ghostscript CVE-2023-43115
Hi Debian packaging team, I noticed that the ghostscript packages that fix CVE-2023-43115 (10.0.0~dfsg-11+deb12u2 and 9.53.3~dfsg-7+deb11u6) have not been merged into the security release channels. We received a remote-code execution vulnerability report for this bug, and thus packaged our own version with the upstream fix. It would be nice if everyone would be able to apt upgrade to a secure version of the package. Regards Jasper
Processed: tagging 1045437, tagging 1049841
Processing commands for cont...@bugs.debian.org: > tags 1045437 + pending Bug #1045437 [src:propellor] propellor: Fails to build source after successful build Added tag(s) pending. > tags 1049841 + pending Bug #1049841 [src:propellor] propellor: Fails to build binary packages again after successful build Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1045437: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1045437 1049841: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049841 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processing of bbmail_0.9.3-5_source.changes
bbmail_0.9.3-5_source.changes uploaded successfully to localhost along with the files: bbmail_0.9.3-5.dsc bbmail_0.9.3-5.debian.tar.xz bbmail_0.9.3-5_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org)
bbmail_0.9.3-5_source.changes REJECTED
Signature for changes file was already seen at 2023-10-06 00:34:07.406299. Please refresh the signature of the changes file if you want to upload it again. === Please feel free to respond to this email if you don't understand why your files were rejected, or if you upload new files which address our concerns.
Processed: reassign 1054581 to python3-asdf, tagging 1020507, tagging 1054596, tagging 1054609, tagging 1018126 ...
Processing commands for cont...@bugs.debian.org:
> reassign 1054581 python3-asdf 2.14.3-1
Bug #1054581 [asdf] asdf: Missing dependency on asdf-unit-schemas (breaks
pkg_resources)
Warning: Unknown package 'asdf'
Bug reassigned from package 'asdf' to 'python3-asdf'.
No longer marked as found in versions 2.14.3-1.
Ignoring request to alter fixed versions of bug #1054581 to the same values
previously set
Bug #1054581 [python3-asdf] asdf: Missing dependency on asdf-unit-schemas
(breaks pkg_resources)
Marked as found in versions python-asdf/2.14.3-1.
> tags 1020507 + experimental
Bug #1020507 {Done: Paul Gevers } [src:libcleri] libcleri
breaks siridb-server autopkgtest, siridb-server rebuild "fixes" the issue
Added tag(s) experimental.
> tags 1054596 + sid trixie
Bug #1054596 [src:haskell-binary-parsers] Removal notice: obsolete
Added tag(s) sid and trixie.
> tags 1054609 + experimental
Bug #1054609 {Done: Paul Gevers } [src:python-django]
src:python-django: fails to migrate to testing for too long: sort of transition
Added tag(s) experimental.
> tags 1018126 - bookworm + trixie
Bug #1018126 {Done: Boyuan Yang } [src:gthumb] gthumb:
depends on unmaintained clutter-1.0 and related libraries
Removed tag(s) bookworm.
Bug #1018126 {Done: Boyuan Yang } [src:gthumb] gthumb:
depends on unmaintained clutter-1.0 and related libraries
Added tag(s) trixie.
> tags 1012666 - bookworm
Bug #1012666 {Done: Noël Köthe } [src:wget2] ITS: wget2
Removed tag(s) bookworm.
> fixed 1034659 4.10.2-1
Bug #1034659 {Done: Timo Aaltonen } [freeipa-client]
freeipa-client: IPA client Kerberos configuration incompatible with java
Marked as fixed in versions freeipa/4.10.2-1.
> reassign 973861 nginx
Bug #973861 {Done: Jan Mojžíš } [apt] apt: http acquire
method still failing with "Undetermined error" or "Data left in the buffer"
Bug reassigned from package 'apt' to 'nginx'.
No longer marked as found in versions apt/2.1.11 and apt/2.1.18.
No longer marked as fixed in versions nginx/1.22.1-7.
> fixed 973861 1.22.1-7
Bug #973861 {Done: Jan Mojžíš } [nginx] apt: http acquire
method still failing with "Undetermined error" or "Data left in the buffer"
Marked as fixed in versions nginx/1.22.1-7.
> affects 973861 + src:apt
Bug #973861 {Done: Jan Mojžíš } [nginx] apt: http acquire
method still failing with "Undetermined error" or "Data left in the buffer"
Added indication that 973861 affects src:apt
> notfound 1031066 252.5-2
Bug #1031066 {Done: Michael Biebl } [systemd] systemd kills
all processes in user session/scope unit upon kernel OOM
No longer marked as found in versions systemd/252.5-2.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
1012666: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012666
1018126: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018126
1020507: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1020507
1031066: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031066
1034659: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034659
1054581: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054581
1054596: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054596
1054609: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1054609
973861: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973861
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
