A new upstream version 2.11.4 is available, you should consider packaging it.
debian/patches: 1 patch with invalid metadata, 1 patch to forward upstream
high
Among the 2 debian patches
available in version 2.10.6-2 of the package,
we noticed the following issues:
1 patch with
invalid metadata that ought to be fixed.
1 patch
where the metadata indicates that the patch has not yet been forwarded
upstream. You should either forward the patch upstream or update the
metadata to document its real status.
1 issue left for the package maintainer to handle:
CVE-2024-3772:
(needs triaging)
Regular expression denial of service in Pydanic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted email string.