Control: tags -1 + confirmed On Thu, 2021-04-22 at 17:36 +0000, Thorsten Alteholz wrote: > The attached debdiff for leptonlib fixes five CVEs in Buster: > - CVE-2020-36277 > - CVE-2020-36278 > - CVE-2020-36279 > - CVE-2020-36280 > - CVE-2020-36281 > > According to Moritz, they should have been marked as no-dsa by the > security team. > Please go ahead, thanks. Regards, Adam