On 7/6/25 15:57, Salvatore Bonaccorso wrote:
Package: release.debian.org
Severity: normal
X-Debbugs-Cc: [email protected], Yadd <[email protected]>,
[email protected], [email protected]
Control: affects -1 + src:node-tar-fs
User: [email protected]
Usertags: unblock
Hi Yadd, hi release team
node-tar-fs in trixie in vulnerable to CVE-2025-48387. The version
uploaded to unstable, node-tar-fs/3.0.9+~cs2.0.4-1 fixes the issue,
ubt cannot migrate automatically as it is a key package.
Yadd, was is your take on it?
Regards,
Salvatore
Hi,
I sent the whole explanation into #1108872. Thanks to have seen this
missing migration
Best regards,
Xavier
