Bug#848305: marked as done (mongodb: Add missing changelog entry for 1:2.6.12-3)

2017-08-11 Thread Debian Bug Tracking System 
Your message dated Fri, 11 Aug 2017 21:12:58 +
with message-id 
and subject line Bug#848305: fixed in mongodb 1:3.2.11-3
has caused the Debian Bug report #848305,
regarding mongodb: Add missing changelog entry for 1:2.6.12-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
848305: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848305
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mongodb
Version: 1:3.2.11-2
Severity: wishlist
Tags: patch

Hi Apollon, hi Laszlo

Please consider adding back the debian/changelog entry for 1:2.6.12-3
which contained the reference for the CVE fix. Patch attached.

Thanks lot for considering. If you disagree, please close and mark as
wontfix.

Regards,
Salvatore

p.s.: the kernel team does similar, once a stable update say 4.8.11 is
  released, and the preparation for 4.9 is done in experimental, the
  sid branch is merged into the master branch and so keeping
  debian/changelog consistent back. Example:
  
https://anonscm.debian.org/cgit/kernel/linux.git/commit/?id=878978046681f8bff7396fe459e288b2a3d8e794

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
>From fba77262b606db2497babaeacd68bf91fa6dd2dc Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso 
Date: Fri, 16 Dec 2016 06:37:13 +0100
Subject: [PATCH] Add missing changelog entry for 1:2.6.12-3

---
 debian/changelog | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index c5d895cf..7de8dd18 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -81,6 +81,13 @@ mongodb (1:3.2.8-1) experimental; urgency=medium
 
  -- Apollon Oikonomopoulos   Thu, 14 Jul 2016 16:42:32 +0300
 
+mongodb (1:2.6.12-3) unstable; urgency=high
+
+  * Fix CVE-2016-6494 , prevent group and other access to .dbshell
+(closes: #832908).
+
+ -- Laszlo Boszormenyi (GCS)   Mon, 08 Aug 2016 21:56:32 +
+
 mongodb (1:2.6.12-2) unstable; urgency=medium
 
   * Do not use tcmalloc on ppc64el (fixes FTBFS on ppc64el).
-- 
2.11.0

--- End Message ---
--- Begin Message ---
Source: mongodb
Source-Version: 1:3.2.11-3

We believe that the bug you reported is fixed in the latest version of
mongodb, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 848...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Apollon Oikonomopoulos  (supplier of updated mongodb 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 11 Aug 2017 14:37:37 -0400
Source: mongodb
Binary: mongodb mongodb-server mongodb-clients
Architecture: source
Version: 1:3.2.11-3
Distribution: unstable
Urgency: medium
Maintainer: Debian MongoDB Maintainers 

Changed-By: Apollon Oikonomopoulos 
Description:
 mongodb- object/document-oriented database (metapackage)
 mongodb-clients - object/document-oriented database (client apps)
 mongodb-server - object/document-oriented database (server package)
Closes: 848305 853556
Changes:
 mongodb (1:3.2.11-3) unstable; urgency=medium
 .
   * d/changelog: restore the 2.6.12-3 entry (Closes: #848305)
   * Fix FTBFS with GCC 7 (Closes: #853556)
   * Bump compat to 10
 + B-D on debhelper (>= 10)
 + Remove --with=systemd from dh invocations
   * Bump Standards to 4.0.1; no changes needed
Checksums-Sha1:
 deaf81c80832b2217aac0419aa3dc13231ef233f 2678 mongodb_3.2.11-3.dsc
 92a0f7e2ae5993256dcce32a5ac5782dfe4e0016 41504 mongodb_3.2.11-3.debian.tar.xz
 825a0893698e009f79caef8b6012b7341ced7abe 7226 mongodb_3.2.11-3_source.buildinfo
Checksums-Sha256:
 988e531497ce16b3136f8bdf9d47bc6ad0d9ba6a72938a0100f7f41e900f7cac 2678 
mongodb_3.2.11-3.dsc
 7c7c453b9500709cc353c888d2ea9a5df3cfc1f9dc91dfa2e85abf2198752f03 41504

