> ---------- Forwarded message ---------- > From: Markus Koschany <a...@debian.org> > To: Daniel Markstedt <markst...@gmail.com> > Cc: 1043504-d...@bugs.debian.org > Bcc: > Date: Sun, 13 Aug 2023 23:44:58 +0200 > Subject: Re: Bug#1043504: Another regression fix for CVE-2022-23123 > Version: 3.1.12~ds-3+deb10u3 > > Am Freitag, dem 11.08.2023 um 22:45 -0700 schrieb Daniel Markstedt: > > Package: netatalk > > Version: 3.1.12~ds-3+deb10u2 > > X-Debbugs-Cc: t...@security.debian.org,debian-...@lists.debian.org > > > > Dear Debian Security team, > > > > Would you be able to help me get the following critical regression fix > > into the Buster netatalk package? > > Hello Daniel, > > thank you for the report. I have just released DLA-3426-3 and believe this is > fixed in 3.1.12~ds-3+deb10u3 now. > > Regards, > > Markus
Wonderful, thank you for the quick turnaround on the upload. I updated to deb10u3 on by Buster system and ran a few tests. It seems to work as expected! As a side note, I filed a release request with the Release team last night to get traction with patching the Bullseye package as well. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049325 I'm following the guidelines here so hopefully I'm on the right track. :) https://lists.debian.org/debian-devel-announce/2019/08/msg00000.html Cheers, Daniel