Hi Utkarsh, On Wed, Jan 11, 2023 at 07:14:42PM +0530, Utkarsh Gupta wrote: > Package: release.debian.org > User: release.debian....@packages.debian.org > Tags: bullseye > Severity: normal > > Hello, > > src:tomcat9 has been affected by debbug #1020948 which was fixed in > sid and thus would want to backport the fix to bullseye in the next > point release. > > It was noticed that the tomcat-locate-java.sh script which seems to be > in charge of identifying the Java version to use doesn't have version > 17 listed. This is a trivial (and thus a low regression) fix. > > Debdiff is duly attached. Let me know if you any more information. TIA! \o/
Only a suggestion, given your LTS team involvement with security updates: If you have enough spare time, there are two CVEs as well, which would would not warrant an immediate DSA, marked no-dsa/postponed, which could be included in a bullseye-pu update? https://security-tracker.debian.org/tracker/CVE-2022-42252 https://security-tracker.debian.org/tracker/CVE-2022-45143 Regards, Salvatore