would be good if you could make an upload to unstable with this > bug fixed on top of 1.2.1+dfsg-2+deb10u1, and then backport that > change to buster. > > Please coordinate with the security team whether this would warrant a > regression update to the DSA or should be done through the next point > release.
Hi, Team. Does anyone mind against uploading fix to stable-proposed-update? The fix is here: https://salsa.debian.org/debian/minidlna/-/commits/buster-security/ Or should it go to buster-security? Also uploaded to unstable as 1.2.1+dfsg-3 -- Best regards, Alexander Gerasiov Contacts: e-mail: a...@gerasiov.net WWW: https://gerasiov.net TG/Skype: gerasiov PGP fingerprint: 04B5 9D90 DF7C C2AB CD49 BAEA CA87 E9E8 2AAC 33F1
