NEW changes in oldstable-new
Processing changes file: qemu_5.2+dfsg-11+deb11u3_mips64el-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: pandoc_2.17.1.1-2~deb12u1_mipsel-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: python2.7_2.7.18-8+deb11u1_arm64-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: pandoc_2.17.1.1-2~deb12u1_arm64-buildd.changes ACCEPT Processing changes file: pandoc_2.17.1.1-2~deb12u1_mips64el-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: pandoc_2.17.1.1-2~deb12u1_s390x-buildd.changes ACCEPT Processing changes file: qemu_7.2+dfsg-7+deb12u2_mips64el-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: python2.7_2.7.18-8+deb11u1_armel-buildd.changes ACCEPT Processing changes file: python2.7_2.7.18-8+deb11u1_armhf-buildd.changes ACCEPT Processing changes file: qemu_5.2+dfsg-11+deb11u3_armhf-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: pandoc_2.17.1.1-2~deb12u1_armel-buildd.changes ACCEPT Processing changes file: pandoc_2.17.1.1-2~deb12u1_ppc64el-buildd.changes ACCEPT Processing changes file: qemu_7.2+dfsg-7+deb12u2_arm64-buildd.changes ACCEPT Processing changes file: qemu_7.2+dfsg-7+deb12u2_armel-buildd.changes ACCEPT Processing changes file: qemu_7.2+dfsg-7+deb12u2_mipsel-buildd.changes ACCEPT Processing changes file: qemu_7.2+dfsg-7+deb12u2_s390x-buildd.changes ACCEPT
Bug#1052239: transition: ocaml
Le 23/09/2023 à 06:54, Stéphane Glondu a écrit : The following packages should be removed from testing for now: gmetadom otags xmlrpc-light mlpost ulex0.8 ocamlviz I think Britney needs a little more help: the following packages should also be removed from testing: ocaml-http ocaml-lastfm ocamldap pcre-ocaml (They are already flagged for autoremoval but that would complete in 3 weeks while everything else is ready.) And also, allow llvm-toolchain-13 (in particular, libllvm-13-ocaml-dev) to break. Cheers, -- Stéphane
NEW changes in oldstable-new
Processing changes file: python2.7_2.7.18-8+deb11u1_all-buildd.changes ACCEPT Processing changes file: python2.7_2.7.18-8+deb11u1_mips64el-buildd.changes ACCEPT Processing changes file: python2.7_2.7.18-8+deb11u1_ppc64el-buildd.changes ACCEPT Processing changes file: qemu_5.2+dfsg-11+deb11u3_arm64-buildd.changes ACCEPT Processing changes file: qemu_5.2+dfsg-11+deb11u3_armel-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: pandoc_2.17.1.1-2~deb12u1_armhf-buildd.changes ACCEPT Processing changes file: pandoc_2.17.1.1-2~deb12u1_i386-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: python2.7_2.7.18-8+deb11u1_amd64-buildd.changes ACCEPT Processing changes file: python2.7_2.7.18-8+deb11u1_i386-buildd.changes ACCEPT Processing changes file: qemu_5.2+dfsg-11+deb11u3_s390x-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: freetype_2.12.1+dfsg-5+deb12u1_s390x-buildd.changes ACCEPT Processing changes file: libmatemixer_1.26.0-2+deb12u1_s390x-buildd.changes ACCEPT Processing changes file: mate-notification-daemon_1.26.0-1+deb12u1_s390x-buildd.changes ACCEPT Processing changes file: monitoring-plugins_2.3.3-5+deb12u1_s390x-buildd.changes ACCEPT Processing changes file: pandoc_2.17.1.1-2~deb12u1_amd64-buildd.changes ACCEPT Processing changes file: qemu_7.2+dfsg-7+deb12u2_armhf-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: python2.7_2.7.18-8+deb11u1_s390x-buildd.changes ACCEPT Processing changes file: qemu_5.2+dfsg-11+deb11u3_amd64-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: freetype_2.12.1+dfsg-5+deb12u1_i386-buildd.changes ACCEPT Processing changes file: freetype_2.12.1+dfsg-5+deb12u1_ppc64el-buildd.changes ACCEPT Processing changes file: libmatemixer_1.26.0-2+deb12u1_i386-buildd.changes ACCEPT Processing changes file: libmatemixer_1.26.0-2+deb12u1_ppc64el-buildd.changes ACCEPT Processing changes file: mate-notification-daemon_1.26.0-1+deb12u1_amd64-buildd.changes ACCEPT Processing changes file: mate-notification-daemon_1.26.0-1+deb12u1_i386-buildd.changes ACCEPT Processing changes file: mate-notification-daemon_1.26.0-1+deb12u1_ppc64el-buildd.changes ACCEPT Processing changes file: monitoring-plugins_2.3.3-5+deb12u1_amd64-buildd.changes ACCEPT Processing changes file: