Sergei, Markus, On Wed, Nov 30, 2022 at 04:25:17PM +0300, Sergei Golovan wrote: > Hi Markus, > > On Wed, Nov 30, 2022 at 4:15 PM Markus Koschany <a...@debian.org> wrote: > > > > Hello, > > > > I have prepared a security update for Bullseye which fixes CVE-2022-37026. > > Sergei could you review the update please? I am attaching the debdiff. > > I'm also preparing a fix for CVE-2022-37026, but I'll gladly consider > your patch first. Thank you for the work!
The upcoming point release for 11.6 is scheduled for 17th with uploading window closing the upcoming weekend. If we are confident enough about potential regressions, can you make sure the fix land in the next bullseye point release? Note, there is some concern, as https://bugzilla.suse.com/show_bug.cgi?id=1205318#c14 might be relevant, do you know more about regressions? Or are we safe applying the known regression fixes as tracked in the security-tracker? Regards, Salvatore