Your message dated Sat, 10 Jan 2026 11:59:45 +0000
with message-id <[email protected]>
and subject line Released with 12.13
has caused the Debian Bug report #1124621,
regarding bookworm-pu: package debian-security-support/1:12+2026.01.04
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1124621: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1124621
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: security
X-Debbugs-Cc: [email protected], Debian Security Team
<[email protected]>
Control: affects -1 + src:debian-security-support
User: [email protected]
Usertags: pu
[ Reason ]
To inform the users about the following changes:
debian-security-support (1:12+2026.01.04) bookworm; urgency=medium
[ Holger Levsen ]
* Mark zabbix as limited support, thanks to Moritz Muehlenhoff.
Closes: #1124558.
* Mark hdf5 as limited supported, thanks to Jochen Sprickerhof.
Closes: #1117607.
* Mark dnsdist, pdns, pdns-recursor as EOL. Thanks to Bastien Roucariès.
Closes: #1119290.
* Add libsoup2.4 and libsoup3 to limited support. Thanks to Simon McVittie.
Closes: #1109118.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
[ Other info ]
(Anything else the release team should know.)
Thank you for your work on bookworm!
--
cheers,
Holger
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org
⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
⠈⠳⣄
Everything so stupid but I have faith it can get stupider.
diff -Nru debian-security-support-12+2025.06.20/debian/changelog debian-security-support-12+2026.01.04/debian/changelog
--- debian-security-support-12+2025.06.20/debian/changelog 2025-06-20 22:58:38.000000000 +0200
+++ debian-security-support-12+2026.01.04/debian/changelog 2026-01-04 13:20:51.000000000 +0100
@@ -1,3 +1,17 @@
+debian-security-support (1:12+2026.01.04) bookworm; urgency=medium
+
+ [ Holger Levsen ]
+ * Mark zabbix as limited support, thanks to Moritz Muehlenhoff.
+ Closes: #1124558.
+ * Mark hdf5 as limited supported, thanks to Jochen Sprickerhof.
+ Closes: #1117607.
+ * Mark dnsdist, pdns, pdns-recursor as EOL. Thanks to Bastien Roucariès.
+ Closes: #1119290.
+ * Add libsoup2.4 and libsoup3 to limited support. Thanks to Simon McVittie.
+ Closes: #1109118.
+
+ -- Holger Levsen <[email protected]> Sun, 04 Jan 2026 13:20:51 +0100
+
debian-security-support (1:12+2025.06.20) bookworm; urgency=medium
* Query source:Package instead of Source to get the list of packages
diff -Nru debian-security-support-12+2025.06.20/security-support-ended.deb12 debian-security-support-12+2026.01.04/security-support-ended.deb12
--- debian-security-support-12+2025.06.20/security-support-ended.deb12 2025-06-20 22:54:47.000000000 +0200
+++ debian-security-support-12+2026.01.04/security-support-ended.deb12 2026-01-04 13:20:28.000000000 +0100
@@ -15,3 +15,6 @@
libnet-easytcp-perl 0.26-6 2025-01-18 https://bugs.debian.org/1093386; unmaintained upstream
php-horde.* 0 2025-03-22 https://lists.debian.org/debian-lts/2025/03/msg00012.html; incompatible with PHP8
ckeditor3 3.6.6.1+dfsg-7 2025-04-04 Only present as a build dependency for virtuoso-opensource, no updates will be issued
+dnsdist 1.7.3-2 2025-10-01 No security support upstream and backports not feasible, only for use on private and trusted network
+pdns 4.7.3-2 2025-10-01 No security support upstream and backports not feasible, only for use on private and trusted network
+pdns-recursor 4.8.8-1+deb12u1 2025-10-01 No security support upstream and backports not feasible, only for use on private and trusted network
diff -Nru debian-security-support-12+2025.06.20/security-support-limited debian-security-support-12+2026.01.04/security-support-limited
--- debian-security-support-12+2025.06.20/security-support-limited 2025-06-20 22:54:47.000000000 +0200
+++ debian-security-support-12+2026.01.04/security-support-limited 2026-01-04 13:20:51.000000000 +0100
@@ -14,9 +14,12 @@
golang.* See https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#golang-static-linking
gobgp See https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#golang-static-linking
gnupg1 See #982258 and https://www.debian.org/releases/stretch/amd64/release-notes/ch-whats-new.en.html#modern-gnupg
+hdf5 limited Not covered by security support, only suitable for trusted content, see #1117722
jython Includes python2.7 stdlib, support limited until Py3 port, see #975058 and https://lists.debian.org/debian-lts/2024/08/msg00027.html
kde4libs khtml has no security support upstream, only for use on trusted content
khtml khtml has no security support upstream, only for use on trusted content, see #1004293
+libsoup2.4 Only supported as a client, not as a server: see https://gitlab.gnome.org/GNOME/libsoup/-/commit/2a9d8ecc45bb814f6a81b1241e6c0c55d632aa28
+libsoup3 Only supported as a client, not as a server: see https://gitlab.gnome.org/GNOME/libsoup/-/commit/2a9d8ecc45bb814f6a81b1241e6c0c55d632aa28
libspring-java See README.Debian.security included in the package
mozjs102 Not covered by security support, only suitable for trusted content, see package description
mozjs78 Not covered by security support, only suitable for trusted content, see #959804
@@ -30,4 +33,5 @@
sql-ledger Only supported behind an authenticated HTTP zone
tiles Only supported for building packages, #1057343
vte Not covered by security support, only used by debian-installer, #1082885
+zabbix The WEB UI is only supported for access by trusted users, no security updates issued for it, #1124558
zoneminder See README.Debian.security, only supported behind an authenticated HTTP zone, #922724
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Package: release.debian.org\nVersion: 12.13\n\nThis update has been released as
part of Debian 12.13.
--- End Message ---
