Package: release.debian.org Severity: normal Tags: bookworm User: release.debian....@packages.debian.org Usertags: pu X-Debbugs-Cc: php-composer-p...@packages.debian.org Control: affects -1 + src:php-composer-pcre
Hi, While fixing CVE-2024-24821 in composer in the recent DSA-5632-1, code from php-composer-pcre has been backported in the Bullseye version of composer. Because of that, php-composer-pcre now needs a Breaks+Replaces against composer (<< 2.2) as advised by Andreas Beckmann in #1070423. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable Thanks in advance. Regards, taffit
diff -Nru php-composer-pcre-3.1.0/debian/changelog php-composer-pcre-3.1.0/debian/changelog --- php-composer-pcre-3.1.0/debian/changelog 2022-11-21 20:13:56.000000000 +0100 +++ php-composer-pcre-3.1.0/debian/changelog 2024-05-05 11:08:20.000000000 +0200 @@ -1,3 +1,11 @@ +php-composer-pcre (3.1.0-1+deb12u1) bookworm; urgency=medium + + * Track bookworm + * Add missing Breaks+Replaces: composer (<< 2.2) + Thanks to Andreas Beckmann <a...@debian.org> (Closes: #1070423) + + -- David Prévot <taf...@debian.org> Sun, 05 May 2024 11:08:20 +0200 + php-composer-pcre (3.1.0-1) unstable; urgency=medium [ Jordi Boggiano ] diff -Nru php-composer-pcre-3.1.0/debian/control php-composer-pcre-3.1.0/debian/control --- php-composer-pcre-3.1.0/debian/control 2022-11-05 08:54:58.000000000 +0100 +++ php-composer-pcre-3.1.0/debian/control 2024-05-05 11:08:20.000000000 +0200 @@ -10,7 +10,7 @@ Standards-Version: 4.6.1 Homepage: https://github.com/composer/pcre Vcs-Browser: https://salsa.debian.org/php-team/pear/php-composer-pcre -Vcs-Git: https://salsa.debian.org/php-team/pear/php-composer-pcre.git +Vcs-Git: https://salsa.debian.org/php-team/pear/php-composer-pcre.git -b debian/bookworm Rules-Requires-Root: no Package: php-composer-pcre @@ -19,8 +19,10 @@ Depends: ${misc:Depends}, ${phpcomposer:Debian-require} Recommends: ${phpcomposer:Debian-recommend} Suggests: ${phpcomposer:Debian-suggest} -Replaces: ${phpcomposer:Debian-replace} -Breaks: ${phpcomposer:Debian-conflict}, ${phpcomposer:Debian-replace} +Replaces: composer (<< 2.2), ${phpcomposer:Debian-replace} +Breaks: composer (<< 2.2), + ${phpcomposer:Debian-conflict}, + ${phpcomposer:Debian-replace} Provides: ${phpcomposer:Debian-provide} Description: ${phpcomposer:description} This library gives you a way to ensure `preg_*` functions do not fail diff -Nru php-composer-pcre-3.1.0/debian/gbp.conf php-composer-pcre-3.1.0/debian/gbp.conf --- php-composer-pcre-3.1.0/debian/gbp.conf 2021-12-09 12:43:32.000000000 +0100 +++ php-composer-pcre-3.1.0/debian/gbp.conf 2024-05-05 11:08:20.000000000 +0200 @@ -1,5 +1,5 @@ [DEFAULT] -debian-branch = debian/latest +debian-branch = debian/bookworm filter = [ '.gitattributes' ] pristine-tar = True upstream-branch = upstream/latest