On Tue, Sep 24, 2024 at 07:02:07PM +0300, Adrian Bunk wrote:
> Package: release.debian.org
> Severity: normal
> Tags: bookworm moreinfo
> User: release.debian....@packages.debian.org
> Usertags: pu
> X-Debbugs-Cc: Debian HA Maintainers
> <debian-ha-maintain...@alioth-lists.debian.net>, secur...@debian.org
>
> * CVE-2024-3049: wrong hmac might be accepted (Closes: #1073249)
>
> Tagged moreinfo, as question to the security team it they want this
> fix in -pu or as DSA.
That's fine for a DSA and the debdiff looks fine, so please upload to
security-master. Thanks!
Cheers,
Moritz
