Your message dated Wed, 06 May 2026 03:04:45 +0000
with message-id <[email protected]>
and subject line Bug#1135644: fixed in incus 7.0.0-1
has caused the Debian Bug report #1135644,
regarding incus: CVE-2026-40195 CVE-2026-40197 CVE-2026-40243 CVE-2026-40251
CVE-2026-41647 CVE-2026-41648 CVE-2026-41684 CVE-2026-41685
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1135644: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135644
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: incus
Version: 6.0.6-3
Severity: grave
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerabilities were published for incus, the bug report
server mainly as RC level bug given issues are fixed in stable already
but not yet in the next stable.
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry,
which I know you have already in the packaging repo imported.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: incus
Source-Version: 7.0.0-1
Done: Mathias Gibbens <[email protected]>
We believe that the bug you reported is fixed in the latest version of
incus, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mathias Gibbens <[email protected]> (supplier of updated incus package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 06 May 2026 02:35:00 +0000
Source: incus
Architecture: source
Version: 7.0.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team <[email protected]>
Changed-By: Mathias Gibbens <[email protected]>
Closes: 1135644
Changes:
incus (7.0.0-1) unstable; urgency=medium
.
* New upstream LTS 7.0 release:
- Includes fixes for the following security issues (Closes: #1135644):
* CVE-2026-35527 / GHSA-8gw4-p4wq-4hcv
* CVE-2026-40195 / GHSA-gc7j-g665-rxr9
* CVE-2026-40197 / GHSA-r7w7-mmxr-47r9
* CVE-2026-40243 / GHSA-c839-4qxr-j4x3
* CVE-2026-40251 / GHSA-4m88-wxj4-9qj6
* CVE-2026-41647 / GHSA-fwj8-62r8-8p8m
* CVE-2026-41648 / GHSA-67wx-r9xr-x75x
* CVE-2026-41684 / GHSA-x5r6-jr56-89pv
* CVE-2026-41685 / GHSA-98vh-x9cx-9cfp
- Rebase/update/drop patches as needed
- Add patch to skip flaky tests that occasionally fail on slower
architectures
- Cherry-pick some post-release fixes
* d/control:
- Update package descriptions
- Update Build-Depends and Depends
- Update Breaks for distrobuilder
- No longer Suggest minio-client
- Update minimum required versions of dependencies
* Add an entry for the 7.0 release in d/NEWS
* Update d/README.Debian and d/README.source
Checksums-Sha1:
2540b88507bce37006921987b6c942535e80ffea 5075 incus_7.0.0-1.dsc
c146af5040ea1b4b87b3155c30ab188d23a71eed 5225255 incus_7.0.0.orig.tar.gz
ae7dd968cef927953e5375705d5056f72274b7a1 34044 incus_7.0.0-1.debian.tar.xz
bbb115829609015368996a30f58891bc2287afb5 26577 incus_7.0.0-1_amd64.buildinfo
Checksums-Sha256:
4f8760c6ac1372c0b28c53f95ce19bfed1aa4473ac0044dbcdba18e3671fd637 5075
incus_7.0.0-1.dsc
8bee6bcb08540f64d86b2379be2e2ce3d7aafc0135ac4602c78e3133d482ddd3 5225255
incus_7.0.0.orig.tar.gz
ee87833364dd701dd2db3db9a735d7928870aadac3835a0787cb92dc189c8c48 34044
incus_7.0.0-1.debian.tar.xz
20450a787597bc016a1ab0a5a95c73eb295e68262dd650821f17d14aaa9bee57 26577
incus_7.0.0-1_amd64.buildinfo
Files:
ccca0ba1e5b8d07ec17c39f84618c84c 5075 admin optional incus_7.0.0-1.dsc
4f080d5ab0bd4c8022dbb796f97f31ff 5225255 admin optional incus_7.0.0.orig.tar.gz
0cfd60fdb4d77c76785fc82646856cdc 34044 admin optional
incus_7.0.0-1.debian.tar.xz
309aa45d2407d5f959d343024c5d97c3 26577 admin optional
incus_7.0.0-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCgAwFiEE1Bp60H32xfynSJ8cKe7i1uz0QvkFAmn6rJUSHGdpYm1hdEBk
ZWJpYW4ub3JnAAoJECnu4tbs9EL5T7AP/jgPGmuza0994HrNHvEc8KO+3Pievklh
0vToyN4E2418rK+M+vM2yvaDgoUcmPeAvPjI64eX/quL67U4DFnGCBAYXuz0gDK4
HtYO1QBKzwwQOTXO71/50kI5CRC48XH6mFXp++LjKD6BkreIz+CJwUvm3VWpCraQ
5WHWyJ9I0+jRuv4cVbEzlAFsccAPfqGwsYOkht5RkV0Z0cx6m4HqyWp8kW88UsTQ
ti9bgHV9xki4r5hrLYELvWt2fmB4yUQHqBFjxsUrriXG1DI95knFmt+0w6Yt8k92
7InbOjiBBhX/SbT9gWEj5AmADmkw8ZIP4cTQWPt3ywAkl1KyoZftHHs8KtOTOjBq
yYyB5c32dxWoKn0h0AbXM509AOODfDqaXoi/vx0AOWohKHbQjIurKbB3LJJwzjyj
Q7RweMz2lQTZS7/e3ZL4IR3pNwQbYBgS2h95NGP1DvbQQLttOacdhcE6xOJNDnIl
0nxyj6M9uFcAc3bC/QTao33s2M1pJxfW4ZiFV1sMZPAcWcGHGvyMxcS1IQ9ZR9fa
qZbz0rvtGwvwO73wLtHk7rtRGNDtnPtp2IPtogTI5NmHx2tHZk+yD1BgAdJIHxc6
szS1tCBMcktWODKfTi0khWCJOWLrsvHOFj1mt++SA5+99TMFCHNQrpWA9OJUwVVD
bluu1zUlovON
=Es68
-----END PGP SIGNATURE-----
pgpgTghyuqtPv.pgp
Description: PGP signature
--- End Message ---
