Bug#1055826: bullseye-pu: package crun/0.17+dfsg-1+deb11u2 (bullseye regression)
On Sun, Nov 12, 2023 at 03:06:34PM +, Adam D. Barratt wrote: > On Sun, 2023-11-12 at 09:56 +0200, Faidon Liambotis wrote: > > A change merged into Linux v6.6 broke crun. The change was backported > > in the stable branch with v6.1.55, the version in bookworm. We fixed > > crun last week crun 1.8.1-1+deb12u1 (unblock request: #1055241). > > > > Salvatore Bonaccorso pointed out that the change was backported into > > all the stable branches, including v5.10.197, the version now in > > bullseye. bullseye's crun, v0.17, is also affected, therefore > > bullseye crun + bullseye Linux (or bullseye crun+bullseye-backports > > Linux etc.) are now broken as well. > > I guess you'd like that pushed via bullseye-updates, once it's ready, > as with the bookworm update? Yes please :) Thanks! Faidon
NEW changes in oldstable-new
Processing changes file: distro-info_1.0+deb11u1_mips64el-buildd.changes ACCEPT Processing changes file: distro-info_1.0+deb11u1_mipsel-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: distro-info_1.0+deb11u1_all-buildd.changes ACCEPT Processing changes file: distro-info_1.0+deb11u1_amd64-buildd.changes ACCEPT Processing changes file: distro-info_1.0+deb11u1_arm64-buildd.changes ACCEPT Processing changes file: distro-info_1.0+deb11u1_armel-buildd.changes ACCEPT Processing changes file: distro-info_1.0+deb11u1_armhf-buildd.changes ACCEPT Processing changes file: distro-info_1.0+deb11u1_i386-buildd.changes ACCEPT Processing changes file: distro-info_1.0+deb11u1_ppc64el-buildd.changes ACCEPT Processing changes file: distro-info_1.0+deb11u1_s390x-buildd.changes ACCEPT
Bug#1019096: bullseye-pu: package cifs-utils/2:6.11-3.1+deb11u2
El 25/7/23 a las 23:32, Jonathan Wiltshire escribió: This request was approved but not uploaded in time for the previous point release (11.7). Should it be included in 11.8 or should this request be abandoned and closed? Hi. Since the debdiff was already approved by you (RMs), I've just uploaded (as if it was a "sponsored upload") the package which matches exactly the debdiff provided by Michael in the bug report, since that was the intent. Please include it in the next point release of bullseye (whenever that will be), I'm trying to keep stable and oldstable free of FTBFS bugs like this one. Thanks.
NEW changes in oldstable-new
Processing changes file: glib2.0_2.66.8-1+deb11u1_mipsel-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: modsecurity-apache_2.9.3-3+deb11u2_mipsel-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: modsecurity-apache_2.9.3-3+deb11u2_mips64el-buildd.changes ACCEPT
Processed: bookworm-pu: package pyzoltan/1.0.1-5+deb12u1
Processing control commands: > affects -1 + src:pyzoltan Bug #1055859 [release.debian.org] bookworm-pu: package pyzoltan/1.0.1-5+deb12u1 Added indication that 1055859 affects src:pyzoltan -- 1055859: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055859 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1055859: bookworm-pu: package pyzoltan/1.0.1-5+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: pyzol...@packages.debian.org, sanv...@debian.org Control: affects -1 + src:pyzoltan [ Reason ] This upload fixes Bug#1055625 FTBFS on single-cpu systems. [ Impact ] Anybody trying to build the package using a single-cpu system will get an unexpected build error. [ Tests ] There are no real code changes. The package builds the same. [ Risks ] Very low risk. [ Checklist ] [X] *all* changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in (old)stable [X] the issue is verified as fixed in unstable [ Changes ] The only change has been to change NPROCS=2 to NPROCS=1 in debian/rules. [ Other info ] The package is already uploaded.diff -Nru pyzoltan-1.0.1/debian/changelog pyzoltan-1.0.1/debian/changelog --- pyzoltan-1.0.1/debian/changelog 2022-10-31 08:07:44.0 +0100 +++ pyzoltan-1.0.1/debian/changelog 2023-11-12 23:25:00.0 +0100 @@ -1,3 +1,11 @@ +pyzoltan (1.0.1-5+deb12u1) bookworm; urgency=medium + + * Team upload. + * debian/rules: Set NPROC to 1 so that the package may be +built on systems with a single core. Closes: #1055625. + + -- Santiago Vila Sun, 12 Nov 2023 23:25:00 +0100 + pyzoltan (1.0.1-5) unstable; urgency=medium * Standards version bumped to 4.6.1 (non changes). diff -Nru pyzoltan-1.0.1/debian/rules pyzoltan-1.0.1/debian/rules --- pyzoltan-1.0.1/debian/rules 2022-10-31 08:07:44.0 +0100 +++ pyzoltan-1.0.1/debian/rules 2023-11-12 23:20:43.0 +0100 @@ -4,7 +4,7 @@ export USE_TRILINOS=1 export ZOLTAN_INCLUDE=/usr/include/trilinos export ZOLTAN_LIBRARY=/usr/lib -export NPROCS=2 +export NPROCS=1 export PYBUILD_NAME=pyzoltan
NEW changes in oldstable-new
Processing changes file: conmon_2.0.25+ds1-1.1+deb11u1_mipsel-buildd.changes ACCEPT Processing changes file: glib2.0_2.66.8-1+deb11u1_mips64el-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: plasma-discover_5.20.5-3+deb11u2_mipsel-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: crun_0.17+dfsg-1+deb11u2_mipsel-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: conmon_2.0.25+ds1-1.1+deb11u1_mips64el-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: glib2.0_2.66.8-1+deb11u1_armhf-buildd.changes ACCEPT Processing changes file: glib2.0_2.66.8-1+deb11u1_s390x-buildd.changes ACCEPT Processing changes file: plasma-discover_5.20.5-3+deb11u2_mips64el-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: axis_1.4-28+deb11u1_all-buildd.changes ACCEPT Processing changes file: conmon_2.0.25+ds1-1.1+deb11u1_armhf-buildd.changes ACCEPT Processing changes file: conmon_2.0.25+ds1-1.1+deb11u1_ppc64el-buildd.changes ACCEPT Processing changes file: conmon_2.0.25+ds1-1.1+deb11u1_s390x-buildd.changes ACCEPT Processing changes file: crun_0.17+dfsg-1+deb11u2_mips64el-buildd.changes ACCEPT Processing changes file: crun_0.17+dfsg-1+deb11u2_s390x-buildd.changes ACCEPT Processing changes file: glib2.0_2.66.8-1+deb11u1_all-buildd.changes ACCEPT Processing changes file: glib2.0_2.66.8-1+deb11u1_amd64-buildd.changes ACCEPT Processing changes file: glib2.0_2.66.8-1+deb11u1_arm64-buildd.changes ACCEPT Processing changes file: glib2.0_2.66.8-1+deb11u1_armel-buildd.changes ACCEPT Processing changes file: glib2.0_2.66.8-1+deb11u1_i386-buildd.changes ACCEPT Processing changes file: glib2.0_2.66.8-1+deb11u1_ppc64el-buildd.changes ACCEPT Processing changes file: modsecurity-apache_2.9.3-3+deb11u2_amd64-buildd.changes ACCEPT Processing changes file: modsecurity-apache_2.9.3-3+deb11u2_arm64-buildd.changes ACCEPT Processing changes file: modsecurity-apache_2.9.3-3+deb11u2_armel-buildd.changes ACCEPT Processing changes file: modsecurity-apache_2.9.3-3+deb11u2_armhf-buildd.changes ACCEPT Processing changes file: modsecurity-apache_2.9.3-3+deb11u2_i386-buildd.changes ACCEPT Processing changes file: modsecurity-apache_2.9.3-3+deb11u2_ppc64el-buildd.changes ACCEPT Processing changes file: modsecurity-apache_2.9.3-3+deb11u2_s390x-buildd.changes ACCEPT Processing changes file: node-dottie_2.0.2-1+deb11u1_all-buildd.changes ACCEPT Processing changes file: node-xml2js_0.2.8-1.1+deb11u1_all-buildd.changes ACCEPT Processing changes file: plasma-discover_5.20.5-3+deb11u2_arm64-buildd.changes ACCEPT Processing changes file: plasma-discover_5.20.5-3+deb11u2_armel-buildd.changes ACCEPT Processing changes file: plasma-discover_5.20.5-3+deb11u2_armhf-buildd.changes ACCEPT Processing changes file: plasma-discover_5.20.5-3+deb11u2_ppc64el-buildd.changes ACCEPT Processing changes file: plasma-discover_5.20.5-3+deb11u2_s390x-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: conmon_2.0.25+ds1-1.1+deb11u1_amd64-buildd.changes ACCEPT Processing changes file: conmon_2.0.25+ds1-1.1+deb11u1_arm64-buildd.changes ACCEPT Processing changes file: conmon_2.0.25+ds1-1.1+deb11u1_armel-buildd.changes ACCEPT Processing changes file: conmon_2.0.25+ds1-1.1+deb11u1_i386-buildd.changes ACCEPT Processing changes