Comment 1 for bug 1763905

Hi, thanks for the report. Unfortunately, as the issue is public, we can not issue a CVE for it. I have submitted a CVE request to https://cveform.mitre.org/ and will report back when MITRE has assigned a CVE for this issue.

Also, since the package referred to in this bug is in universe, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures .

Thanks!