Bug#848305: marked as done (mongodb: Add missing changelog entry for 1:2.6.12-3)

2016-12-23 Thread Debian Bug Tracking System 
Your message dated Fri, 23 Dec 2016 15:51:49 +
with message-id 
and subject line Bug#848305: fixed in mongodb 1:3.4.1-1
has caused the Debian Bug report #848305,
regarding mongodb: Add missing changelog entry for 1:2.6.12-3
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
848305: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=848305
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: mongodb
Version: 1:3.2.11-2
Severity: wishlist
Tags: patch

Hi Apollon, hi Laszlo

Please consider adding back the debian/changelog entry for 1:2.6.12-3
which contained the reference for the CVE fix. Patch attached.

Thanks lot for considering. If you disagree, please close and mark as
wontfix.

Regards,
Salvatore

p.s.: the kernel team does similar, once a stable update say 4.8.11 is
  released, and the preparation for 4.9 is done in experimental, the
  sid branch is merged into the master branch and so keeping
  debian/changelog consistent back. Example:
  
https://anonscm.debian.org/cgit/kernel/linux.git/commit/?id=878978046681f8bff7396fe459e288b2a3d8e794

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)
>From fba77262b606db2497babaeacd68bf91fa6dd2dc Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso 
Date: Fri, 16 Dec 2016 06:37:13 +0100
Subject: [PATCH] Add missing changelog entry for 1:2.6.12-3

---
 debian/changelog | 7 +++
 1 file changed, 7 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index c5d895cf..7de8dd18 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -81,6 +81,13 @@ mongodb (1:3.2.8-1) experimental; urgency=medium
 
  -- Apollon Oikonomopoulos   Thu, 14 Jul 2016 16:42:32 +0300
 
+mongodb (1:2.6.12-3) unstable; urgency=high
+
+  * Fix CVE-2016-6494 , prevent group and other access to .dbshell
+(closes: #832908).
+
+ -- Laszlo Boszormenyi (GCS)   Mon, 08 Aug 2016 21:56:32 +
+
 mongodb (1:2.6.12-2) unstable; urgency=medium
 
   * Do not use tcmalloc on ppc64el (fixes FTBFS on ppc64el).
-- 
2.11.0

--- End Message ---
--- Begin Message ---
Source: mongodb
Source-Version: 1:3.4.1-1

We believe that the bug you reported is fixed in the latest version of
mongodb, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 848...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Apollon Oikonomopoulos  (supplier of updated mongodb 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Format: 1.8
Date: Fri, 23 Dec 2016 14:57:21 +0200
Source: mongodb
Binary: mongodb mongodb-server mongodb-clients
Architecture: source
Version: 1:3.4.1-1
Distribution: experimental
Urgency: medium
Maintainer: Debian MongoDB Maintainers 

Changed-By: Apollon Oikonomopoulos 
Description:
 mongodb- object/document-oriented database (metapackage)
 mongodb-clients - object/document-oriented database (client apps)
 mongodb-server - object/document-oriented database (server package)
Closes: 848298 848305
Changes:
 mongodb (1:3.4.1-1) experimental; urgency=medium
 .
   * New upstream stable series
 + d/watch: look for 3.4 stable releases
 + Update upstream's signing key for 3.4
 + Drop fix-boost-1.60-build.patch; applied upstream
 + Refresh remaining patches
 + B-D on libboost-iostreams-dev
   * Upload to experimental
   * New patches:
 + Use std::regex instead of boost::regex in mongo shell (fixes FTBFS with
   Debian's boost and C++11)
   * Also build for s390x (Closes: #848298)
   * Drop i386 builds; i386 has long been deprecated upstream and support has
 been essentially removed in 3.4.
   * Use tcmalloc on ppc64el and arm64 as well
   * Do not ship mongosniff, as it is no longer built by the mongodb source
   *