Bug#1040519: bookworm-pu: package samba/2:4.17.9+dfsg-0+deb12u1
07.07.2023 10:58, Jonathan Wiltshire wrote: Control: tag -1 confirmed On Fri, Jul 07, 2023 at 10:03:07AM +0300, Michael Tokarev wrote: [ Reason ] Here's the next stable/bugfix release of samba, 4.17.9. As has been the case with samba stable/bugfix releases, this one is of an excellent quality, well tested and with all changes well selected as well. Please go ahead with the full proposal (upstream and your package fixes). Uploaded just now instead of yesterday, - I wanted to verify once more it is in a good shape after the above two additional modifications. Thank you! /mjt
NEW changes in oldstable-new
Processing changes file: yajl_2.1.0-3+deb11u1_all-buildd.changes ACCEPT Processing changes file: yajl_2.1.0-3+deb11u1_amd64-buildd.changes ACCEPT Processing changes file: yajl_2.1.0-3+deb11u1_arm64-buildd.changes ACCEPT Processing changes file: yajl_2.1.0-3+deb11u1_armel-buildd.changes ACCEPT Processing changes file: yajl_2.1.0-3+deb11u1_armhf-buildd.changes ACCEPT Processing changes file: yajl_2.1.0-3+deb11u1_i386-buildd.changes ACCEPT Processing changes file: yajl_2.1.0-3+deb11u1_mips64el-buildd.changes ACCEPT Processing changes file: yajl_2.1.0-3+deb11u1_mipsel-buildd.changes ACCEPT Processing changes file: yajl_2.1.0-3+deb11u1_ppc64el-buildd.changes ACCEPT Processing changes file: yajl_2.1.0-3+deb11u1_s390x-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: rime-cantonese_0.0~git20230209.e0295fa-2~deb12u1_amd64-buildd.changes ACCEPT Processing changes file: rime-cantonese_0.0~git20230209.e0295fa-2~deb12u1_arm64-buildd.changes ACCEPT Processing changes file: rime-cantonese_0.0~git20230209.e0295fa-2~deb12u1_armel-buildd.changes ACCEPT Processing changes file: rime-cantonese_0.0~git20230209.e0295fa-2~deb12u1_armhf-buildd.changes ACCEPT Processing changes file: rime-cantonese_0.0~git20230209.e0295fa-2~deb12u1_i386-buildd.changes ACCEPT Processing changes file: rime-cantonese_0.0~git20230209.e0295fa-2~deb12u1_mips64el-buildd.changes ACCEPT Processing changes file: rime-cantonese_0.0~git20230209.e0295fa-2~deb12u1_mipsel-buildd.changes ACCEPT Processing changes file: rime-cantonese_0.0~git20230209.e0295fa-2~deb12u1_ppc64el-buildd.changes ACCEPT Processing changes file: rime-cantonese_0.0~git20230209.e0295fa-2~deb12u1_s390x-buildd.changes ACCEPT Processing changes file: rime-luna-pinyin_0.0~git20230204.79aeae2-3~deb12u1_amd64-buildd.changes ACCEPT Processing changes file: rime-luna-pinyin_0.0~git20230204.79aeae2-3~deb12u1_arm64-buildd.changes ACCEPT Processing changes file: rime-luna-pinyin_0.0~git20230204.79aeae2-3~deb12u1_armel-buildd.changes ACCEPT Processing changes file: rime-luna-pinyin_0.0~git20230204.79aeae2-3~deb12u1_armhf-buildd.changes ACCEPT Processing changes file: rime-luna-pinyin_0.0~git20230204.79aeae2-3~deb12u1_i386-buildd.changes ACCEPT Processing changes file: rime-luna-pinyin_0.0~git20230204.79aeae2-3~deb12u1_mips64el-buildd.changes ACCEPT Processing changes file: rime-luna-pinyin_0.0~git20230204.79aeae2-3~deb12u1_mipsel-buildd.changes ACCEPT Processing changes file: rime-luna-pinyin_0.0~git20230204.79aeae2-3~deb12u1_ppc64el-buildd.changes ACCEPT Processing changes file: rime-luna-pinyin_0.0~git20230204.79aeae2-3~deb12u1_s390x-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: aide_0.18.3-1+deb12u2_all-buildd.changes ACCEPT Processing changes file: aide_0.18.3-1+deb12u2_amd64-buildd.changes ACCEPT Processing changes file: aide_0.18.3-1+deb12u2_arm64-buildd.changes ACCEPT Processing changes file: aide_0.18.3-1+deb12u2_armel-buildd.changes ACCEPT Processing changes file: aide_0.18.3-1+deb12u2_armhf-buildd.changes ACCEPT Processing changes file: aide_0.18.3-1+deb12u2_i386-buildd.changes ACCEPT Processing changes file: aide_0.18.3-1+deb12u2_mips64el-buildd.changes ACCEPT Processing changes file: aide_0.18.3-1+deb12u2_mipsel-buildd.changes ACCEPT Processing changes file: aide_0.18.3-1+deb12u2_ppc64el-buildd.changes ACCEPT Processing changes file: aide_0.18.3-1+deb12u2_s390x-buildd.changes ACCEPT
NEW changes in oldstable-new
Processing changes file: yajl_2.1.0-3+deb11u1_source.changes ACCEPT
NEW changes in stable-new
Processing changes file: rime-cantonese_0.0~git20230209.e0295fa-2~deb12u1_source.changes ACCEPT Processing changes file: rime-luna-pinyin_0.0~git20230204.79aeae2-3~deb12u1_source.changes ACCEPT
Bug#1040137: yajl 2.1.0-3+deb11u1 flagged for acceptance