file: crun_0.17+dfsg-1+deb11u2_amd64-buildd.changes ACCEPT Processing changes file: crun_0.17+dfsg-1+deb11u2_arm64-buildd.changes ACCEPT Processing changes file: crun_0.17+dfsg-1+deb11u2_armel-buildd.changes ACCEPT Processing changes file: crun_0.17+dfsg-1+deb11u2_armhf-buildd.changes ACCEPT Processing changes file: crun_0.17+dfsg-1+deb11u2_i386-buildd.changes ACCEPT Processing changes file: crun_0.17+dfsg-1+deb11u2_ppc64el-buildd.changes ACCEPT Processing changes file: distro-info-data_0.51+deb11u5_all-buildd.changes ACCEPT Processing changes file: jqueryui_1.12.1+dfsg-8+deb11u2_all-buildd.changes ACCEPT Processing changes file: node-url-parse_1.5.3-1+deb11u2_all-buildd.changes ACCEPT Processing changes file: plasma-discover_5.20.5-3+deb11u2_all-buildd.changes ACCEPT Processing changes file: plasma-discover_5.20.5-3+deb11u2_amd64-buildd.changes ACCEPT Processing changes file: plasma-discover_5.20.5-3+deb11u2_i386-buildd.changes ACCEPT
Bug#1055857: transition: opm-common
Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition X-Debbugs-Cc: debian-scie...@lists.debian.org Dear Debian release team, A new upstream release of OPM is available. To ease migration to testing I am requesting a mini-transition. Uploading to unstable would probably work even without a transition, but I would like to play it safe. This should only affect the OPM source packages opm-common, opm-grid, opm- models, opm-simulators and opm-upscaling. I have already uploaded new versions to experimental that seemed to have built without any issues, see [1]. (please explain about the transition: impacted packages, reason, ... for more info see: https://wiki.debian.org/Teams/ReleaseTeam/Transitions) Ben file: title = "libopm-common-2023"; is_affected = .depends ~ "libopm-common-2023.04" | .depends ~ "libopm- common-2023.10"; is_good = .depends ~ "libopm-common-2023.10"; is_bad = .depends ~ "libopm-common-2023.04"; Thanks a lot. Kind regards, Markus [1] https://qa.debian.org/developer.php?login=markus%40dr-blatt.de
NEW changes in oldstable-new
Processing changes file: crun_0.17+dfsg-1+deb11u2_source.changes ACCEPT Processing changes file: node-url-parse_1.5.3-1+deb11u2_sourceonly.changes ACCEPT
NEW changes in stable-new
Processing changes file: cacti_1.2.24+ds1-1+deb12u1_amd64.changes ACCEPT
Upcoming stable point release (12.3)
Hi, The next point release for "bookworm" (12.3) is scheduled for Saturday, December 9th. Processing of new uploads into bookworm-proposed-updates will be frozen during the preceding weekend. Regards, Adam
Processed: node-url-parse 1.5.3-1+deb11u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1036975 = bullseye pending Bug #1036975 [release.debian.org] bullseye-pu: package node-url-parse/1.5.3-1+deb11u2 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1036975: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036975 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: crun 0.17+dfsg-1+deb11u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1055826 = bullseye pending Bug #1055826 [release.debian.org] bullseye-pu: package crun/0.17+dfsg-1+deb11u2 (bullseye regression) Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1055826: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055826 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1055826: crun 0.17+dfsg-1+deb11u2 flagged for acceptance
package release.debian.org tags 1055826 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: crun Version: 0.17+dfsg-1+deb11u2 Explanation: fix containers with systemd as their init system, when using newer kernel versions
Bug#1036975: node-url-parse 1.5.3-1+deb11u2 flagged for acceptance
package release.debian.org tags 1036975 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: node-url-parse Version: 1.5.3-1+deb11u2 Explanation: fix authorisation bypass issue [CVE-2022-0512]
Bug#1053307: glib2.0 2.66.8-1+deb11u1 flagged for acceptance
