Control: tags -1 + confirmed On Wed, 2019-07-31 at 11:13 +0100, Simon McVittie wrote: > GLib in buster is vulnerable to CVE-2019-13012 (configuration files > and directories created with more open permissions than intended), > which the security team have indicated is too minor for a DSA. > <https://bugs.debian.org/931234> > > GLib has a udeb, so this technically needs a d-i ack, although I > can't imagine why d-i would either use GKeyfileSettingsBackend or > care about the resulting permissions.
It does seem rather unlikely, but let's do the CC-for-ack dance in any case. Regards, Adam