package release.debian.org tags 1040137 = bullseye pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bullseye. Thanks for your contribution! Upload details == Package: yajl Version: 2.1.0-3+deb11u1 Explanation: memory leak security fix
Processed: rime-luna-pinyin 0.0~git20230204.79aeae2-3~deb12u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1040502 = bookworm pending Bug #1040502 [release.debian.org] bookworm-pu: package rime-luna-pinyin/0.0~git20230204.79aeae2-3~deb12u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1040502: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040502 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: yajl 2.1.0-3+deb11u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1040137 = bullseye pending Bug #1040137 [release.debian.org] bullseye-pu: package yajl/2.1.0-3+deb11u1 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1040137: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040137 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1040505: rime-cantonese 0.0~git20230209.e0295fa-2~deb12u1 flagged for acceptance
package release.debian.org tags 1040505 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: rime-cantonese Version: 0.0~git20230209.e0295fa-2~deb12u1 Explanation: sort words and characters by frequency
Bug#1040502: rime-luna-pinyin 0.0~git20230204.79aeae2-3~deb12u1 flagged for acceptance
package release.debian.org tags 1040502 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: rime-luna-pinyin Version: 0.0~git20230204.79aeae2-3~deb12u1 Explanation: install missing pinyin schema data
Processed: rime-cantonese 0.0~git20230209.e0295fa-2~deb12u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1040505 = bookworm pending Bug #1040505 [release.debian.org] bookworm-pu: package rime-cantonese/0.0~git20230209.e0295fa-2~deb12u1 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1040505: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040505 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036676: transition: nvidia-cuda-toolkit 12
On 07/07/2023 22.30, Sebastian Ramacher wrote: Have all bugs been filed for these issues? Yes. The FTBFS ones are already autoremoved. mumax3 builds, but has a hardcoded dependency on a CUDA 11 library. I'm currently testing nvidia-cuda-samples 12 ... Andreas
Bug#1039961: marked as done (transition: libexecs)
Your message dated Fri, 7 Jul 2023 22:25:26 +0200 with message-id and subject line Re: Bug#1039961: transition: libexecs has caused the Debian Bug report #1039961, regarding transition: libexecs to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1039961: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039961 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org User: release.debian@packages.debian.org Usertags: transition X-Debbugs-Cc: libex...@packages.debian.org Control: affects -1 + src:libexecs Control: submitter -1 Renzo Davoli Hi, I'd like to ask for permission to carry out this small transition here: https://release.debian.org/transitions/html/auto-libexecs.html All the relevant rev-deps are OK and binNMUs would take care of them. -- regards, Mattia Rizzolo GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`. More about me: https://mapreri.org : :' : Launchpad user: https://launchpad.net/~mapreri `. `'` Debian QA page: https://qa.debian.org/developer.php?login=mattia `- signature.asc Description: PGP signature --- End Message --- --- Begin Message --- On 2023-07-01 09:59:15 +0200, Sebastian Ramacher wrote: > Control: tags -1 confirmed > > On 2023-06-30 09:46:54 +0200, Mattia Rizzolo wrote: > > Package: release.debian.org > > User: release.debian@packages.debian.org > > Usertags: transition > > X-Debbugs-Cc: libex...@packages.debian.org > > Control: affects -1 + src:libexecs > > Control: submitter -1 Renzo Davoli > > > > Hi, > > > > I'd like to ask for permission to carry out this small transition here: > > https://release.debian.org/transitions/html/auto-libexecs.html > > > > All the relevant rev-deps are OK and binNMUs would take care of them. > > Please go ahead The old binaries got removed from testing. Cheers -- Sebastian Ramacher--- End Message ---
Processed: Re: Bug#1039030: transition: qtbase-abi-5-15-10
Processing control commands: > tags -1 confirmed Bug #1039030 [release.debian.org] transition: qtbase-abi-5-15-10 Added tag(s) confirmed. -- 1039030: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039030 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1039030: transition: qtbase-abi-5-15-10
