Public bug reported: Scheduled-For: ubuntu-25.06 Ubuntu: 3.1.8-3ubuntu2 Debian Unstable: 3.1.9-1
A new release of corosync is available for merging from Debian Unstable. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the questing Release Notes: https://discourse.ubuntu.com/t/questing-quokka-release-notes/ ### New Debian Changes ### corosync (3.1.9-1) unstable; urgency=medium * [f7dc244] New upstream release (3.1.9) * [f1ccd93] Drop upstreamed patch, refresh the rest * [0683a43] Update copyright years * [55b8efd] Update symbols files. Upstream commit 8d46eb01277 added version info to several already exported symbols. (It also removed a couple of names from the version scripts, but that part does not change the export lists since the respective symbols have long been removed from the libraries.) Since the new versions are also the default versions when resolving unversioned references, applications linked against the old Corosync libraries will find the new versioned symbols, so this change does not break the ABI. * [7e53a49] Update Standards-Version to 4.7.2 (no changes required) -- Ferenc Wágner <[email protected]> Sun, 02 Mar 2025 16:52:12 +0100 ### Old Ubuntu Delta ### corosync (3.1.8-3ubuntu2) plucky; urgency=medium * SECURITY UPDATE: stack buffer overflow - debian/patches/CVE-2025-30472.patch: check size of orf_token msg in exec/totemsrp.c. - CVE-2025-30472 -- Marc Deslauriers <[email protected]> Thu, 27 Mar 2025 14:19:58 -0400 corosync (3.1.8-3ubuntu1) plucky; urgency=medium * Merge with Debian unstable (LP: #2085225). Remaining changes: - d/t/quorumtool: search for localhost instead of node1 - d/p/Make-the-example-config-valid.patch: comment out the node name in config file. With this, we will keep the same behavior as we have in Bionic which is using the output of "uname -n" as the node name (LP #1874719). - d/p/lp1918735/0001-allow_knet_handle_fallback_default_yes.patch: Retry knet_handle_new without privileged flag (LP #1918735). -- Athos Ribeiro <[email protected]> Tue, 19 Nov 2024 19:26:25 -0300 ** Affects: corosync (Ubuntu) Importance: Undecided Status: New ** Tags: needs-merge upgrade-software-version ** Changed in: corosync (Ubuntu) Milestone: None => ubuntu-25.06 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2110456 Title: Merge corosync from Debian Unstable for questing To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/corosync/+bug/2110456/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
