The initial fix for CVE-2023-6377 as applied in DSA 5576-1 did not fully fix the vulnerability. Updated packages correcting this issue including the upstream merged commit are now available.
https://security-tracker.debian.org/tracker/DSA-5576-2
Continue reading...
https://security-tracker.debian.org/tracker/DSA-5576-2
Continue reading...