On Thu, Dec 1, 2022 at 7:57 PM Neal Gompa <ngompa13(a)gmail.com> wrote:
> If you need help with any of the rebuilds, feel free to ping me.
> I'm currently handling the same CVE for the capnp Rust crate (where
> thankfully only one application needs to be rebuilt).
>
Help would very much be appreciated, I'm currently underwater with other work.
Sure. I'll look into it tomorrow, it's already getting late here.
I can prepare the Fedora updates, but I don't know how to handle EPEL
updates that change SONAME.
So ... let this serve as notice that we'll likely update capnproto to
version 0.10.3 / 0.9.2 / 0.7.1 whatever version fixes that CVE for the
currently packaged branch, and will need to rebuild dependent
packages, as well (to fix the CVE *and* for the SONAME bump).
Fabio