Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: contain...@packages.debian.org, t...@security.debian.org,
z...@debian.org
Control: affects -1 + src:containerd
[ Reason ]
Backport patches for 2 CVE:
*
Processing control commands:
> affects -1 + src:containerd
Bug #1031630 [release.debian.org] bullseye-pu: package
containerd/1.4.13~ds1-1~deb11u4
Added indication that 1031630 affects src:containerd
--
1031630: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031630
Debian Bug Tracking
Processing control commands:
> tags -1 + confirmed
Bug #1030598 [release.debian.org] bullseye-pu: package
lemonldap-ng/2.0.11+ds-4+deb11u3
Added tag(s) confirmed.
--
1030598: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030598
Debian Bug Tracking System
Contact ow...@bugs.debian.org with
Control: tags -1 + confirmed
On Sun, 2023-02-05 at 18:08 +0400, Yadd wrote:
> lemonldap-ng is vulnerable to URL validation bypass
> (https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/-/issues/2832).
>
Please go ahead.
Regards,
Adam
Control: tags -1 + confirmed
On Mon, 2023-02-06 at 18:08 +0100, Guido Günther wrote:
> This update fixes the test failures on arm64 that were
> detected by the 7.0.0-3+deb11u1 build.
>
Thanks; please go ahead.
Regards,
Adam
Processing control commands:
> tags -1 + confirmed
Bug #1030709 [release.debian.org] bullseye-pu: package libvirt/7.0.0-3+deb11u2
Added tag(s) confirmed.
--
1030709: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030709
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: a...@debian.org
Hi,
I would like to update snakeyaml in Bullseye. The package is currently
affected by various potential (no-dsa) security vulnerabilities. Those
Control: tags -1 + confirmed
On Fri, 2023-02-10 at 09:58 +0100, Antonio Terceiro wrote:
> Since VirtualBox is not in stable, people will install it either from
> upstream, and from Fasttrack (https://fasttrack.debian.net/). When a
> new
> version of VirtualBox comes out, vagrant needs change to
Processing control commands:
> tags -1 + confirmed
Bug #1030987 [release.debian.org] bullseye-pu: package vagrant/2.2.14+dfsg-2
Added tag(s) confirmed.
--
1030987: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030987
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 + confirmed
On Wed, 2023-02-08 at 20:30 +0100, Sven Joachim wrote:
> I would like to fix two crash bugs in tic(1) & friends for Bullseye.
> There have been various similar issues in the previous years which we
> usually fixed in point releases.
>
> [ Reason ]
> 1. Bug
Processing control commands:
> tags -1 + confirmed
Bug #1030888 [release.debian.org] bullseye-pu: package
ncurses/6.2+20201114-2+deb11u1
Added tag(s) confirmed.
--
1030888: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030888
Debian Bug Tracking System
Contact ow...@bugs.debian.org with
Control: tags -1 moreinfo
On 2023-02-18 19:03:17 -0500, Sergio Durigan Junior wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
>
> Hi there,
>
> I decided to file this request even though this is *not* going to
> involve
Processing control commands:
> tags -1 moreinfo
Bug #1031592 [release.debian.org] unblock: poke/3.0+dfsg
Added tag(s) moreinfo.
--
1031592: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031592
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Processing changes file: thunderbird_102.8.0-1~deb11u1_source.changes
ACCEPT
Processing changes file: thunderbird_102.8.0-1~deb11u1_all-buildd.changes
ACCEPT
Processing changes file: thunderbird_102.8.0-1~deb11u1_amd64-buildd.changes
ACCEPT
Processing changes file:
Control: tags -1 + confirmed
On Tue, 2023-01-10 at 13:31 +0100, Helmut Grohne wrote:
> I've been working on an exiv2 security update. A significant number
> of
> vulnerabilities have piled up and they're all tagged no-dsa. I
> propose
> fixing them via the stable update procedure.
>
Please go
Processing control commands:
> tags -1 + confirmed
Bug #1028395 [release.debian.org] bullseye-pu: package exiv2/0.27.3-3+deb11u2
Added tag(s) confirmed.
--
1028395: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028395
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Processing control commands:
> tags -1 + confirmed
Bug #1029121 [release.debian.org] bullseye-pu: package lxc/4.0.6-2+deb11u2
Added tag(s) confirmed.
--
1029121: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029121
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 + confirmed
On Wed, 2023-01-18 at 03:36 +, Mathias Gibbens wrote:
> The version of lxc in bullseye is affected by the low-severity
> CVE-2022-47952 which was fixed in the recent release of lxc 5.0.2
> (uploaded to unstable yesterday). As the fix was trivial to apply to
> the
Processing control commands:
> tags -1 + confirmed
Bug #1027264 [release.debian.org] bullseye pu: traceroute/2.1.0-2+deb11u1
Added tag(s) confirmed.
--
1027264: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027264
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 + confirmed
On Thu, 2022-12-29 at 08:57 +0100, László Böszörményi wrote:
> Quite recently a new traceroute version was released. Most
> importantly
> it fixes an excessive CPU consumption on one core (it's not
> multi-threaded). It's easy to trigger it, but not considered a
>
On 2023-02-19 18:52 +, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Wed, 2023-02-08 at 20:30 +0100, Sven Joachim wrote:
>> I would like to fix two crash bugs in tic(1) & friends for Bullseye.
