Processed: Re: Bug#1065071: bullseye-pu: package php-symfony-contracts/1.1.10-2+deb11u1

2024-04-22 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 confirmed
Bug #1065071 [release.debian.org] bullseye-pu: package 
php-symfony-contracts/1.1.10-2+deb11u1
Added tag(s) confirmed.

-- 
1065071: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065071
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1065071: bullseye-pu: package php-symfony-contracts/1.1.10-2+deb11u1

2024-04-22 Thread Jonathan Wiltshire 
Control: tag -1 confirmed

On Thu, Feb 29, 2024 at 12:30:50PM +0100, David Prévot wrote:
> This is a follow up from composer/DSA-5632-1, similar to #1065058 in
> bookworm.

Please go ahead.

Thanks,



-- 
Jonathan Wiltshire  j...@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Bug#1065071: bullseye-pu: package php-symfony-contracts/1.1.10-2+deb11u1

2024-02-29 Thread David Prévot 
Package: release.debian.org
Severity: normal
Tags: bullseye
X-Debbugs-Cc: php-symfony-contra...@packages.debian.org, 
t...@security.debian.org
Control: affects -1 + src:php-symfony-contracts
User: release.debian@packages.debian.org
Usertags: pu

[2/6 for bullseye]

This is a follow up from composer/DSA-5632-1, similar to #1065058 in
bookworm.

In order to fix a Debian-specific issue related to CVE-2024-24821, we
agreed with the security team to push related dependencies via the next
point release.

The only change (besides changelog entry) in the binary packages is of
the following kind (thanks to diffoscope), for example for
php-symfony-cache-contracts.

│ │ ├── ./usr/share/php/Symfony/Contracts/Cache/autoload.php
│ │ │ @@ -1,13 +1,11 @@
│ │ │  diff -Nru php-symfony-contracts-1.1.10/debian/changelog php-symfony-contracts-1.1.10/debian/changelog
--- php-symfony-contracts-1.1.10/debian/changelog	2020-09-15 22:17:37.0 +0200
+++ php-symfony-contracts-1.1.10/debian/changelog	2024-02-18 11:57:14.0 +0100
@@ -1,3 +1,9 @@
+php-symfony-contracts (1.1.10-2+deb11u1) bookworm; urgency=medium
+
+  * Force system dependencies loading
+
+ -- David Prévot   Sun, 18 Feb 2024 11:57:14 +0100
+
 php-symfony-contracts (1.1.10-2) unstable; urgency=medium
 
   * Revert "stop using deprecated PHPUnit APIs", fixing symfony FTBFS
diff -Nru php-symfony-contracts-1.1.10/debian/rules php-symfony-contracts-1.1.10/debian/rules
--- php-symfony-contracts-1.1.10/debian/rules	2020-09-15 22:17:37.0 +0200
+++ php-symfony-contracts-1.1.10/debian/rules	2024-02-18 11:57:10.0 +0100
@@ -45,13 +45,13 @@
 	  fi; \
 	 done
 	cp debian/autoload.php .
-	mkdir --parents vendor Symfony
+	mkdir --parents vendor Symfony/Contracts
 	phpab \
 		--output vendor/autoload.php \
 		--template debian/autoload.tests.php.tpl \
 		Tests
 	# Mimic expected path for tests
-	cp -r autoload.php Cache Deprecation EventDispatcher HttpClient Service Translation Symfony/Contracts
+	cp -r autoload.php Cache EventDispatcher HttpClient Service Translation Symfony/Contracts
 	ln -s /usr/share/php/Symfony/Component Symfony
 	ln -s /usr/share/php/Psr .
 


signature.asc
Description: PGP signature