On Sun, 12 Apr 2026 at 17:41:22 +0000, Moritz Mühlenhoff wrote:
On Tue, 07 Apr 2026 at 21:09:26 +0100, Simon McVittie wrote:
debdiff and source package here:
https://people.debian.org/~smcv/temp/2026/CVE-2026-34080/
functionally-equivalent test-build with a slightly lower version number:
https://people.debian.org/~smcv/temp/2026/CVE-2026-34080/testbuild/
Let's also fix this via a DSA. debdiff looks good, please build with -sa
and upload to security-master.
Uploaded. I'll try to get to the bookworm backport at some point,
probably as a batch with backporting the recent security fix for flatpak
(it makes sense to test them together, even if they aren't necessarily
released together).
smcv
