On Sat, May 29, 2021 at 10:43:21AM +0200, David Bürgin wrote:
> > This appears to have been fixed in
> > https://github.com/trusteddomainproject/OpenDMARC/commit/f3a9a9d4edfaa05102292727d021683f58aa4b6e,
> > could we get that in Bullseye?
>
> This isn’t the only commit for CVE-2020-12272.
Thanks, can you please provide the additional commits needed that so we can
update
the Debian Security Tracker?
> I have been preparing OpenDMARC 1.4.1.1 for bookworm in Salsa. I’m also
> preparing patches for all open CVEs for bullseye. Unless Scott wants to
> push this forward faster, I expect the patches to be in the first
> security update or so.
Better let's push these to bullseye before it gets released, then. Security
fixes are perfectly fine during the current freeze still.
Cheers,
Moritz
