Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: f...@packages.debian.org, bir...@debian.org
Control: affects -1 + src:foot
[ Reason ]
The terminal emulator foot contains a vulnerability. The issue is that,
if an XT
Processing control commands:
> affects -1 + src:foot
Bug #1053189 [release.debian.org] bookworm-pu: package foot/1.13.1-2+deb12u1
Added indication that 1053189 affects src:foot
--
1053189: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053189
Debian Bug Tracking System
Contact ow...@bugs.deb
On Sat, Sep 09, 2023 at 10:15:59AM +0200, Salvatore Bonaccorso wrote:
>...
> Note that the last time the problem arised already earlier in
> experimental and Ben workarounded it there with
> https://salsa.debian.org/kernel-team/linux/-/commit/9dfe6d33a4fd220394228b30cbbfdb3b444d36ec
> We probably c
On 2023-09-28 20:58, Adam D. Barratt wrote:
> Control: tags -1 confirmed
>
> On Wed, 2023-09-27 at 23:47 +0200, Aurelien Jarno wrote:
> > The upstream glibc stable branch got a few fixes since the latest
> > point
> > released, including two security fixes.
> >
>
> Please go ahead.
>
Thanks fo
On Thu, 2023-09-28 at 13:28 -0700, Soren Stoutner wrote:
> I’m afraid I don’t understand your comments. Are you saying I should
> wait longer for someone to review it or are you saying I should go
> ahead with the upload?
"Please go ahead" meant exactly that, i.e. "Please go ahead with the
upload
Processing control commands:
> tags -1 confirmed
Bug #1051466 [release.debian.org] bookworm-pu: package ovn/23.03.1-1~deb12u1
Added tag(s) confirmed.
--
1051466: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051466
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 confirmed
On Fri, 2023-09-08 at 13:32 +0200, Frode Nordahl wrote:
> We would like to upload the latest stable point release of ovn 23.03
> to bookworm-p-u. Stable release branches are maintained upstream with
> the intention of providing bug fixes only and no compatibility
> break
I’m afraid I don’t understand your comments. Are you saying I should wait
longer for someone to review it or are you saying I should go ahead with the
upload?
On Thursday, September 28, 2023 1:07:47 PM MST Adam D. Barratt wrote:
> More patience. :-p A week is not long to have waited, there's no
On Thu, 28 Sept 2023 at 21:13, Adam D. Barratt wrote:
>
> On Tue, 2023-09-19 at 08:59 +0100, Luca Boccassi wrote:
> > On Tue, 19 Sept 2023 at 08:21, Salvatore Bonaccorso <
> > car...@debian.org> wrote:
> [...]
> > > Two obervations: Can you please close #1043598 in the
> > > debian/changelog as we
On Tue, 2023-09-19 at 08:59 +0100, Luca Boccassi wrote:
> On Tue, 19 Sept 2023 at 08:21, Salvatore Bonaccorso <
> car...@debian.org> wrote:
[...]
> > Two obervations: Can you please close #1043598 in the
> > debian/changelog as well as the update addresses CVE-2023-3153.
[...]
> Changelog mentions
Processing control commands:
> tags -1 confirmed
Bug #1052211 [release.debian.org] bookworm-pu: package
electrum/4.3.4+dfsg1-1+deb12u1
Added tag(s) confirmed.
--
1052211: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052211
Debian Bug Tracking System
Contact ow...@bugs.debian.org with prob
Control: tags -1 confirmed
On Thu, 2023-09-28 at 12:49 -0700, Soren Stoutner wrote:
> Are the any changes I should make before I upload a package?
More patience. :-p A week is not long to have waited, there's no need
to chase.
Please go ahead.
Regards,
Adam
Processing control commands:
> tags -1 confirmed
Bug #1053130 [release.debian.org] bookworm-pu: package glibc/2.36-9+deb12u2
Added tag(s) confirmed.
--
1053130: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053130
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 confirmed
On Wed, 2023-09-27 at 23:47 +0200, Aurelien Jarno wrote:
> The upstream glibc stable branch got a few fixes since the latest
> point
> released, including two security fixes.
>
Please go ahead.
