Bug#1098803: marked as done (Upstream unmaintained version of docker engine?)

[Debian Bug Tracking System]

Your message dated Sat, 25 Oct 2025 11:05:48 +0000
with message-id <e1vcc5k-00ecs6...@fasolo.debian.org>
and subject line Bug#1098803: fixed in docker.io 27.5.1+dfsg3-2
has caused the Debian Bug report #1098803,
regarding Upstream unmaintained version of docker engine?
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1098803: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098803
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: docker.io
Version: 26.1.5+dfsg1-4+b2

Looking ahead to the trixie release later this year, the version of
docker.io (and docker-cli etc.) currently in testing seems to be based on a
version that may not be maintained upstream?

As far as I can tell Docker Inc. only maintains the latest major version
[1], and with Docker Engine and Moby 28.0 released on Feb 20th 2025 [2] ,
that likely means the 27.x branch is likely to get less attention soon, let
alone the 26.x branch which is what it currently in testing and unstable.

Upstream has this document which comments on the maintenance status of the
various branches:

https://github.com/moby/moby/blob/master/project/BRANCHES-AND-TAGS.md

The "Known Distributors" possibly useful when it comes to identifying
branches that may get more care and attention?

It's not clear how accurate the "currently maintained" table is in terms of
maintainers or third parties that are maintaining older branches, but there
are none listed for the 26.x branches.

While the 28.x series is possibly too new (?) is there any hope that trixie
could be updated to the 27.x series ahead of release?

[1]
https://github.com/moby/moby/discussions/48431#discussioncomment-10542002
[2] https://github.com/moby/moby/releases/tag/v28.0.0

--- End Message ---

--- Begin Message ---

Source: docker.io
Source-Version: 27.5.1+dfsg3-2
Done: Reinhard Tartler <siret...@tauware.de>

We believe that the bug you reported is fixed in the latest version of
docker.io, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1098...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Reinhard Tartler <siret...@tauware.de> (supplier of updated docker.io package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 25 Oct 2025 06:40:25 -0400
Source: docker.io
Architecture: source
Version: 27.5.1+dfsg3-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team <team+pkg...@tracker.debian.org>
Changed-By: Reinhard Tartler <siret...@tauware.de>
Closes: 1098803 1099041 1118147 1118148
Changes:
 docker.io (27.5.1+dfsg3-2) unstable; urgency=medium
 .
   * Upload to unstable, Closes: #1118147
   * Drop Suggests on cgroupfs-mount, Closes: #1099041
 .
 docker.io (27.5.1+dfsg3-1) experimental; urgency=medium
 .
   * Repack tarball:
     - Vendor 'notary'. This only includes the necessary bits and pieces
       needed to build docker
     - use package k8s sources for golang-k8s-sigs-yaml-dev
   * Add distro patches to fix tests and have failures break the build
     - Skip flaky test TestPrunePromptTermination
   * debian/copyright:
     - drop phayes/permbits, no longer used
     - drop client/mflag pattern
     - remove unused copyright paragraph bsd-3-clause-google
     - replace old FSF address with its website
   * Bump Standards version, no changes needed
   * Lintian cleanups:
     - move groff lintian override to the cli package
     - add lintian overrides for golang-github-docker-docker-dev
     - docker.io.lintian-overrides: drop unneeded overrides
     - docker.init: uses bashisms
     - delete unneded patches
     - Add override for docker-doc
     - Replace "Built-Using" with "Static-Built-Using"
     - Rearrange some more lintian overrides
   * Unbreak upgrades from docker.io 26.1
 .
 docker.io (27.5.1+dfsg2-1) experimental; urgency=medium
 .
   [ Nicolas Peugnet ]
   * Use distrib version of tonistiigi-vt100
   * Use distrib version of go-viper-mapstructure
 .
   [Reinhard Tartler]
   * Repack tarball
 .
 docker.io (27.5.1+dfsg1-2) experimental; urgency=medium
 .
   * Fixup engine-ftbfs-mips.patch, Closes: #1118148
   * Install additional go packages
 .
 docker.io (27.5.1+dfsg1-1) experimental; urgency=medium
 .
   * builds against the Debian-packaged etcd sources
   * New upstream release, Closes: #1098803
     - Applied a fix for CVE-2024-41110 / GHSA-v23v-6jw2-98fq, which
       impacted setups utilizing authorization plugins (AuthZ) for access
       control
 .
 docker.io (26.1.5+dfsg2-1) unstable; urgency=medium
 .
   * Vendor 'notary'. This only includes the necessary bits and pieces
     needed to build docker
Checksums-Sha1:
 306f3725e30152587481f9f2dd8f2e0efa3aa40a 8620 docker.io_27.5.1+dfsg3-2.dsc
 5917588421558cc4d6feb5a026cd27a7f1fe89b6 57008 
docker.io_27.5.1+dfsg3-2.debian.tar.xz
Checksums-Sha256:
 b46f95e30631f2274ce7b0b35d2c4a7ba8091ae31441a421a83e618aa6973385 8620 
docker.io_27.5.1+dfsg3-2.dsc
 ce1e5bbe82d7985e6cba171c30d37dbf3db533b3a384b17362a6ccfd0809a8ff 57008 
docker.io_27.5.1+dfsg3-2.debian.tar.xz
Files:
 9935d864b71fa0c301c53764a4214e85 8620 admin optional 
docker.io_27.5.1+dfsg3-2.dsc
 d0ed31b2d967e5f6ad57c3750a115f0d 57008 admin optional 
docker.io_27.5.1+dfsg3-2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEEMN59F2OrlFLH4IJQSadpd5QoJssFAmj8q+QUHHNpcmV0YXJ0
QHRhdXdhcmUuZGUACgkQSadpd5QoJsvqyhAAlsBtCviPk1PE9kjyApRe/IYjbYtF
5T4CDmEPwgLzVx8/cg2JpwMYUPE2V028tB18Xxp2d1OyAgHOVEVpxCTGYFDuQ5t3
db3pRMlnJEiHlcuthrDDHGwNWnSmKlLI8KG1gNU5l21HBvTv6QFmp5XzJMmrzwaQ
k8C7+dUcmAsH1W79Y/8R3Nfzc9m8YaR/2uuf/Qj0b+vYX1t8agkKoz3BogTpMQ3+
bftYMBkU4MA/aVf98e2ps4ttRai3Wxkv5bp20EfC9wIHG2QeMTrT6W13M9qAuixd
rXcSMA9uQq+HMtDUkNF+XwLpsc8lPw4pVgQ7ADX3axfC1j+BACP4myTRXzvm2/Vp
0RvQLrlH9RfgLCH4cVDQw939ajCuw6dvf+mac9GmFKlu0BHcrO/XVc2Hg/NnR0ja
5lHvpEcwgZlLG0imh8L5+nun/W1uBO60K30itxc78utSad8hybUlHDZt4lE6pAbm
Smre7ewaGfvuiT9gIDj0sShumT5xgiPyA5wR6vTdtfSwOyJwTQ2GiKG3vnoJ25EB
zwq8MaHlfhdeN/RCRCaiGwH2FLR9PtPfcgLRPcyVgodjXSFvap/UzOUNDou1m85U
uW0AayKG90qUgDiQHrlCXk5wJC8qr7KHkGCmZFO4mI5cnCthSPDiyYoRwXBm/GV3
UWOn+r5XaF3PEHc=
=J+6k
-----END PGP SIGNATURE-----

pgpYYRxq8koc2.pgp
Description: PGP signature

--- End Message ---