(In reply to Andreas Stieger from comment #6) > > is is also needed for openSUSE:Backports:SLE-15-SP2:Update, > not maintained? it is marked as being maintained, not sure whats going on. I'll ask. > > openSUSE:Backports:SLE-15-SP3:Update > > Not according to > https://weechat.org/doc/security/WSA-2022-1/ > https://weechat.org/doc/security/version/2.8/ not for this issue indeed. I would update to 3.4.1 as well as it includes a much higher priorty fix for https://weechat.org/doc/security/WSA-2021-1/ which we're missing here. CVE-2021-40516 is upstream marked as high severity (SUSE marked it as minor severity, not sure about that). > > > and openSUSE:Backports:SLE-15-SP4> > Let's put 3.4.1 there from the devel project. agreed > > Maximilian check your review queue.