monitoring-plugins_2.3.3-5+deb12u1_i386-buildd.changes ACCEPT Processing changes file: monitoring-plugins_2.3.3-5+deb12u1_ppc64el-buildd.changes ACCEPT Processing changes file: pandoc_2.17.1.1-2~deb12u1_all-buildd.changes ACCEPT Processing changes file: qemu_7.2+dfsg-7+deb12u2_i386-buildd.changes ACCEPT Processing changes file: qemu_7.2+dfsg-7+deb12u2_ppc64el-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: dpkg_1.20.13_mipsel-buildd.changes ACCEPT Processing changes file: flameshot_0.9.0+ds1-2+deb11u2_mipsel-buildd.changes ACCEPT Processing changes file: python2.7_2.7.18-8+deb11u1_mipsel-buildd.changes ACCEPT Processing changes file: qemu_5.2+dfsg-11+deb11u3_i386-buildd.changes ACCEPT Processing changes file: qemu_5.2+dfsg-11+deb11u3_ppc64el-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: freetype_2.12.1+dfsg-5+deb12u1_armel-buildd.changes ACCEPT Processing changes file: freetype_2.12.1+dfsg-5+deb12u1_mipsel-buildd.changes ACCEPT Processing changes file: libmatemixer_1.26.0-2+deb12u1_amd64-buildd.changes ACCEPT Processing changes file: libmatemixer_1.26.0-2+deb12u1_armel-buildd.changes ACCEPT Processing changes file: libmatemixer_1.26.0-2+deb12u1_mipsel-buildd.changes ACCEPT Processing changes file: mate-notification-daemon_1.26.0-1+deb12u1_all-buildd.changes ACCEPT Processing changes file: mate-notification-daemon_1.26.0-1+deb12u1_armel-buildd.changes ACCEPT Processing changes file: mate-notification-daemon_1.26.0-1+deb12u1_armhf-buildd.changes ACCEPT Processing changes file: mate-notification-daemon_1.26.0-1+deb12u1_mipsel-buildd.changes ACCEPT Processing changes file: monitoring-plugins_2.3.3-5+deb12u1_all-buildd.changes ACCEPT Processing changes file: monitoring-plugins_2.3.3-5+deb12u1_arm64-buildd.changes ACCEPT Processing changes file: monitoring-plugins_2.3.3-5+deb12u1_armel-buildd.changes ACCEPT Processing changes file: monitoring-plugins_2.3.3-5+deb12u1_armhf-buildd.changes ACCEPT Processing changes file: monitoring-plugins_2.3.3-5+deb12u1_mips64el-buildd.changes ACCEPT Processing changes file: monitoring-plugins_2.3.3-5+deb12u1_mipsel-buildd.changes ACCEPT Processing changes file: qemu_7.2+dfsg-7+deb12u2_amd64-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: batik_1.12-4+deb11u2_all-buildd.changes ACCEPT Processing changes file: cryptmount_5.3.3-1+deb11u1_amd64-buildd.changes ACCEPT Processing changes file: cryptmount_5.3.3-1+deb11u1_arm64-buildd.changes ACCEPT Processing changes file: cryptmount_5.3.3-1+deb11u1_armel-buildd.changes ACCEPT Processing changes file: cryptmount_5.3.3-1+deb11u1_armhf-buildd.changes ACCEPT Processing changes file: cryptmount_5.3.3-1+deb11u1_i386-buildd.changes ACCEPT Processing changes file: cryptmount_5.3.3-1+deb11u1_mips64el-buildd.changes ACCEPT Processing changes file: cryptmount_5.3.3-1+deb11u1_mipsel-buildd.changes ACCEPT Processing changes file: cryptmount_5.3.3-1+deb11u1_ppc64el-buildd.changes ACCEPT Processing changes file: cryptmount_5.3.3-1+deb11u1_s390x-buildd.changes ACCEPT Processing changes file: dpkg_1.20.13_all-buildd.changes ACCEPT Processing changes file: dpkg_1.20.13_amd64-buildd.changes ACCEPT Processing changes file: dpkg_1.20.13_arm64-buildd.changes ACCEPT Processing changes file: dpkg_1.20.13_armel-buildd.changes ACCEPT Processing changes file: dpkg_1.20.13_armhf-buildd.changes ACCEPT Processing changes file: dpkg_1.20.13_i386-buildd.changes ACCEPT Processing changes file: dpkg_1.20.13_mips64el-buildd.changes ACCEPT Processing changes file: dpkg_1.20.13_ppc64el-buildd.changes ACCEPT Processing changes file: dpkg_1.20.13_s390x-buildd.changes ACCEPT Processing changes file: flameshot_0.9.0+ds1-2+deb11u2_amd64-buildd.changes ACCEPT Processing changes file: flameshot_0.9.0+ds1-2+deb11u2_arm64-buildd.changes ACCEPT Processing changes file: flameshot_0.9.0+ds1-2+deb11u2_armel-buildd.changes ACCEPT Processing changes file: flameshot_0.9.0+ds1-2+deb11u2_armhf-buildd.changes ACCEPT Processing changes file: flameshot_0.9.0+ds1-2+deb11u2_i386-buildd.changes ACCEPT Processing changes file: flameshot_0.9.0+ds1-2+deb11u2_mips64el-buildd.changes ACCEPT Processing changes file: flameshot_0.9.0+ds1-2+deb11u2_ppc64el-buildd.changes ACCEPT Processing changes file: flameshot_0.9.0+ds1-2+deb11u2_s390x-buildd.changes ACCEPT Processing changes file: qemu_5.2+dfsg-11+deb11u3_all-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: batik_1.16+dfsg-1+deb12u1_all-buildd.changes ACCEPT Processing changes file: freetype_2.12.1+dfsg-5+deb12u1_arm64-buildd.changes ACCEPT Processing changes file: freetype_2.12.1+dfsg-5+deb12u1_armhf-buildd.changes ACCEPT Processing changes file: freetype_2.12.1+dfsg-5+deb12u1_mips64el-buildd.changes ACCEPT Processing changes file: libmatemixer_1.26.0-2+deb12u1_all-buildd.changes ACCEPT Processing changes file: libmatemixer_1.26.0-2+deb12u1_arm64-buildd.changes ACCEPT Processing changes file: libmatemixer_1.26.0-2+deb12u1_armhf-buildd.changes ACCEPT Processing changes file: libmatemixer_1.26.0-2+deb12u1_mips64el-buildd.changes ACCEPT Processing changes file: mate-notification-daemon_1.26.0-1+deb12u1_arm64-buildd.changes ACCEPT Processing changes file: mate-notification-daemon_1.26.0-1+deb12u1_mips64el-buildd.changes ACCEPT Processing changes file: qemu_7.2+dfsg-7+deb12u2_all-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: batik_1.12-4+deb11u2_source.changes ACCEPT Processing changes file: cryptmount_5.3.3-1+deb11u1_source.changes ACCEPT Processing changes file: dpkg_1.20.13_amd64.changes ACCEPT Processing changes file: flameshot_0.9.0+ds1-2+deb11u1_source.changes ACCEPT Processing changes file: flameshot_0.9.0+ds1-2+deb11u2_source.changes ACCEPT Processing changes file: python2.7_2.7.18-8+deb11u1_source.changes ACCEPT Processing changes file: qemu_5.2+dfsg-11+deb11u3_source.changes ACCEPT
NEW changes in stable-new
Processing changes file: batik_1.16+dfsg-1+deb12u1_source.changes ACCEPT Processing changes file: freetype_2.12.1+dfsg-5+deb12u1_amd64.changes ACCEPT Processing changes file: libmatemixer_1.26.0-2+deb12u1_source.changes ACCEPT Processing changes file: mate-notification-daemon_1.26.0-1+deb12u1_source.changes ACCEPT Processing changes file: monitoring-plugins_2.3.3-5+deb12u1_amd64.changes ACCEPT Processing changes file: pandoc_2.17.1.1-2~deb12u1_source.changes ACCEPT Processing changes file: qemu_7.2+dfsg-7+deb12u2_source.changes ACCEPT
Processed: qemu 7.2+dfsg-7+deb12u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1049955 = bookworm pending Bug #1049955 [release.debian.org] bookworm-pu: package qemu/1:7.2+dfsg-7+deb12u2 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1049955: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049955 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: pandoc 2.17.1.1-2~deb12u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1042058 = bookworm pending Bug #1042058 [release.debian.org] bookworm-pu: package pandoc/2.17.1.1-2~deb12u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1042058: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042058 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: monitoring-plugins 2.3.3-5+deb12u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1052218 = bookworm pending Bug #1052218 [release.debian.org] bookworm-pu: package monitoring-plugins/2.3.3-5+deb12u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1052218: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052218 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: mate-notification-daemon 1.26.0-1+deb12u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1052577 = bookworm pending Bug #1052577 [release.debian.org] bookworm-pu: package mate-notification-daemon/1.26.0-1+deb12u1 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1052577: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052577 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: libmatemixer 1.26.0-2+deb12u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1052564 = bookworm pending Bug #1052564 [release.debian.org] bookworm-pu: package libmatemixer/1.26.0-2+deb12u1 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1052564: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052564 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1052577: mate-notification-daemon 1.26.0-1+deb12u1 flagged for acceptance
package release.debian.org tags 1052577 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: mate-notification-daemon Version: 1.26.0-1+deb12u1 Explanation: fix two memory leaks
