Control: tags -1 moreinfo

On 2023-03-19 17:48:16 +0530, Pirate Praveen wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian....@packages.debian.org
> Usertags: unblock
> X-Debbugs-Cc: ruby-asciidoctor-include-...@packages.debian.org
> Control: affects -1 + src:ruby-asciidoctor-include-ext
> 
> Please unblock package ruby-asciidoctor-include-ext
> 
> [ Reason ]
> This fixes a security issue CVE-2022-24803/#1009035 though it also includes
> an upstream update.
> This was uploaded to experimental on 2022-06-26 but missed reuploading to
> unstable as gitlab was
> using the versions directly from experimental (it was uploaded to
> experimental to not break the
> previos gitlab version before it switched to 0.4 version). Noticed this
> today in the rc bug list.
> 
> [ Impact ]
> Only reverse dependency is gitlab so it should not impact any other package
> in bookworm.
> 
> [ Tests ]
> gitlab in experimental was using it already for quite some time (upstream
> gitlab tests are fine)
> 
> [ Risks ]
> For bookworm it is a leaf package (only used by gitlab which is in
> unstable/experimental only)
> 
> [ Checklist ]
>  [x] all changes are documented in the d/changelog
>  [x] I reviewed all changes and I approve them
>  [ ] attach debdiff against the package in testing

Please provide a debdiff

Cheers

> 
> [ Other info ]
> Since it has some other upstream changes, I have not included the debdiff.
> 
> unblock ruby-asciidoctor-include-ext/0.4.0-2
> 

-- 
Sebastian Ramacher

Reply via email to