Hi, On Tue, 13 Sep 2022, Abhijith PA wrote: > > Yes, that'd make sense. I'll start a separate thread for > > CVE-2022-32224. Roll back for now so there's no regression at least. > > I've disabled patch for CVE-2022-32224. Also tested against redmine. > Looks good for me. Can you give a smoke test. I will upload to > archive. > > https://people.debian.org/~abhijith/upload/fix_rails/
I upgrade to this package and the debci API is working. So from my point of view, the regression is gone. Don't forge to update security tracker so that CVE-2022-32224 is again marked as unhandled. Cheers, -- ⢀⣴⠾⠻⢶⣦⠀ Raphaël Hertzog <hert...@debian.org> ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋ The Debian Handbook: https://debian-handbook.info/get/ ⠈⠳⣄⠀⠀⠀⠀ Debian Long Term Support: https://deb.li/LTS