Regards,
Adam
Are the any changes I should make before I upload a package?
--
Soren Stoutner
so...@stoutner.com
signature.asc
Description: This is a digitally signed message part.
Hi Adam,
On 9/28/23 19:09, Adam D. Barratt wrote:
> On Thu, 2023-09-28 at 18:27 +0200, Hans van Kranenburg wrote:
>> Xen 4.14 support (and security support) has ended upstream. The
>> upstream
>> stable branch for version 4.14 is frozen now, and a final maintenance
>> release version 4.14.6 has be
On Thu, 2023-09-28 at 20:33 +0200, Guilhem Moulin wrote:
> On Thu, 28 Sep 2023 at 18:53:46 +0100, Adam D. Barratt wrote:
> > --- a/CHANGELOG.md
> > +++ b/CHANGELOG.md
> > @@ -1,5 +1,54 @@
> > # Changelog Roundcube Webmail
> >
> > +## Unreleased
> > +
> >
> > That seems wrong, given that you're up
On Thu, 28 Sep 2023 at 18:53:46 +0100, Adam D. Barratt wrote:
> --- a/CHANGELOG.md
> +++ b/CHANGELOG.md
> @@ -1,5 +1,54 @@
> # Changelog Roundcube Webmail
>
> +## Unreleased
> +
>
> That seems wrong, given that you're uploading a released version.
Well spotted but that one is upstream's, see
htt
Processing control commands:
> tags -1 confirmed
Bug #1052629 [release.debian.org] bookworm-pu: package
roundcube/1.6.3+dfsg-1~deb12u1
Added tag(s) confirmed.
--
1052629: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052629
Debian Bug Tracking System
Contact ow...@bugs.debian.org with prob
Control: tags -1 confirmed
On Mon, 2023-09-25 at 15:31 +0200, Guilhem Moulin wrote:
> On Mon, 25 Sep 2023 at 15:15:57 +0200, Guilhem Moulin wrote:
> > [ Other info ]
> >
> > In addition to the debdiff.gz between 1.6.1+dfsg-1 (bookworm) and
> > 1.6.3+dfsg-1~deb12u1,
> > I attach a patch-applied di
On 27.09.23 20:33, Adam D. Barratt wrote:
Thanks; please go ahead.
great, thanks, ...
... and uploaded.
Thorsten
On 27.09.23 20:32, Adam D. Barratt wrote:
Please go ahead.
great, thanks, ...
... and uploaded.
Thorsten
Processing control commands:
> tags -1 confirmed
Bug #1053102 [release.debian.org] bookworm-pu: package curl/7.88.1-10+deb12u3
Added tag(s) confirmed.
--
1053102: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053102
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Control: tags -1 confirmed
On Wed, 2023-09-27 at 21:24 +0800, Carlos Henrique Lima Melara wrote:
> A vulnerability was discovered and reported to Curl upstream [1] with
> the following CVE ID: CVE-2023-38039.
>
> The description of the CVE is:
>
> > When curl retrieves an HTTP response, it store
On Thu, 2023-09-28 at 18:27 +0200, Hans van Kranenburg wrote:
> Xen 4.14 support (and security support) has ended upstream. The
> upstream
> stable branch for version 4.14 is frozen now, and a final maintenance
> release version 4.14.6 has been released. We'd like to put this final
> update into Bu
On Thu, Sep 28, 2023 at 11:32:26AM +0200, Julian Andres Klode wrote:
> On Thu, Sep 28, 2023 at 11:22:44AM +0200, Julian Andres Klode wrote:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: unblock
> > X-Debbugs-Cc: a...@packages.deb
Thanks! Can we also roll that fix into the freetype bookworm p-u? Looks
pretty simple to me; just ensuring that sfnt->get_colr_glyph_paint
isn't NULL before calling it.
On Thu, Sep 28 2023 at 11:33:45 AM -04:00:00, Ben Wagner
wrote:
I have been able to figure out what is going on. The cras
I have been able to figure out what is going on. The crash is due to a
typo in FreeType which was recently fixed [0]. This change is also
needed. I can confirm in a local build that with this typo fix the
reported Chromium crash (in libfreetype.so.6) is fixed. To be clear,
this FreeType change [0]
I will take a look into this, but I am confused.
