Hi Andrea, On Thu, Jul 13, 2023 at 12:11:07PM +0200, Bastian Germann wrote: > Am 13.07.23 um 12:09 schrieb Andrea Pappacoda: > > Il giorno gio 13 lug 2023 alle 12:08:28 +02:00:00, Bastian Germann > > <b...@debian.org> ha scritto: > > > 2.: Please email the security team with the debdiff instead. > > > > Ok, so they'll push it to the archive for me? Perfect! > > They will tell you what to do. Sometimes they say to hand in a stable update > (for point release) instead.
The issue (CVE-2023-26130) in fact does not warrant a DSA, cf. as well already the status in https://security-tracker.debian.org/tracker/CVE-2023-26130 . Can you fix it please via an upcoming point release? If you are fast enough it can make it as well even for the 12.1 release. Regards, Salvatore