[x] I have read the MiKTeX Contributing Guidelines
Greetings, I work for a large company that has to individually package each desktop install for vulnerability management to provide c updates to every desktop in the org that impacted. The latest version on the website has an open CVE associated with it that we are required to remediate else we will have to stop using this product. Kindly requesting a new windows installer package for 23.5 be added to MikTex website so we can start work on remediation of the open CVE.
After review, we are not able to take the recommendation "I would recommend that you simply update the luatex binary package in order to get the security fix." and package it ourselves to remediate the CVE. Can you please upload a new version here https://miktex.org/download ASAP so we can continue using this product? We are now at the date where we have to make a decision regarding removal from our company instead of continued use based on open vulnerabilities with the current download available.
Understandably we have several users who would like to continue using the product. (this impacts 300+ assets in our company)
After review, we are not able to take the recommendation "I would recommend that you simply update the luatex binary package in order to get the security fix." and package it ourselves to remediate the CVE. Can you please upload a new version here https://miktex.org/download ASAP so we can continue using this product? We are now at the date where we have to make a decision regarding removal from our company instead of continued use based on open vulnerabilities with the current download available.
Understandably we have several users who would like to continue using the product. (this impacts 300+ assets in our company)