Hey Moritz, Moritz Muehlenhoff wrote:
This was assigned CVE-2021-33038: https://gitlab.com/mailman/hyperkitty/-/issues/380Patch is here: https://gitlab.com/mailman/hyperkitty/-/commit/9025324597d60b2dff740e49b70b15589d6804fa
Thanks a lot for reporting the security bug!I'll upload hyperkitty 1.3.4-4 in a few minutes with the patch applied. Will open an unblock request for Bullseye as soon as the package hit the archive.
Do you want to take care of preparing an upload to buster-security or shall I prepare that one as well?
Kind regards jonas
OpenPGP_signature
Description: OpenPGP digital signature
