From Santiago Vila@21:1/5 to All on Wed May 14 22:10:01 2025
Hello.
I've made a team upload for Bug #1104509 (Internet access during build),
mainly to remove items in the todo list, since the fix was trivial.
I was considering to fix this CVE bug as well, and I actually tried
backporting the upstream fix, but then the package would not build anymore (will try to put what I did somewhere).
How much feasible would be that we would fix the CVE by packaging the new upstream version (1.3.2) which is available? I could try that if that's
the best course of action, but for upgrading to a new upstream release
I would prefer somebody else to care of it.
[ BTW: Hopefully this email resets the counter for the autoremoval
due to this bug ]