On Sun, 12 Nov 2023 at 14:58:42 +, Adam D Barratt wrote: > Package: glib2.0 > Version: 2.66.8-1+deb11u1 > > Explanation: align with upstream stable fixes; fix denial of service issues > [CVE-2023-32665 CVE-2023-32611 CVE-2023-29499 CVE-2023-32636]; fix buffer > overflow issue [CVE-2023-32643] If you're able to adjust the release notes between now and the 11.9 point release, you might want to change this wording so it just mentions the DoS issues and other stable-branch fixes, but excludes the buffer overflow issue CVE-2023-32643 from the description of this update. CVE-2023-32643 was a regression caused by errors in the initial fixes for the DoS issues. It was important that we avoided introducing it into Debian 11, but Debian 11.8 is not vulnerable (too old), and after accepting 2.66.8-1+deb11u1, to the best of my knowledge Debian 11.9 will not be vulnerable either (too new). (For the record: I think 2.74.3-1 in unstable was briefly vulnerable to CVE-2023-32643, but that version never migrated to testing, and a fix was included in the next upload 2.74.4-1; so testing was never vulnerable, and therefore neither was Debian 12.0.) Thanks, smcv
NEW changes in oldstable-new
Processing changes file: axis_1.4-28+deb11u1_source.changes ACCEPT Processing changes file: cacti_1.2.16+ds1-2+deb11u2_source.changes ACCEPT Processing changes file: cacti_1.2.16+ds1-2+deb11u2_all-buildd.changes ACCEPT Processing changes file: conmon_2.0.25+ds1-1.1+deb11u1_source.changes ACCEPT Processing changes file: distro-info_1.0+deb11u1_source.changes ACCEPT Processing changes file: distro-info-data_0.51+deb11u5_source.changes ACCEPT Processing changes file: glib2.0_2.66.8-1+deb11u1_source.changes ACCEPT Processing changes file: jqueryui_1.12.1+dfsg-8+deb11u2_sourceonly.changes ACCEPT Processing changes file: modsecurity-apache_2.9.3-3+deb11u2_source.changes ACCEPT Processing changes file: node-dottie_2.0.2-1+deb11u1_sourceonly.changes ACCEPT Processing changes file: node-xml2js_0.2.8-1.1+deb11u1_sourceonly.changes ACCEPT Processing changes file: plasma-discover_5.20.5-3+deb11u2_source.changes ACCEPT
Bug#1055826: bullseye-pu: package crun/0.17+dfsg-1+deb11u2 (bullseye regression)
On Sun, 2023-11-12 at 09:56 +0200, Faidon Liambotis wrote: > A change merged into Linux v6.6 broke crun. The change was backported > in the stable branch with v6.1.55, the version in bookworm. We fixed > crun last week crun 1.8.1-1+deb12u1 (unblock request: #1055241). > > Salvatore Bonaccorso pointed out that the change was backported into > all the stable branches, including v5.10.197, the version now in > bullseye. bullseye's crun, v0.17, is also affected, therefore > bullseye crun + bullseye Linux (or bullseye crun+bullseye-backports > Linux etc.) are now broken as well. > I guess you'd like that pushed via bullseye-updates, once it's ready, as with the bookworm update? Regards, Adam
Processed: plasma-discover 5.20.5-3+deb11u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1006292 = bullseye pending Bug #1006292 [release.debian.org] bullseye-pu: package plasma-discover/5.20.5-3 Ignoring request to alter tags of bug #1006292 to the same tags previously set > thanks Stopping processing here. Please contact me if you need assistance. -- 1006292: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1006292 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1006292: plasma-discover 5.20.5-3+deb11u2 flagged for acceptance
package release.debian.org tags 1006292 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: plasma-discover Version: 5.20.5-3+deb11u2 Explanation: fix build failure