Bug#1049955: qemu 7.2+dfsg-7+deb12u2 flagged for acceptance
package release.debian.org tags 1049955 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: qemu Version: 7.2+dfsg-7+deb12u2 Explanation: update to upstream 7.2.5 tree; ui/vnc-clipboard: fix infinite loop in inflate_buffer [CVE-2023-3255]; fix NULL pointer dereference issue [CVE-2023-3354]; fix buffer overflow issue [CVE-2023-3180]
Bug#1052564: libmatemixer 1.26.0-2+deb12u1 flagged for acceptance
package release.debian.org tags 1052564 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: libmatemixer Version: 1.26.0-2+deb12u1 Explanation: fix heap corruptions / application crashes when removing audio devices
Bug#1042058: pandoc 2.17.1.1-2~deb12u1 flagged for acceptance
package release.debian.org tags 1042058 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: pandoc Version: 2.17.1.1-2~deb12u1 Explanation: fix arbitrary file write issue [CVE-2023-35936]
Bug#1052218: monitoring-plugins 2.3.3-5+deb12u1 flagged for acceptance
package release.debian.org tags 1052218 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: monitoring-plugins Version: 2.3.3-5+deb12u1 Explanation: check_disk: avoid mounting when searching for matching mount points, resolving a regression in speed from bullseye
Processed: freetype 2.12.1+dfsg-5+deb12u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1052455 = bookworm pending Bug #1052455 [release.debian.org] bookworm-pu: package freetype/2.12.1+dfsg-5+deb12u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1052455: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052455 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: batik 1.16+dfsg-1+deb12u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1050537 = bookworm pending Bug #1050537 [release.debian.org] bookworm-pu: package batik/1.16+dfsg-1+deb12u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1050537: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050537 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: python2.7 2.7.18-8+deb11u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 105 = bullseye pending Bug #105 [release.debian.org] bullseye-pu: package python2.7/2.7.18-8+deb11u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 105: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=105 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: qemu 5.2+dfsg-11+deb11u3 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1052288 = bullseye pending Bug #1052288 [release.debian.org] bullseye-pu: package qemu/1:5.2+dfsg-11+deb11u3 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1052288: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052288 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: flameshot 0.9.0+ds1-2+deb11u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1052420 = bullseye pending Bug #1052420 [release.debian.org] bullseye-pu: package flameshot/0.9.0+ds1-2+deb11u1 Ignoring request to alter tags of bug #1052420 to the same tags previously set > thanks Stopping processing here. Please contact me if you need assistance. -- 1052420: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052420 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: batik 1.12-4+deb11u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1050538 = bullseye pending Bug #1050538 [release.debian.org] bullseye-pu: package batik/1.12-4+deb11u2 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1050538: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050538 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: flameshot 0.9.0+ds1-2+deb11u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1052420 = bullseye pending Bug #1052420 [release.debian.org] bullseye-pu: package flameshot/0.9.0+ds1-2+deb11u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1052420: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052420 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: dpkg 1.20.13 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1051902 = bullseye pending Bug #1051902 [release.debian.org] bullseye-pu: package dpkg/1.20.13 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1051902: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051902 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: cryptmount 5.3.3-1+deb11u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1050121 = bullseye pending Bug #1050121 [release.debian.org] bullseye-pu: package cryptmount/5.3.3-1+deb11u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1050121: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050121 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1052420: flameshot 0.9.0+ds1-2+deb11u1 flagged for acceptance
package release.debian.org tags 1052420 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: flameshot Version: 0.9.0+ds1-2+deb11u1 Explanation: disable uploads to imgur by default
Bug#1052455: freetype 2.12.1+dfsg-5+deb12u1 flagged for acceptance
package release.debian.org tags 1052455 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: freetype Version: 2.12.1+dfsg-5+deb12u1 Explanation: disable COLRv1 support, which was unintentionally enabled by upstream
Bug#1052222: python2.7 2.7.18-8+deb11u1 flagged for acceptance
package release.debian.org tags 105 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: python2.7 Version: 2.7.18-8+deb11u1 Explanation: fix "parameter cloaking" issue [CVE-2021-23336], URL injection issue [CVE-2022-0391], use-after-free issue [CVE-2022-48560], XML External Entity issue [CVE-2022-48565]; improve constant-time comparisons in compare_digest() [CVE-2022-48566]; improve URL parsing [CVE-2023-24329]; prevent reading unauthenticated data on an SSLSocket [CVE-2023-40217]
Bug#1050538: batik 1.12-4+deb11u2 flagged for acceptance
package release.debian.org tags 1050538 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: batik Version: 1.12-4+deb11u2 Explanation: fix Server Side Request Forgery issues [CVE-2022-44729 CVE-2022-44730]
Bug#1051902: dpkg 1.20.13 flagged for acceptance
package release.debian.org tags 1051902 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: dpkg Version: 1.20.13 Explanation: add support for loong64 CPU; handle missing Version when formatting source:Upstream-Version; fix varbuf memory leak in pkg_source_version()
Bug#1052420: flameshot 0.9.0+ds1-2+deb11u2 flagged for acceptance
package release.debian.org tags 1052420 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: flameshot Version: 0.9.0+ds1-2+deb11u2 Explanation: fix name of d/NEWS file in previous upload
Bug#1052288: qemu 5.2+dfsg-11+deb11u3 flagged for acceptance
package release.debian.org tags 1052288 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: qemu Version: 5.2+dfsg-11+deb11u3 Explanation: fix infinite loop [CVE-2020-14394], NULL point reference issue [CVE-2021-20196], integer overflow issue [CVE-2021-20203], buffer overflow issues [CVE-2021-3507 CVE-2023-3180], denial of service issues [CVE-2021-3930 CVE-2023-3301], use-after-free issue [CVE-2022-0216], possible stack overflow and use-after-free issues [CVE-2023-0330], out-of-bounds read issue [CVE-2023-1544]
Bug#1050121: cryptmount 5.3.3-1+deb11u1 flagged for acceptance
package release.debian.org tags 1050121 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: cryptmount Version: 5.3.3-1+deb11u1 Explanation: fix memory-initialization in command-line parser
Bug#1050537: batik 1.16+dfsg-1+deb12u1 flagged for acceptance
package release.debian.org tags 1050537 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: batik Version: 1.16+dfsg-1+deb12u1 Explanation: fix Server Side Request Forgery issues [CVE-2022-44729 CVE-2022-44730]
Bug#1052648: bookworm-pu: package unbound/1.17.1-2+deb12u1
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: unbo...@packages.debian.org
Control: affects -1 + src:unbound
[ Reason ]
There's a mode of operation of the server (which is becoming
more common with time) which makes it to loop endlessly and
to become useless, and to flood system log. This happens with
libssl3 (which we have in bookworm).
This release has a single bugfix for #1038243 from upstream.
Unstable/testing has a next upstream release already, where
this fix is included.
[ Tests ]
I did a local test of the installed package and observe the
issue is now fixed.
