Paul,
just a quick reply - PHP already has a security (and if I remember correctly
release) team exception from the last time. So, we already had this talk about
upstream policies.
I’m happy to fill the template though when it’s not Sunday.
Ondrej
--
Ondřej Surý (He/Him)
> On 26. 3. 2023,
Processing control commands:
> affects -1 src:php8.2
Bug #1033492 [release.debian.org] unblock: php8.2/8.2.4-1
Added indication that 1033492 affects src:php8.2
--
1033492: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033492
Debian Bug Tracking System
Contact ow...@bugs.debian.org
Package: release.debian.org
Tags: moreinfo
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: ond...@sury.org
Control: affects -1 src:php8.2
Dear Ondřej,
I just noticed that security bug 1031368 is fixed in unstable was fixed
in php8.2 version 8.2.3-1. That didn't
Hi Salvatore,
On 26-03-2023 13:57, Salvatore Bonaccorso wrote:
redis is on the radar for that, recent uploads for unstable did fix
some (arguably no-dsa) CVEs. Redis is though not able to migrate to
testing. Can you have a look and if the testing regressions are fase
positives or to be ignore
Package: dgit
Version: 10.7
Control: affects -1 git
Some of dgit's tests create strange git objects, to test error
handling. For example, to avoid a repetition of #849041.
git 2.40, just uploaded to unstable, has this change:
| * "git hash-object" now checks that the resulting object is well
Hi Chris,
I'm trying to clarify some packages which have security-fixes which
did not yet land in bookworm.
redis is on the radar for that, recent uploads for unstable did fix
some (arguably no-dsa) CVEs. Redis is though not able to migrate to
testing. Can you have a look and if the testing
Hi Ondřej,
On 26-03-2023 08:36, Ondřej Surý wrote:
just a quick reply - PHP already has a security (and if I remember correctly
release) team exception from the last time. So, we already had this talk about
upstream policies.
I *suspect* the same, but because of the shear amount of work
Processing control commands:
> affects -1 + src:libreoffice
Bug #1033506 [release.debian.org] bullseye-pu: package
libreoffice/1:7.0.4-4+deb11u6
Added indication that 1033506 affects src:libreoffice
--
1033506: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033506
Debian Bug Tracking
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: libreoff...@packages.debian.org
Control: affects -1 + src:libreoffice
Hi,
This fixes "CVE-2022-38745. Empty entry in Java class path risks
arbitrary code execution"
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package rails.
That version fixes a number of CVEs and #1030050.
>From the changelog:
+ This is a security-only release from a rails stable branch.
Upstream changelogs:
Your message dated Sun, 26 Mar 2023 20:11:04 +0200
with message-id
and subject line Re: Bug#1033189: unblock: girara/0.4.0-1
has caused the Debian Bug report #1033189,
regarding unblock: girara/0.4.0-1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this
Processing control commands:
> tags -1 - moreinfo
Bug #1033464 [release.debian.org] unblock: fish/3.6.0-3
Removed tag(s) moreinfo.
--
1033464: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033464
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 - moreinfo
On Sun, 2023-03-26 at 07:28 +0200, Paul Gevers wrote:
> Control: tags -1 confirmed moreinfo
>
> Hi Mo,
>
> On 25-03-2023 15:39, M. Zhou wrote:
> > Please unblock package fish
> > Not yet uploaded. This package does not have a proper
> > autopkgtest, manual unblock
Hi Jan
On 2023-03-25 16:58:12 +0100, Jan Wagner wrote:
> Hi Sebastian,
>
> Am 25.03.23 um 10:31 schrieb Sebastian Ramacher:
> > What's the rationale to include these patches? Do they fix bugs reported
> > in the BTS or upstream?
>
> upstream
I was hoping to get some more details on the bugs
Not to whine but is the plan to build 3.6.1 that was released yesterday aswell?
On 3/26/23, M. Zhou wrote:
> Control: tags -1 - moreinfo
>
> On Sun, 2023-03-26 at 07:28 +0200, Paul Gevers wrote:
>> Control: tags -1 confirmed moreinfo
>>
>> Hi Mo,
>>
>> On 25-03-2023 15:39, M. Zhou wrote:
>> >
Hey Paul,
Nobody else seems to have replied yet, so... :-)
On Thu, Mar 23, 2023 at 01:31:22PM +0100, Paul Gevers wrote:
>Hi,
>
>With the point release scheduled for April 29th, it's probably good to have
>at least one weekend in between, or do people not mind doing two weekends in
>a row?
Processing control commands:
> tags -1 + moreinfo
Bug #1033219 [release.debian.org] unblock: ghostscript/10.0.0~dfsg-10
Added tag(s) moreinfo.
--
1033219: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033219
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 + moreinfo
Hi Håvard
I don't see ghostscript/10.0.0~dfsg-10 in unstable, so I assume this
is a pre-approval request.
Please explain why we need this fix in bookworm, and why it can't wait
for trixie.