Processed: modsecurity-apache 2.9.3-3+deb11u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1020303 = bullseye pending Bug #1020303 [release.debian.org] bullseye-pu: package modsecurity-apache/2.9.3-3+deb11u2 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1020303: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1020303 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: jqueryui 1.12.1+dfsg-8+deb11u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1036977 = bullseye pending Bug #1036977 [release.debian.org] bullseye-pu: package jqueryui/1.12.1+dfsg-8+deb11u2 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1036977: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036977 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: distro-info-data 0.51+deb11u5 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1055022 = bullseye pending Bug #1055022 [release.debian.org] bullseye-pu: package distro-info-data/0.51+deb11u5, distro-info/1.0+deb11u1 Ignoring request to alter tags of bug #1055022 to the same tags previously set > thanks Stopping processing here. Please contact me if you need assistance. -- 1055022: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055022 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: node-xml2js 0.2.8-1.1+deb11u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1034665 = bullseye pending Bug #1034665 [release.debian.org] bullseye-pu: package node-xml2js/0.2.8-1+deb11u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1034665: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034665 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: glib2.0 2.66.8-1+deb11u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1053307 = bullseye pending Bug #1053307 [release.debian.org] bullseye-pu: package glib2.0/2.66.8-1+deb11u1 Added tag(s) pending; removed tag(s) d-i. > thanks Stopping processing here. Please contact me if you need assistance. -- 1053307: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053307 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: distro-info 1.0+deb11u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1055022 = bullseye pending Bug #1055022 [release.debian.org] bullseye-pu: package distro-info-data/0.51+deb11u5, distro-info/1.0+deb11u1 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1055022: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055022 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: conmon 2.0.25+ds1-1.1+deb11u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1031097 = bullseye pending Bug #1031097 [release.debian.org] bullseye-pu: package conmon/2.0.25+ds1-1.1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1031097: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031097 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1055022: distro-info-data 0.51+deb11u5 flagged for acceptance
package release.debian.org tags 1055022 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: distro-info-data Version: 0.51+deb11u5 Explanation: add Ubuntu 24.04 LTS Noble Numbat; fix several End Of Life dates
Processed: axis 1.4-28+deb11u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1054121 = bullseye pending Bug #1054121 [release.debian.org] bullseye-pu: package axis/1.4-28 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1054121: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054121 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: node-dottie 2.0.2-1+deb11u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1040679 = bullseye pending Bug #1040679 [release.debian.org] bullseye-pu: package node-dottie/2.0.2-4+deb11u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1040679: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040679 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1054121: axis 1.4-28+deb11u1 flagged for acceptance
package release.debian.org tags 1054121 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: axis Version: 1.4-28+deb11u1 Explanation: filter out unsupported protocols in the client class ServiceFactory [CVE-2023-40743]
Bug#1040679: node-dottie 2.0.2-1+deb11u1 flagged for acceptance
package release.debian.org tags 1040679 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: node-dottie Version: 2.0.2-1+deb11u1 Explanation: fix prototype pollution issue [CVE-2023-26132]
Bug#1036977: jqueryui 1.12.1+dfsg-8+deb11u2 flagged for acceptance