[ Checklist ]
[*] *all* changes are documented in the d/changelog
[*] I reviewed all changes and I approve them
[*] attach debdiff against the package in (old)stable
[*] the issue is verified as fixed in unstable
diff -Nru unbound-1.17.1/debian/changelog unbound-1.17.1/debian/changelog
--- unbound-1.17.1/debian/changelog 2023-04-09 15:59:14.0 +0300
+++ unbound-1.17.1/debian/changelog 2023-09-25 18:45:40.0 +0300
@@ -1,3 +1,11 @@
+unbound (1.17.1-2+deb12u1) bookworm; urgency=medium
+
+ * fix-812-fix-846-by-using-the-SSL_OP_IGNORE_UNEXPECTE.patch from upstream
+to fix error log flooding when using DNS over TLS with openssl 3.0.
+Closes: #1038243
+
+ -- Michael Tokarev Mon, 25 Sep 2023 18:45:40 +0300
+
unbound (1.17.1-2) unstable; urgency=medium
* unbound-helper: return 0 explicitly in a few places
diff -Nru
unbound-1.17.1/debian/patches/fix-812-fix-846-by-using-the-SSL_OP_IGNORE_UNEXPECTE.patch
unbound-1.17.1/debian/patches/fix-812-fix-846-by-using-the-SSL_OP_IGNORE_UNEXPECTE.patch
---
unbound-1.17.1/debian/patches/fix-812-fix-846-by-using-the-SSL_OP_IGNORE_UNEXPECTE.patch
1970-01-01 03:00:00.0 +0300
+++
unbound-1.17.1/debian/patches/fix-812-fix-846-by-using-the-SSL_OP_IGNORE_UNEXPECTE.patch
2023-09-25 18:45:40.0 +0300
@@ -0,0 +1,68 @@
+From: George Thessalonikefs
+Date: Fri, 17 Mar 2023 14:39:37 +0100
+Subject: Fix #812, fix #846, by using the SSL_OP_IGNORE_UNEXPECTED_EOF option
+ to ignore the unexpected eof while reading in openssl >= 3.
+Origin: upstream,
https://github.com/NLnetLabs/unbound/commit/d7e776114114c16816570e48ab3a27eedc401a0e
+Forwarded: not needed
+Bug: https://github.com/NLnetLabs/unbound/issues/812
+Bug-Debian: https://bugs.debian.org/1038243
+
+---
+ doc/Changelog | 4
+ util/net_help.c | 21 +
+ 2 files changed, 25 insertions(+)
+
+#diff --git a/doc/Changelog b/doc/Changelog
+#index 62d2b4c84..25b63ce76 100644
+#--- a/doc/Changelog
+#+++ b/doc/Changelog
+#@@ -1,3 +1,7 @@
+#+17 March 2023: George
+#+ - Fix #812, fix #846, by using the SSL_OP_IGNORE_UNEXPECTED_EOF option
+#+ to ignore the unexpected eof while reading in openssl >= 3.
+#+
+# 16 March 2023: Wouter
+# - Fix ssl.h include brackets, instead of quotes.
+#
+diff --git a/util/net_help.c b/util/net_help.c
+index 54fad6986..de2d771bd 100644
+--- a/util/net_help.c
b/util/net_help.c
+@@ -1005,6 +1005,16 @@ listen_sslctx_setup(void* ctxt)
+ log_crypto_err("could not set cipher list with
SSL_CTX_set_cipher_list");
+ }
+ #endif
++#if defined(SSL_OP_IGNORE_UNEXPECTED_EOF)
++ /* ignore errors when peers do not send the mandatory close_notify
++ * alert on shutdown.
++ * Relevant for openssl >= 3 */
++ if((SSL_CTX_set_options(ctx, SSL_OP_IGNORE_UNEXPECTED_EOF) &
++ SSL_OP_IGNORE_UNEXPECTED_EOF) != SSL_OP_IGNORE_UNEXPECTED_EOF) {
++ log_crypto_err("could not set SSL_OP_IGNORE_UNEXPECTED_EOF");
++ return 0;
++ }
++#endif
+
+ if((SSL_CTX_set_options(ctx, SSL_OP_CIPHER_SERVER_PREFERENCE) &
+ SSL_OP_CIPHER_SERVER_PREFERENCE) !=
+@@ -1233,6 +1243,17 @@ void* connect_sslctx_create(char* key, char* pem, char*
verifypem, int wincert)
+ SSL_CTX_free(ctx);
+ return 0;
+ }
++#endif
++#if defined(SSL_OP_IGNORE_UNEXPECTED_EOF)
++ /* ignore errors when peers do not send the mandatory close_notify
++ * alert on shutdown.
