[pkg-cryptsetup-devel] Security issue (CVE-2021-4122) in cryptsetup 2:2.3.5-1
Guilhem Moulin
guilhem at debian.org
Wed Feb 9 08:47:30 GMT 2022
Hi,
On Tue, 01 Feb 2022 at 17:59:41 +0100, Guilhem Moulin wrote:
> We'll have to break compatibility at some point, and I don't have a
> strong opinion whether it's best to wait for Bookwork or bite the
> bullet and do it now for 11.3 through bullseye-security. I think it's
> best to follow your and the rest of the security team's advice and
> preference :-) New debdiff against 2:2.3.5-1 attached and tested (incl.
> the full privileged upstream test suite).
So should I upload 2:2.3.7-1+deb11u1 to security-master? :-) The
debdiff boils down to upstream's v2.3.5...v2.3.7 plus d/changelog and
some paperwork (d/gbp.conf, d/salsa-ci.yml) to prep the new branch.
cheers
--
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20220209/a397fcb3/attachment.sig>
More information about the pkg-cryptsetup-devel
mailing list