package release.debian.org tags 1036977 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: jqueryui Version: 1.12.1+dfsg-8+deb11u2 Explanation: fix cross-site scripting issue [CVE-2022-31160]
Bug#1055022: distro-info 1.0+deb11u1 flagged for acceptance
package release.debian.org tags 1055022 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: distro-info Version: 1.0+deb11u1 Explanation: update tests for distro-info-data 0.58+deb12u1, which adjusted Debian 7's EoL date
Bug#1053307: glib2.0 2.66.8-1+deb11u1 flagged for acceptance
package release.debian.org tags 1053307 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: glib2.0 Version: 2.66.8-1+deb11u1 Explanation: align with upstream stable fixes; fix denial of service issues [CVE-2023-32665 CVE-2023-32611 CVE-2023-29499 CVE-2023-32636]; fix buffer overflow issue [CVE-2023-32643]
Bug#1034665: node-xml2js 0.2.8-1.1+deb11u1 flagged for acceptance
package release.debian.org tags 1034665 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: node-xml2js Version: 0.2.8-1.1+deb11u1 Explanation: fix prototype pollution issue [CVE-2023-0842]
Bug#1031097: conmon 2.0.25+ds1-1.1+deb11u1 flagged for acceptance
package release.debian.org tags 1031097 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: conmon Version: 2.0.25+ds1-1.1+deb11u1 Explanation: do not hang when forwarding container stdout/stderr with lots of output
Bug#1020303: modsecurity-apache 2.9.3-3+deb11u2 flagged for acceptance
package release.debian.org tags 1020303 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: modsecurity-apache Version: 2.9.3-3+deb11u2 Explanation: fix protection bypass issues [CVE-2022-48279 CVE-2023-24021]
Re: Planning for 12.3
Hello El 7/10/23 a las 22:59, Jonathan Wiltshire escribió: On Sat, Oct 07, 2023 at 06:59:03PM +0100, Jonathan Wiltshire wrote: How about: 4th December (better for cadence) 11th December (more likely suitable in practice) Erm, astute readers will realise the 4th and 11th are Saturdays in November, not December. The correct proposals should be: 2nd December (better for candence, no-go for me) 9th December (more likely suitable in practice) I am available any of those days, but I think for now there's no task for webmasters in point releases. Donald (as press delegate) didn't accept my proposal in https://lists.debian.org/debian-www/2023/07/msg00014.html saying that the publicity team would care about all those tasks (I asked him to reply to my message publicly but it didn't happen). It seems indeed they handled the web part the last point releases, so I assumed everybody is ok with the current status. Hence my no-reply about 12.3 until now. If the DPL or delegated people prefer otherwise (i.e. that the web team to care about any part of the workflow), please state it in public and I'll do my best. Kind regards, -- Laura Arjona Reina https://wiki.debian.org/LauraArjona
Bug#1055826: bullseye-pu: package crun/0.17+dfsg-1+deb11u2 (bullseye regression)
Package: release.debian.org Severity: normal Tags: bullseye User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: c...@packages.debian.org, car...@debian.org Control: affects -1 + src:crun A change merged into Linux v6.6 broke crun. The change was backported in the stable branch with v6.1.55, the version in bookworm. We fixed crun last week crun 1.8.1-1+deb12u1 (unblock request: #1055241). Salvatore Bonaccorso pointed out that the change was backported into all the stable branches, including v5.10.197, the version now in bullseye. bullseye's crun, v0.17, is also affected, therefore bullseye crun + bullseye Linux (or bullseye crun+bullseye-backports Linux etc.) are now broken as well. This upload just backports the same two patches that we backported to bookworm and that are needed to address this issue. The patches apply with minimal changes. There are no other changes included in this upload. See the bookworm-pu unblock request, #1055241, and SUA 243-1, for more context. [ Tests ] Lightly tested on a bullseye VM. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable Thanks, Faidon diff -Nru crun-0.17+dfsg/debian/changelog crun-0.17+dfsg/debian/changelog --- crun-0.17+dfsg/debian/changelog 2023-02-11 23:44:44.0 +0200 +++ crun-0.17+dfsg/debian/changelog 2023-11-02 18:52:46.0 +0200 @@ -1,3 +1,12 @@ +crun (0.17+dfsg-1+deb11u2) bullseye; urgency=medium + + * Backport two commits from upstream ("ignore ENOTSUP when chmod a +symlink"), that restore containers with systemd as their init system, when +running under Linux >= v6.6, >= v6.1.55 and >= 5.10.197, i.e. bullseye's +and bookworm's current stable kernels. (Closes: #1053821) + + -- Faidon Liambotis Thu, 02 Nov 2023 18:52:46 +0200 + crun (0.17+dfsg-1+deb11u1) bullseye; urgency=medium * Backport upstream commits b847d14 ("spec: do not set inheritable diff -Nru crun-0.17+dfsg/debian/patches/series crun-0.17+dfsg/debian/patches/series --- crun-0.17+dfsg/debian/patches/series2023-02-11 23:44:44.0 +0200 +++ crun-0.17+dfsg/debian/patches/series2023-11-02 18:52:46.0 +0200 @@ -1,2 +1,4 @@ CVE-2022-27650-b847d14.patch CVE-2022-27650-1aeeed2.patch +utils-ignore-ENOTSUP-when-chmod-a-symlink.patch +utils-fix-ignore-ENOTSUP-when-chmod-a-symlink.patch diff -Nru crun-0.17+dfsg/debian/patches/utils-fix-ignore-ENOTSUP-when-chmod-a-symlink.patch crun-0.17+dfsg/debian/patches/utils-fix-ignore-ENOTSUP-when-chmod-a-symlink.patch --- crun-0.17+dfsg/debian/patches/utils-fix-ignore-ENOTSUP-when-chmod-a-symlink.patch 1970-01-01 02:00:00.0 +0200 +++ crun-0.17+dfsg/debian/patches/utils-fix-ignore-ENOTSUP-when-chmod-a-symlink.patch 2023-11-02 18:52:46.0 +0200 @@ -0,0 +1,36 @@ +From 60296f112fddc74f4926f8ca6f6e1ef7a61ef5b9 Mon Sep 17 00:00:00 2001 +From: Giuseppe Scrivano +Date: Tue, 26 Sep 2023 11:51:19 +0200 +Subject: [PATCH] utils: fix ignore ENOTSUP when chmod a symlink + +when ENOTSUP is encountered we must continue copying the other files, +not doing an early return. + +commit 57262a2710c83fa08767f0ce3ba7a80993515bb2 introduced the +regression with the Podman CI. + +Signed-off-by: Giuseppe Scrivano + +Origin: upstream, https://github.com/containers/crun/commit/14afa8a46e2e83608a3a219402bce8ea8d071192 +Bug: https://github.com/containers/crun/issues/1308 +Bug-Debian: https://bugs.debian.org/1053821 +--- + src/libcrun/utils.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/libcrun/utils.c b/src/libcrun/utils.c +index 5c7f315..5306c5b 100644 +--- a/src/libcrun/utils.c b/src/libcrun/utils.c +@@ -1858,7 +1858,7 @@ copy_recursive_fd_to_fd (int srcdirfd, int dfd, const char *srcname, const char + { + /* If the operation fails with ENOTSUP we are dealing with a symlink, so ignore it. */ + if (errno == ENOTSUP) +-return 0; ++continue; + + if (UNLIKELY (ret < 0)) + return crun_make_error (err, errno, "chmod `%s/%s`", destname, de->d_name); +-- +2.39.2 + diff -Nru crun-0.17+dfsg/debian/patches/utils-ignore-ENOTSUP-when-chmod-a-symlink.patch crun-0.17+dfsg/debian/patches/utils-ignore-ENOTSUP-when-chmod-a-symlink.patch --- crun-0.17+dfsg/debian/patches/utils-ignore-ENOTSUP-when-chmod-a-symlink.patch 1970-01-01 02:00:00.0 +0200 +++ crun-0.17+dfsg/debian/patches/utils-ignore-ENOTSUP-when-chmod-a-symlink.patch 2023-11-02 18:52:46.0 +0200 @@ -0,0 +1,48 @@ +From 3bc67556e2f077337e574e4c3aaf18488410b2f5 Mon Sep 17 00:00:00 2001 +From: Giuseppe Scrivano +Date: Fri, 22 Sep 2023 11:34:19 +0200 +Subject: [PATCH] utils: ignore ENOTSUP when chmod a symlink + +commit 5d1f903f75a80daa4dfb3d84e114ec8ecbf29956 in the kernel, present +in a release since Linux 6.6
Processed: bullseye-pu: package crun/0.17+dfsg-1+deb11u2 (bullseye regression)
Processing control commands: > affects -1 + src:crun Bug #1055826 [release.debian.org] bullseye-pu: package crun/0.17+dfsg-1+deb11u2 (bullseye regression) Added indication that 1055826 affects src:crun -- 1055826: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055826 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems