Your message dated Sat, 17 May 2025 09:37:57 +0000
with message-id <[email protected]>
and subject line Close 1105054
has caused the Debian Bug report #1105054,
regarding bookworm-pu: package debian-security-support/1:12+2025.05.10
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1105054: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105054
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: bookworm
User: [email protected]
Usertags: pu
X-Debbugs-Cc: [email protected]
Control: affects -1 + src:debian-security-support
[ Reasons ]
* Mark libnet-easytcp-perl as unuspported for bookworm, see #1093386
* Add php-horde ecosystem to security-support-ended.12
* Add ckeditor3 to security-support-ended.12
* Add gobgp to security-support-limited
* Add musescore(2|3) to security-support-limited
* Drop python2.7 and python-stdlib-extensions from security-support-limited,
as they were not part of bookworm.
[ Impact ]
* some users will not be notified about these changes.
[ Tests ]
* Salsa pipeline for some things, manual review of the diff.
[ Risks ]
* trivial data updates.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issues are verified as fixed in unstable
[ Changes ]
$ debdiff debian-security-support_12+2024.12.22.dsc
debian-security-support_12+2025.05.10.dsc | diffstat
debian/changelog | 18 ++++++++++++++++++
debian/salsa-ci.yml | 5 +++++
security-support-ended.deb12 | 3 +++
security-support-limited | 7 ++++---
4 files changed, 30 insertions(+), 3 deletions(-)
The full debdiff is attached and I've uploaded to bookworm already.
Thanks for your work on stable point releases!
--
cheers,
Holger
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org
⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
⠈⠳⣄
Hope isn't a plan, but it's a hell of a drug.
diff -Nru debian-security-support-12+2024.12.22/debian/changelog debian-security-support-12+2025.05.10/debian/changelog
--- debian-security-support-12+2024.12.22/debian/changelog 2024-12-22 20:33:58.000000000 +0100
+++ debian-security-support-12+2025.05.10/debian/changelog 2025-05-10 15:05:50.000000000 +0200
@@ -1,3 +1,21 @@
+debian-security-support (1:12+2025.05.10) bookworm; urgency=medium
+
+ [ Salvatore Bonaccorso ]
+ * Mark libnet-easytcp-perl as unuspported for bookworm, see #1093386.
+
+ [ Sylvain Beucler ]
+ * Add php-horde ecosystem to security-support-ended.12.
+ * Add ckeditor3 to security-support-ended.12.
+
+ [ Holger Levsen ]
+ * Add gobgp to security-support-limited, thanks to Bastien Roucariès.
+ * Add musescore(2|3) to security-support-limited, thanks to Sylvain Beucler.
+ * Drop python2.7 and python-stdlib-extensions from security-support-limited,
+ as they were not part of bookworm. Thanks to Chris Hofstaedtler.
+ * Add debian/salsa-ci.yml to configure+use that pipeline.
+
+ -- Holger Levsen <[email protected]> Sat, 10 May 2025 15:05:50 +0200
+
debian-security-support (1:12+2024.12.22) bookworm; urgency=medium
[ Salvatore Bonaccorso ]
diff -Nru debian-security-support-12+2024.12.22/debian/salsa-ci.yml debian-security-support-12+2025.05.10/debian/salsa-ci.yml
--- debian-security-support-12+2024.12.22/debian/salsa-ci.yml 1970-01-01 01:00:00.000000000 +0100
+++ debian-security-support-12+2025.05.10/debian/salsa-ci.yml 2025-05-10 14:46:48.000000000 +0200
@@ -0,0 +1,5 @@
+---
+include:
+ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml
+variables:
+ SALSA_CI_DISABLE_AUTOPKGTEST: 1
diff -Nru debian-security-support-12+2024.12.22/security-support-ended.deb12 debian-security-support-12+2025.05.10/security-support-ended.deb12
--- debian-security-support-12+2024.12.22/security-support-ended.deb12 2024-12-22 20:32:15.000000000 +0100
+++ debian-security-support-12+2025.05.10/security-support-ended.deb12 2025-05-10 14:43:50.000000000 +0200
@@ -12,3 +12,6 @@
wpewebkit 2.38.6-1 2023-05-09 https://bugs.debian.org/1035794
intel-mediasdk 22.5.4-1 2024-11-21 abandoned upstream, upstream does not publish enough information to fix issues.
+libnet-easytcp-perl 0.26-6 2025-01-18 https://bugs.debian.org/1093386; unmaintained upstream
+php-horde.* 0 2025-03-22 https://lists.debian.org/debian-lts/2025/03/msg00012.html; incompatible with PHP8
+ckeditor3 3.6.6.1+dfsg-7 2025-04-04 Only present as a build dependency for virtuoso-opensource, no updates will be issued
diff -Nru debian-security-support-12+2024.12.22/security-support-limited debian-security-support-12+2025.05.10/security-support-limited
--- debian-security-support-12+2024.12.22/security-support-limited 2024-12-22 20:29:51.000000000 +0100
+++ debian-security-support-12+2025.05.10/security-support-limited 2025-05-10 14:54:22.000000000 +0200
@@ -12,16 +12,17 @@
ganglia See README.Debian.security, only supported behind an authenticated HTTP zone, #702775
ganglia-web See README.Debian.security, only supported behind an authenticated HTTP zone, #702776
golang.* See https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#golang-static-linking
+gobgpd See https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#golang-static-linking
gnupg1 See #982258 and https://www.debian.org/releases/stretch/amd64/release-notes/ch-whats-new.en.html#modern-gnupg
-jython Includes python2.7 stdlib, support limited until Py3 port, see python2.7 below and https://lists.debian.org/debian-lts/2024/08/msg00027.html
+jython Includes python2.7 stdlib, support limited until Py3 port, see #975058 and https://lists.debian.org/debian-lts/2024/08/msg00027.html
kde4libs khtml has no security support upstream, only for use on trusted content
khtml khtml has no security support upstream, only for use on trusted content, see #1004293
libspring-java See README.Debian.security included in the package
mozjs102 Not covered by security support, only suitable for trusted content, see package description
mozjs78 Not covered by security support, only suitable for trusted content, see #959804
+musescore2 Only supported with trusted files, see README.Debian shipped in package and #1070860
+musescore3 Only supported with trusted files, see README.Debian shipped in package and #1070860
ocsinventory-server Only supported behind an authenticated HTTP zone
-python2.7 Only included for building packages, not running them, #975058
-python-stdlib-extensions Only included for building packages, not running them, #975058
qtwebengine-opensource-src No security support upstream and backports not feasible, only for use on trusted content
qtwebkit No security support upstream and backports not feasible, only for use on trusted content
qtwebkit-opensource-src No security support upstream and backports not feasible, only for use on trusted content
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Version: 12.11
This update has been released as part of 12.10. Thank you for your contribution.
--- End Message ---