Fully recognizing we all must balance multiple priorities, I'm still waiting to hear back from active Salt maintainer(s) to progress closing this bug.
Until the bug can properly be closed and given these CVE bugs do not apply to Debian, with the goal of preventing Salt from being autoremoved from the next Debian release Bullseye circa 2021-April-27, I intent do lower the Severity of this bug (#985085) later this week (e.g. current Grave to Minor). respectfully, donfede # BTS closing policy https://www.debian.org/Bugs/Developer#closing # BTS severity descriptions https://www.debian.org/Bugs/Developer#severities # Salt Team ML and archive https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-salt-team
signature.asc
Description: PGP signature
