Le 13/06/2026 à 23:40, Adam D. Barratt a écrit :
On Sat, 2026-06-13 at 14:34 +0100, Adam D. Barratt wrote:
Control: tags -1 + confirmed
On Fri, 2026-06-12 at 09:34 +0200, Xavier Guimard wrote:
Apache2 is vulnerable to various medium CVEs (CVE-2026-29167, CVE-
2026-29170,
CVE-2026-34355, CVE-2026-34356, CVE-2026-42535, CVE-2026-42536,
CVE-2026-43951, CVE-2026-44119, CVE-2026-44185, CVE-2026-44186,
CVE-2026-44631, CVE-2026-48913).
[...]
I put here just the debian/ diff. The whole diff is big
That's not a reason not to include it. (Compressing often works, as
does sending it separately after filing the bug, to ensure that the
initial message reaches debian-release.)
Please go ahead.
I'm assuming you uploaded the trixie and bookworm versions close
together, and included the orig tarball with both.
The bookworm upload is stuck in the upload queue, because the tarball
got removed when the trixie upload was processed:
Jun 13 21:35:32 processing /apache2_2.4.68-1~deb12u1_sourceonly.changes
Jun 13 21:35:33 apache2_2.4.68.orig.tar.gz doesn't exist (ignored for
now)
Jun 13 21:35:33 apache2_2.4.68.orig.tar.gz.asc doesn't exist (ignored
for now)
You should just be able to re-upload the tarball and signature;
otherwise dcut and re-upload the whole package.
Regards,
Adam
Hi,
sorry, I just reuploaded 2.4.68-1~deb12u1