Regards
Graham
Your message dated Sun, 26 Mar 2023 20:52:03 +0200
with message-id
and subject line Re: Bug#1033344: unblock: src:texlive-extra/2022.20230122-3
has caused the Debian Bug report #1033344,
regarding unblock: src:texlive-extra/2022.20230122-3
to be marked as done.
This means that you claim that
Your message dated Sun, 26 Mar 2023 21:15:26 +0200
with message-id
and subject line Re: Bug#1033375: unblock: amule/1:2.3.3-3
has caused the Debian Bug report #1033375,
regarding unblock: amule/1:2.3.3-3
to be marked as done.
This means that you claim that the problem has been dealt with.
If
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: i...@packages.debian.org
Control: affects -1 + src:inn2
Please unblock package inn2
I have here a newer snapshot of the inn2 stable 2.7 branch, with various
cleanups and
Processing control commands:
> affects -1 + src:inn2
Bug #1033536 [release.debian.org] unblock: inn2/2.7.1~20230306-1
Added indication that 1033536 affects src:inn2
--
1033536: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033536
Debian Bug Tracking System
Contact ow...@bugs.debian.org
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: libmicroht...@packages.debian.org, Daniel Baumann
, car...@debian.org
Control: affects -1 + src:libmicrohttpd
Dear release team,
Please unblock package libmicrohttpd
The
Processing control commands:
> affects -1 + src:libmicrohttpd
Bug #1033529 [release.debian.org] unblock: libmicrohttpd/0.9.75-6
Added indication that 1033529 affects src:libmicrohttpd
--
1033529: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033529
Debian Bug Tracking System
Contact
On 25/03/23 10:17 PM, Sebastian Ramacher wrote:
> > - upload 2.6.1 from experimental to unstable, then stage 2.6.2 and the
> > new DCO in experimental for the second review round
> >
> > I would prefer the last option.
>
> Let's go ahead with the last option. Please let us know once openvpn
>
Your message dated Sun, 26 Mar 2023 21:28:40 +0200
with message-id
and subject line Re: Bug#1033464: unblock: fish/3.6.0-3
has caused the Debian Bug report #1033464,
regarding unblock: fish/3.6.0-3
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is
On Sun, 2023-03-26 at 20:31 +0200, Luna Jernberg wrote:
> Not to whine but is the plan to build 3.6.1 that was released yesterday
> aswell?
It's the hard freeze stage for Debian. Introducing a massive change, such
as the full 3.6.1 upgrade will not likely successfully make it in testing
Control: tags -1 - moreinfo
On 26.03.2023 20:45, Graham Inggs wrote:
> Control: tags -1 + moreinfo
>
> Hi Håvard
>
> I don't see ghostscript/10.0.0~dfsg-10 in unstable, so I assume this
> is a pre-approval request.
pre-apporval, yes.
>
> Please explain why we need this fix in bookworm, and
Processing control commands:
> tags -1 - moreinfo
Bug #1033219 [release.debian.org] unblock: ghostscript/10.0.0~dfsg-10
Removed tag(s) moreinfo.
--
1033219: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033219
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Your message dated Sun, 26 Mar 2023 22:32:40 +0200
with message-id
and subject line Re: Bug#1033470: unblock: libopenmpt/0.6.9-1
has caused the Debian Bug report #1033470,
regarding unblock: libopenmpt/0.6.9-1
to be marked as done.
This means that you claim that the problem has been dealt with.
Your message dated Sun, 26 Mar 2023 21:20:38 +0200
with message-id
and subject line Re: Bug#1033401: unblock: src:dino-im/0.4.2-1
has caused the Debian Bug report #1033401,
regarding unblock: src:dino-im/0.4.2-1
to be marked as done.
This means that you claim that the problem has been dealt
Processing control commands:
> affects -1 + src:cairosvg
Bug #1033527 [release.debian.org] unblock: cairosvg/2.5.2-1.1
Added indication that 1033527 affects src:cairosvg
--
1033527: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033527
Debian Bug Tracking System
Contact
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: cairo...@packages.debian.org, car...@debian.org
Control: affects -1 + src:cairosvg
Dear release team,
Please unblock package cairosvg
It addresses CVE-2023-27586, #1033295
Alright thanks for the info :)
On 3/26/23, M. Zhou wrote:
> On Sun, 2023-03-26 at 20:31 +0200, Luna Jernberg wrote:
>> Not to whine but is the plan to build 3.6.1 that was released yesterday
>> aswell?
>
> It's the hard freeze stage for Debian. Introducing a massive change, such
> as the full
Your message dated Sun, 26 Mar 2023 22:41:50 +0200
with message-id
and subject line Re: Bug#1033490: unblock: py7zr/0.11.3+dfsg-5
has caused the Debian Bug report #1033490,
regarding unblock: py7zr/0.11.3+dfsg-5
to be marked as done.
This means that you claim that the problem has been dealt
35 matches
Mail list logo
