On Wed, Sep 15, 2021 at 06:23:14AM +0200, Salvatore Bonaccorso wrote: > Hi James, > > On Tue, Sep 14, 2021 at 09:06:22PM -0400, James McCoy wrote: > > On Sat, Sep 11, 2021 at 09:26:04AM +0200, Salvatore Bonaccorso wrote: > > > The following vulnerability was published for vim. > > > > > > CVE-2021-3770[0]: > > > | vim is vulnerable to Heap-based Buffer Overflow > > > > > > The fix is at [1] but needed a followup [2]. > > > > Does this need to go through bullseye-security or would a bullseye > > upload suffice? I have a couple other fixes (#993766 and maybe #994209) > > in the pipeline that would be good for bullseye, so I could group these > > together. > > IMHO it should be enough to route the update trough the upcoming point > release(s) for bullseye and buster (would you as well prepare an > update there for buster?)
Yeah, I'll try to get them done in the next few days (for both releases). Cheers, -- James GPG Key: 4096R/91BF BF4D 6956 BD5D F7B7 2D23 DFE6 91AE 331B A3DB