++ * Relevant for openssl >= 3 */
++ if((SSL_CTX_set_options(ctx, SSL_OP_IGNORE_UNEXPECTED_EOF) &
++ SSL_OP_IGNORE_UNEXPECTED_EOF) != SSL_OP_IGNORE_UNEXPECTED_EOF) {
++ log_crypto_err("could not set SSL_OP_IGNORE_UNEXPECTED_EOF");
++ SSL_CTX_free(ctx);
++ return 0;
++ }
+ #endif
+ if(key && key[0]) {
+ if(!SSL_CTX_use_certificate_chain_file(ctx, pem)) {
+--
+2.39.2
+
diff -Nru unbound-1.17.1/debian/patches/series
unbound-1.17.1/debian/patches/series
--- unbound-1.17.1/debian/patches/series2022-08-12 13:04:20.0
+0300
+++ unbound-1.17.1/debian/patches/series2023-09-17 09:17:32.0
+0300
@@ -1,3 +1,4 @@
unbound-control-setup-check-openssl.patch
do-not-chown-control-socket.patch
Processed: bookworm-pu: package unbound/1.17.1-2+deb12u1
Processing control commands: > affects -1 + src:unbound Bug #1052648 [release.debian.org] bookworm-pu: package unbound/1.17.1-2+deb12u1 Added indication that 1052648 affects src:unbound -- 1052648: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052648 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Re: Bug#1040901: Upcoming changes to Debian Linux kernel packages
On Mon, Sep 25, 2023 at 02:03:35AM +0200, Bastian Blank wrote: > The current way does not work. See all the bug reports about > uninstallable packages and what not with dkms. > > To build modules against version x, you'll need to install version x of > the headers, not x-1 or x+1. This currently works most of the time, but > is by far stable. And if you already have to search for the specific > version, it does not matter if you might have the ability to install > multiple at the same time, the archive will in any case only contain one > version at a time. So you want to change something from where dkms works 99.99% of the time to 0% of the time? Having multiple kernel versions and being able to build for them is a very normal thing to do that almost always works. Why break that? Sure there are some bugs for when dkms has issues, but you don't get bug reports for all the cases where it is working. I am having trouble understanding what the problem was that you are attempting to fix, but so far the cure sounds far worse than the disease. -- Len Sorensen
Processed: bookworm-pu: package roundcube/1.6.3+dfsg-1~deb12u1
Processing control commands: > affects -1 + src:roundcube Bug #1052629 [release.debian.org] bookworm-pu: package roundcube/1.6.3+dfsg-1~deb12u1 Added indication that 1052629 affects src:roundcube -- 1052629: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052629 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1052218: bookworm-pu: package monitoring-plugins/2.3.3-5+deb12u1
Am 23.09.23 um 21:42 schrieb Adam D. Barratt: Control: tags -1 confirmed On Tue, 2023-09-19 at 08:35 +0200, Jan Wagner wrote: As reported in #1051768, check_disk has gotten very slow on a machine with a huge number of mount points (in excess of 16000). [ Impact ] check_disk used to take around 10 seconds on bullseye in this scenario, now it is more than one hour Please go ahead. monitoring-plugins_2.3.3-5+deb12u1 was uploaded to proposed-updates. with best regards, Jan
Bug#1052611: bullseye-pu: package roundcube/1.4.14+dfsg.1-1~deb11u1
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: roundc...@packages.debian.org
Control: affects -1 + src:roundcube
[ Reason ]
roundcube 1.4.13+dfsg.1-1~deb11u1 is vulnerable to CVE-2023-43770:
cross-site scripting (XSS) vulnerability in handling of linkrefs in
plain text messages.
The Security Team decided not to issue a DSA for that CVE, but it's now
fixed in buster-security (1.3.17+dfsg.1-1~deb10u3) as well as
testing/sid (1.6.3+dfsg-1), so it makes sense to fix it via (o)s-pu
too.
[ Impact ]
Roundcube users will remain vulnerable to the XSS issue. For users
uprading from buster-security to bullseye, that would be a security
regression.
[ Tests ]
The XSS fix is covered by automated tests (phpunit) at build time, and I
also manually tested the fix.