Control: tags -1 confirmed On 2023-06-24 23:13:44 +0300, Dmitry Shachnev wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > Control: block -1 by 1038402 1038737 > Control: affects -1 + src:qtbase-opensource-src > > Dear Release team, > > We skipped Qt 5.15.9 release because of the freeze, so now I would like to > upgrade from 5.15.8 to 5.15.10 — a version which was published on June 6th. Please go ahead. Cheers -- Sebastian Ramacher
Processed: Re: Bug#1036676: transition: nvidia-cuda-toolkit 12
Processing control commands: > tags -1 moreinfo Bug #1036676 [release.debian.org] transition: nvidia-cuda-toolkit 12 Added tag(s) moreinfo. -- 1036676: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036676 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1036676: transition: nvidia-cuda-toolkit 12
Control: tags -1 moreinfo On 2023-05-24 12:07:19 +0200, Andreas Beckmann wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > > The switch from CUDA 11 to CUDA 12 seems to have bigger impact on the > dependencies, thus I'm going to block this bug with the corresponding > FTBFS bugs. > (There are no binNMUs to be scheduled by the release team as > nvidia-cuda-toolkit is in non-free.) > > First rebuild test with 12.0.0: > FAILamd64 astra-toolbox/sid > OK amd64 bart-cuda/sid > FAILamd64 eztrace-contrib/sid > OK amd64 hwloc-contrib/sid > FAILamd64 magma/sid > OK amd64 mumax3/sid > OK amd64 nvidia-nccl/sid > OK amd64 pycuda/sid > FAILamd64 pyhst2/sid > OK amd64 pyvkfft/sid > FAILamd64 relion-cuda/sid > FAILamd64 slurm-wlm-contrib/sid > FAILamd64 starpu-contrib/sid > FAILamd64 tomopy/sid Have all bugs been filed for these issues? Cheers -- Sebastian Ramacher
Bug#1038820: marked as done (transition: glibc 2.37)
Your message dated Fri, 7 Jul 2023 22:26:40 +0200 with message-id and subject line Re: Bug#1038820: transition: glibc 2.37 has caused the Debian Bug report #1038820, regarding transition: glibc 2.37 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1038820: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038820 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition X-Debbugs-Cc: debian-gl...@lists.debian.org Control: affects -1 + src:glibc Dear release team, I would like to get a transition slot for glibc 2.37. It has been available in experimental for a bit more than a month and does not have any known issue. It has been built successfully on all release architectures and many ports architectures (technically 2.37-2 hasn't been built yet on mipsel and mips64el due to the buildds lagging, but 2.37-1 has been built successfully). As glibc is using symbol versioning, there is no soname change. That said a few packages are using libc internal symbols and have to be rebuilt for this transition. Here is the corresponding ben file: title = "glibc"; is_affected = .depends ~ /libc[0-9.]* \(<--- End Message --- --- Begin Message --- On 2023-07-01 14:16:54 +0200, Aurelien Jarno wrote: > Hi Sebastian, > > On 2023-07-01 10:14, Sebastian Ramacher wrote: > > Control: forwarded -1 > > https://release.debian.org/transitions/html/glibc-2.37.html > > Control: tags -1 confirmed > > > > On 2023-06-21 20:53:54 +0200, Aurelien Jarno wrote: > > > Package: release.debian.org > > > Severity: normal > > > User: release.debian@packages.debian.org > > > Usertags: transition > > > X-Debbugs-Cc: debian-gl...@lists.debian.org > > > Control: affects -1 + src:glibc > > > > > > Dear release team, > > > > > > I would like to get a transition slot for glibc 2.37. It has been > > > available in experimental for a bit more than a month and does not have > > > any known issue. It has been built successfully on all release > > > architectures and many ports architectures (technically 2.37-2 hasn't > > > been built yet on mipsel and mips64el due to the buildds lagging, but > > > 2.37-1 has been built successfully). > > > > Please go ahead. > > Thanks, I have just uploaded it. glibc mirated. Cheers -- Sebastian Ramacher--- End Message ---
Bug#1038933: marked as done (transition: octave)