>> There have been various similar issues in the previous years which we
>> usually
Processing changes file: gnutls28_3.7.1-5+deb11u3_multi.changes
ACCEPT
Processing changes file: gnutls28_3.7.1-5+deb11u3_all-buildd.changes
ACCEPT
Processing changes file: gnutls28_3.7.1-5+deb11u3_amd64-buildd.changes
ACCEPT
Processing changes file:
On Wed, 2023-01-11 at 11:07 -0500, Daniel Kahn Gillmor wrote:
> Please consider an update to publicsuffix in debian bullseye.
>
> This package reflects the state of the network, and keeping it
> current
> is useful for all the packages that depend on it.
>
> The debdiff from the previous version
Control: tags -1 + confirmed
On Wed, 2023-02-08 at 13:53 +0100, David Prévot wrote:
> Two CVEs have been assigned to Symfony, the version currently in
> unstable and bookworm ships the fixes, the attached debdiff is a
> proposal for Bullseye.
>
>
Processing commands for cont...@bugs.debian.org:
> block 1031525 by 1031652
Bug #1031525 {Done: Gregor Jasny } [src:c-ares] c-ares:
CVE-2022-4904
1031525 was not blocked by any bugs.
1031525 was not blocking any bugs.
Added blocking bug(s) of 1031525: 1031652
> fixed 1031525 1.14.0-1+deb10u2
Bug
Processing control commands:
> tags -1 + moreinfo
Bug #1021176 [release.debian.org] bullseye-pu: package
openvswitch/2.15.0+ds1-2+deb11u1
Added tag(s) moreinfo.
--
1021176: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021176
Debian Bug Tracking System
Contact ow...@bugs.debian.org with
Control: tags -1 + moreinfo
On Mon, 2022-10-03 at 13:17 +0200, Thomas Goirand wrote:
> It appears that the command ovs-dpctl-top was wrongly patched
> in the Bullseye version of OVS. Removing the wrong hunks fixes it.
>
> [ Reason ]
> The bug is due to me, who patched all to make OVS working
Processing control commands:
> tags -1 + confirmed
Bug #1030851 [release.debian.org] bullseye-pu: package
symfony/4.4.19+dfsg-2+deb11u2
Added tag(s) confirmed.
--
1030851: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030851
Debian Bug Tracking System
Contact ow...@bugs.debian.org with
Processing control commands:
> tags -1 + confirmed d-i
Bug #1028313 [release.debian.org] bullseye-pu: package
isc-dhcp/4.4.1-2.3+deb11u2
Added tag(s) confirmed and d-i.
--
1028313: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028313
Debian Bug Tracking System
Contact
Control: tags -1 + confirmed d-i
On Mon, 2023-01-09 at 14:04 +0100, Bastian Blank wrote:
> Under not completely understood conditions, dhclient completely
> removes
> IPv6 addresses from use and is unable to restore them. This problem
> was
> fixed in the separate script upstream maintains some
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: c-a...@packages.debian.org
Control: affects -1 + src:c-ares
Dear Release Team,
[ Reason ]
I'd like to upload a new version of c-ares which fixes
CVE-2022-4904
Processing control commands:
> tags -1 + confirmed
Bug #1028992 [release.debian.org] bullseye-pu: package
node-json5/2.1.3-2+deb11u1
Added tag(s) confirmed.
--
1028992: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1028992
Debian Bug Tracking System
Contact ow...@bugs.debian.org with
Processing control commands:
> affects -1 + src:c-ares
Bug #1031652 [release.debian.org] bullseye-pu: package c-ares/1.17.1-1+deb11u1
CVE-2022-4904
Added indication that 1031652 affects src:c-ares
--
1031652: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031652
Debian Bug Tracking System
Control: tags -1 + confirmed
On Mon, 2023-01-16 at 07:38 +0400, Yadd wrote:
> node-json5 is vulnerable to prototype pollution (CVE-2022-46175)
>
Please go ahead.
Regards,
Adam
On 2023-02-19 01:03:34 +0200, Adrian Bunk wrote:
> Package: release.debian.org
> Severity: normal
> X-Debbugs-Cc: Maintainers of Mozilla-related packages
>
> Control: block 1021810 982794 992150 993659 993660 by -1
>
> popcon is no longer a criteria for key packages, which makes
> firefox-esr
Processing commands for cont...@bugs.debian.org:
> severity 1031325 normal
Bug #1031325 [release.debian.org] e2fsprogs 1.47.0 introduces a breaking change
into Bookworm, breaking grub and making installations of Ubuntu and Debian
releases via debootstrap impossible
Severity set to 'normal' from
On Sunday, February 19 2023, Sebastian Ramacher wrote:
> On 2023-02-18 19:03:17 -0500, Sergio Durigan Junior wrote:
>> Package: release.debian.org
>> Severity: normal
>> User: release.debian@packages.debian.org
>> Usertags: unblock
>>
>> Hi there,
>>
>> I decided to file this request even
37 matches
Mail list logo