Public bug reported:

Please sync atftp 0.8.0-6 (universe) from Debian unstable (main)

Explanation of the Ubuntu delta and why it can be dropped:
  * No-change rebuild for CVE-2024-3094
  * No-change rebuild for CVE-2024-3094
  * No-change rebuild for CVE-2024-3094
  * No-change rebuild for readline time64 change.
  * Disable -flto flag in debian/rules file to fix LP: #1989816, LP: #1995854

An alternative fix for #1989816 was added to the Debian
package. Instead of disabling LTO I switched the broken Strncpy call
to memcpy which deals with the fortification issue.

Additionally this sync should fix #2065463.

Changelog entries since current plucky version 0.8.0-3ubuntu3:

atftp (0.8.0-6) unstable; urgency=medium

  * Update catalan translation (closes: #1091703). Thanks to
    Carles Pina i Estany <[email protected]>.
  * Apply patch to fix fortify abort when LTO is enabled
    (closes: #1092552). Thanks to James Cowgill <[email protected]>.

 -- Andreas B. Mundt <[email protected]>  Sat, 11 Jan 2025 20:03:30 +0100

atftp (0.8.0-5) unstable; urgency=medium

  * Fix uninitialized buffer data (closes: #1073806).  Thanks to
    Aurelien Jarno <[email protected]> for the patch.

 -- Andreas B. Mundt <[email protected]>  Fri, 21 Jun 2024 18:19:57 +0200

atftp (0.8.0-4) unstable; urgency=medium

  * Bump Standards-Version to 4.7.0 (no changes needed).
  * Update Swedish debconf translations (closes: #1055745). Thanks
    to Martin Bagge <[email protected]> and Anders Jonsson
    <[email protected]>.
  * Listen on IPv6, even if not socket activated (closes: #1070683).
    Thanks to Kasparek Tomas <[email protected]>.

 -- Andreas B. Mundt <[email protected]>  Wed, 29 May 2024 14:52:44 +0200

** Affects: atftp (Ubuntu)
     Importance: Undecided
         Status: New

** Description changed:

  Please sync atftp 0.8.0-6 (universe) from Debian unstable (main)
  
  Explanation of the Ubuntu delta and why it can be dropped:
-   * No-change rebuild for CVE-2024-3094
-   * No-change rebuild for CVE-2024-3094
-   * No-change rebuild for CVE-2024-3094
-   * No-change rebuild for readline time64 change.
-   * Disable -flto flag in debian/rules file to fix LP: #1989816, LP: #1995854
-   * Disable -flto flag in debian/rules file to fix LP: #1989816, LP: #1995854
+   * No-change rebuild for CVE-2024-3094
+   * No-change rebuild for CVE-2024-3094
+   * No-change rebuild for CVE-2024-3094
+   * No-change rebuild for readline time64 change.
+   * Disable -flto flag in debian/rules file to fix LP: #1989816, LP: #1995854
  
  An alternative fix for #1989816 was added to the Debian
  package. Instead of disabling LTO I switched the broken Strncpy call
  to memcpy which deals with the fortification issue.
  
  Additionally this sync should fix #2065463.
  
  Changelog entries since current plucky version 0.8.0-3ubuntu3:
  
  atftp (0.8.0-6) unstable; urgency=medium
  
-   * Update catalan translation (closes: #1091703). Thanks to
-     Carles Pina i Estany <[email protected]>.
-   * Apply patch to fix fortify abort when LTO is enabled
-     (closes: #1092552). Thanks to James Cowgill <[email protected]>.
+   * Update catalan translation (closes: #1091703). Thanks to
+     Carles Pina i Estany <[email protected]>.
+   * Apply patch to fix fortify abort when LTO is enabled
+     (closes: #1092552). Thanks to James Cowgill <[email protected]>.
  
-  -- Andreas B. Mundt <[email protected]>  Sat, 11 Jan 2025 20:03:30 +0100
+  -- Andreas B. Mundt <[email protected]>  Sat, 11 Jan 2025 20:03:30 +0100
  
  atftp (0.8.0-5) unstable; urgency=medium
  
-   * Fix uninitialized buffer data (closes: #1073806).  Thanks to
-     Aurelien Jarno <[email protected]> for the patch.
+   * Fix uninitialized buffer data (closes: #1073806).  Thanks to
+     Aurelien Jarno <[email protected]> for the patch.
  
-  -- Andreas B. Mundt <[email protected]>  Fri, 21 Jun 2024 18:19:57 +0200
+  -- Andreas B. Mundt <[email protected]>  Fri, 21 Jun 2024 18:19:57 +0200
  
  atftp (0.8.0-4) unstable; urgency=medium
  
-   * Bump Standards-Version to 4.7.0 (no changes needed).
-   * Update Swedish debconf translations (closes: #1055745). Thanks
-     to Martin Bagge <[email protected]> and Anders Jonsson
-     <[email protected]>.
-   * Listen on IPv6, even if not socket activated (closes: #1070683).
-     Thanks to Kasparek Tomas <[email protected]>.
+   * Bump Standards-Version to 4.7.0 (no changes needed).
+   * Update Swedish debconf translations (closes: #1055745). Thanks
+     to Martin Bagge <[email protected]> and Anders Jonsson
+     <[email protected]>.
+   * Listen on IPv6, even if not socket activated (closes: #1070683).
+     Thanks to Kasparek Tomas <[email protected]>.
  
-  -- Andreas B. Mundt <[email protected]>  Wed, 29 May 2024 14:52:44 +0200
+  -- Andreas B. Mundt <[email protected]>  Wed, 29 May 2024 14:52:44 +0200

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2095010

Title:
  Sync atftp 0.8.0-6 (universe) from Debian unstable (main)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/atftp/+bug/2095010/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to