FT_Get_Color_Glyph_Paint cannot be NULL as it is a regular exported
function. This change will affect its behavior to always return 0
(false) but that often happens anyway even without this change (most
fonts don't have COLRv1 tables). For now it's f
On Thu, 28 Sep 2023 at 21:44, Hugh McMaster wrote:
> Hi Andres,
>
> On Thu, 28 Sept 2023 at 18:49, Andres Salomon wrote:
> >
> > Control: affects -1 chromium
> >
> >
> > On Thu, 28 Sep 2023 01:24:00 +0900 SuperCat wrote:
> > > Hi,
> > >
> > > In chromium source code, function SkScalerContext::Glyp
Le mercredi 27 septembre 2023 à 19:09 +0200, Sebastian Ramacher a
écrit :
> On 2023-09-26 22:59:30 +0200, Sébastien Villemot wrote:
> > Package: release.debian.org
> > Severity: normal
> > User: release.debian@packages.debian.org
> > Usertags: transition
> > X-Debbugs-Cc: suitespa...@packages.d
On Tue, 19 Sep 2023 08:59:05 +0100 Luca Boccassi
wrote:
> On Tue, 19 Sept 2023 at 08:21, Salvatore Bonaccorso
wrote:
> >
> > Hi
> >
> > (not a SRM here, but below some comments)
> >
> > On Fri, Sep 08, 2023 at 01:32:05PM +0200, Frode Nordahl wrote:
> > > Package: release.debian.org
> > > Severity
Hi Andres,
On Thu, 28 Sept 2023 at 18:49, Andres Salomon wrote:
>
> Control: affects -1 chromium
>
>
> On Thu, 28 Sep 2023 01:24:00 +0900 SuperCat wrote:
> > Hi,
> >
> > In chromium source code, function SkScalerContext::GlyphMetrics
> > SkScalerContext_FreeType::generateMetrics() will call
> > FT
On Thu, Sep 28, 2023 at 11:22:44AM +0200, Julian Andres Klode wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian@packages.debian.org
> Usertags: unblock
> X-Debbugs-Cc: a...@packages.debian.org, j...@debian.org,
> debian-c...@lists.debian.org
> Control: affects -1 +
Processing control commands:
> affects -1 + src:apt
Bug #1053151 [release.debian.org] unblock: apt/2.7.6
Added indication that 1053151 affects src:apt
--
1053151: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053151
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: a...@packages.debian.org, j...@debian.org,
debian-c...@lists.debian.org
Control: affects -1 + src:apt
Please unblock package apt (well remove the sramacher block)
apt 2.7.5 w
Processing control commands:
> affects -1 chromium
Bug #1052455 [release.debian.org] bookworm-pu: package
freetype/2.12.1+dfsg-5+deb12u1
Added indication that 1052455 affects chromium
--
1052455: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1052455
Debian Bug Tracking System
Contact ow...@
Control: affects -1 chromium
On Thu, 28 Sep 2023 01:24:00 +0900 SuperCat
wrote:
> Hi,
>
> In chromium source code, function SkScalerContext::GlyphMetrics
> SkScalerContext_FreeType::generateMetrics() will call
> FT_Get_Color_Glyph_Paint() if macro TT_SUPPORT_COLRV1 exists. Somehow
> FT_Get_Co
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
X-Debbugs-Cc: uwsgi-plugin-...@packages.debian.org, d...@jones.dk
Control: affects -1 + src:uwsgi-plugin-php
Control: affects -1 + src:uwsgi-plugin-luajit
Control: affects -1 + src:uwsgi-plugi
Processing control commands:
> affects -1 + src:uwsgi-plugin-php
Bug #1053146 [release.debian.org] nmu: uwsgi-plugin-php_2.0.22+1+0.0.15+b1
uwsgi-plugin-luajit_2.0.22+1+0.0.8+b1 uwsgi-plugin-mongo_2.0.22+1+0.0.9+b1
Added indication that 1053146 affects src:uwsgi-plugin-php
> affects -1 + src:uwsg
40 matches
Mail list logo