[ Risks ]
I believe the regression risk is very low, given the diff is fairly
simple, and this is not a backport but an official upstream release from
the LTS branch.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in oldstable
[x] the issue is verified as fixed in unstable
[ Changes ]
* New security/bugfix upstream release:
+ Fix CVE-2023-43770: cross-site scripting (XSS) vulnerability in handling
of linkrefs in plain text messages. (Closes: #1052059)
+ Enigma: Fix initial synchronization of private keys.
* d/u/signing-key.asc: Add Alec's key BEE674A019359DC1.
* Refresh d/patches.
[ Other info ]
bullseye(-security) has been following the upstream 1.4 branch, so I
propose to upload 1.4.14+dfsg.1-1~deb11u1 rather than cherry-pick the
CVE-2023-43770 fix on top of 1.4.13+dfsg.1-1~deb11u1.
--
Guilhem.
diffstat for roundcube-1.4.13+dfsg.1 roundcube-1.4.14+dfsg.1
CHANGELOG |8
composer.json-dist |5
debian/changelog| 11
debian/patches/fix-FTBFS-with-phpunit-8.5.13-1.patch|4
debian/patches/fix-FTBFS-with-phpunit-9.5.0-1.patch |8
debian/patches/fix-install-path.patch |4
debian/patches/hint-at-which-packages-needs-installing-under-PHP8.patch |2
debian/patches/update-composer.patch|9
debian/patches/update-script.patch |2
debian/upstream/signing-key.asc | 199
+++---
index.php |2
installer/index.php |2
plugins/enigma/lib/enigma_driver_gnupg.php |7
program/include/iniset.php |2
program/lib/Roundcube/bootstrap.php |2
program/lib/Roundcube/rcube_string_replacer.php |4
public_html/index.php |2
public_html/plugins/enigma/lib/enigma_driver_gnupg.php |7
tests/Framework/StringReplacer.php | 12
tests/Framework/Text2Html.php | 17
20 files changed, 223 insertions(+), 86 deletions(-)
diff -Nru roundcube-1.4.13+dfsg.1/CHANGELOG roundcube-1.4.14+dfsg.1/CHANGELOG
--- roundcube-1.4.13+dfsg.1/CHANGELOG 2021-12-29 23:45:05.0 +0100
+++ roundcube-1.4.14+dfsg.1/CHANGELOG 2023-09-16 22:01:19.0 +0200
@@ -1,5 +1,9 @@
-CHANGELOG Roundcube Webmail
-===
+# Changelog Roundcube Webmail
+
+RELEASE 1.4.14
+--
+- Fix cross-site scripting (XSS) vulnerability in handling of linkrefs in
plain text messages
+- Enigma: Fix initial synchronization of private keys
RELEASE 1.4.13
--
diff -Nru roundcube-1.4.13+dfsg.1/composer.json-dist
roundcube-1.4.14+dfsg.1/composer.json-dist
--- roundcube-1.4.13+dfsg.1/composer.json-dist 2021-12-29 23:45:05.0
+0100
+++ roundcube-1.4.14+dfsg.1/composer.json-dist 2023-09-16 22:01:19.0
+0200
@@ -27,5 +27,10 @@
"suggest": {
"kolab/net_ldap3": "~1.1.1 required for connecting to LDAP",
"mkopinsky/zxcvbn-php": "^4.4.2 required for Zxcvbn password strength
driver"
+},
+"config": {
+"allow-plugins": {
+"roundcube/plugin-installer": true
+}
}
}
diff -Nru roundcube-1.4.13+dfsg.1/debian/changelog
roundcube-1.4.14+dfsg.1/debian/changelog
--- roundcube-1.4.13+dfsg.1/debian/changelog2022-01-06 08:51:41.0
+0100
+++ roundcube-1.4.14+dfsg.1/debian/changelog2023-09-25 11:32:59.0
+0200
@@ -1,3 +1,14 @@
+roundcube
Processed: bullseye-pu: package roundcube/1.4.14+dfsg.1-1~deb11u1
Processing control commands: > affects -1 + src:roundcube Bug #1052611 [release.debian.org] bullseye-pu: package roundcube/1.4.14+dfsg.1-1~deb11u1 Added indication that 1052611 affects src:roundcube -- 1052611: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052611 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
NEW changes in stable-new
Processing changes file: qtlocation-opensource-src_5.15.8+dfsg-3+deb12u1_mipsel-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: qtlocation-opensource-src_5.15.8+dfsg-3+deb12u1_mips64el-buildd.changes ACCEPT
