Mark Esler <email address hidden> (2024-06-19):
> Thank you for taking the time to report this Cyril.
No worries at all.
> Do you know if Google intends to assign a CVE?
That I don't know, I've been mainly in contact with CrowdSec's upstream
developers (who notified me about the problem with the Debian/Ubuntu
packages) and with the various Debian teams to see how to best address
this in stable (i.e. security then release teams).
Note the google/nftables issue was detected and fixed a year ago
already, we just failed to notice earlier. :(
Hi,
Mark Esler <email address hidden> (2024-06-19):
> Thank you for taking the time to report this Cyril.
No worries at all.
> Do you know if Google intends to assign a CVE?
That I don't know, I've been mainly in contact with CrowdSec's upstream
developers (who notified me about the problem with the Debian/Ubuntu
packages) and with the various Debian teams to see how to best address
this in stable (i.e. security then release teams).
Note the google/nftables issue was detected and fixed a year ago
already, we just failed to notice earlier. :(
Cheers, /debamax. com/
--
Cyril Brulebois -- Debian Consultant @ DEBAMAX -- https:/