© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
demo site
(Get the code!)
Hello Łukasz, thank you for your reply.
The CVEs affecting jami (ring) 20230206.0~ds2-1.3:
https:/
See the 'bookworm' column.
I believe they're all in jami's vendored copy of pjsip, and most have a relatively high score.
All things considered, I believe it would be beneficial for our users if we instead include the latest jami 20230922.0~ds1-1 (from Debian unstable) in mantic (which needs opendht 3.0.0). As mentioned above, I maintain both of these packages in Debian and believe their latest versions from unstable to be in good shape for consideration for inclusion in mantic. And as I'm regularly in touch and work with upstream, I'd be happy to help with their maintenance in Ubuntu and help fix any potential issues.
opendht 3.0.0 would be a tiny transition (it has only one other reverse dep, jami, which has no reverse deps) which as mentioned above was already successfully completed in Debian unstable. But since neither of the two packages are seeded, even if I could upload them shortly after the next week's release (as an SRU) that would also be helpful.
Thank you again for considering this request.