Among the 1 debian patch
available in version 3.0.1-3 of the package,
we noticed the following issues:
1 patch
where the metadata indicates that the patch has not yet been forwarded
upstream. You should either forward the patch upstream or update the
metadata to document its real status.
1 issue left for the package maintainer to handle:
CVE-2022-28948:
(needs triaging)
An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize invalid input.