Hi, I did this research and the reason that I’m writing to you is that for all listed CVE I found status “vulnerable” where fix is not available. Can you estimate date of providing fix for those issues?
Radosław (Radek) Chmielewski Global IT Client Service Manager IBM Global Process Services +48 661 9784446 [email protected]<mailto:[email protected]> IBM BTO Business Consulting Services Sp. z o.o. ul. Armii Krajowej 16, 30-150 Kraków NIP: 677-216-02-67 Sąd Rejonowy dla Krakowa-Śródmieścia w Krakowie, XI WydziałGospodarczy KRS Nr KRS: 0000115809, Kapitałzakładowy: 210.000 PLN From: David Bremner <[email protected]> Date: Tuesday, 7 January 2025 at 20:54 To: Radoslaw Chmielewski <[email protected]>, [email protected] <[email protected]> Subject: [EXTERNAL] Re: Fix date - CVE-2021-3575, CVE-2023-39327, CVE-2023-39328, CVE-2023-39329, CVE-2023-5841, CVE-2024-31047 Radoslaw Chmielewski <[email protected]> writes: > Hi, > > Can you advice when we can expect fix an issue linked to CVE-2021-3575, > CVE-2023-39327, CVE-2023-39328, CVE-2023-39329, CVE-2023-5841, CVE-2024-31047? > > Thank you for your response in advance. I suggest you start your investigation with the security tracker. https://security-tracker.debian.org/tracker If you have further questions, probably following up to the individual bugs linked from security tracker pages is the most useful thing to do. Debian is a volunteer driven project, so it's unlikely anyone will be able to commit to a schedule for you. If these particular bugs are important for your business, we are always looking volunteers to help with package maintenance.