Your message dated Fri, 7 Jul 2023 22:27:14 +0200 with message-id and subject line Re: Bug#1038933: transition: octave has caused the Debian Bug report #1038933, regarding transition: octave to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1038933: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1038933 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition X-Debbugs-Cc: oct...@packages.debian.org, debian-oct...@lists.debian.org Control: affects -1 + src:octave Dear Release Team, Please schedule a transition for the latest major upstream version of Octave, version 8. All the arch:any Octave addons need to be rebuild. Octave 8 has already been uploaded to experimental. A rebuild of all the packages affected by the transition has been performed. Several problems were fixed, and to the best of our knowledge, only one package is not ready (octave-stk; since it is a leaf package, it will be possible to temporarily exclude it from testing if it is not fixed by the time of the transition). We stand ready to upload and NMU as needed if other issues arise. Ben file: title = "octave"; is_affected = .depends ~ "octave-abi-57" | .depends ~ "octave-abi-58"; is_good = .depends ~ "octave-abi-58"; is_bad = .depends ~ "octave-abi-57"; -- ⢀⣴⠾⠻⢶⣦⠀ Sébastien Villemot ⣾⠁⢠⠒⠀⣿⡁ Debian Developer ⢿⡄⠘⠷⠚⠋⠀ https://sebastien.villemot.name ⠈⠳⣄ https://www.debian.org --- End Message --- --- Begin Message --- On 2023-07-04 12:20:18 +0200, Sébastien Villemot wrote: > Le samedi 01 juillet 2023 à 10:15 +0200, Sebastian Ramacher a écrit : > > On 2023-06-23 10:32:52 +0200, Sébastien Villemot wrote: > > > Package: release.debian.org > > > Severity: normal > > > User: release.debian@packages.debian.org > > > Usertags: transition > > > X-Debbugs-Cc: oct...@packages.debian.org, debian-oct...@lists.debian.org > > > Control: affects -1 + src:octave > > > > > > Dear Release Team, > > > > > > Please schedule a transition for the latest major upstream version of > > > Octave, > > > version 8. All the arch:any Octave addons need to be rebuild. > > > > Please go ahead. > > Thanks for your help! It looks like the transition is complete. Indeed, let's close the bug report. Cheers -- Sebastian Ramacher--- End Message ---
Bug#1040418: marked as done (nmu: libheif_1.16.2-1)
Your message dated Fri, 7 Jul 2023 21:47:00 +0200 with message-id and subject line Re: Bug#1040418: nmu: libheif_1.16.2-1 has caused the Debian Bug report #1040418, regarding nmu: libheif_1.16.2-1 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1040418: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040418 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: binnmu X-Debbugs-Cc: libh...@packages.debian.org, ba...@struktur.de, sramac...@debian.org Control: affects -1 + src:libheif nmu libheif_1.16.2-1 . ANY . unstable . -m "rebuild on buildd" Please rebuild libheif (on all architectures, as it has M-A:same binaries), so it can migrate to testing; kimageformat will need it soon. Thanks, -- Pino --- End Message --- --- Begin Message --- On 2023-07-05 19:31:48 +0200, Pino Toscano wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: binnmu > X-Debbugs-Cc: libh...@packages.debian.org, ba...@struktur.de, > sramac...@debian.org > Control: affects -1 + src:libheif > > nmu libheif_1.16.2-1 . ANY . unstable . -m "rebuild on buildd" > > Please rebuild libheif (on all architectures, as it has M-A:same > binaries), so it can migrate to testing; kimageformat will need it > soon. This was scheduled some time ago. Cheers -- Sebastian Ramacher--- End Message ---
Processed: Re: Bug#1040335: transition: gnustep-sqlclient
Processing control commands: > tags -1 confirmed Bug #1040335 [release.debian.org] transition: gnustep-sqlclient Added tag(s) confirmed. -- 1040335: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040335 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1040335: transition: gnustep-sqlclient
Control: tags -1 confirmed On 2023-07-04 18:07:11 +0300, Yavor Doganov wrote: > Package: release.debian.org > Severity: normal > User: release.debian@packages.debian.org > Usertags: transition > X-Debbugs-Cc: gnustep-sqlcli...@packages.debian.org > Control: affects -1 + src:gnustep-sqlclient > Control: forwarded -1 > https://release.debian.org/transitions/html/auto-gnustep-sqlclient.html > > We would like to have release team's permission to update the > gnustep-sqlclient library (libsqlclient1.8 -> 1.9). > The only rdep is adun.app, it builds fine and can be safely binNMUed. Please go ahead Cheers -- Sebastian Ramacher
Bug#1040001: adds unnecessarily strict versioned Depends on r-base-core
Control: reopen -1 Thanks for watching me, Bas. Am Fri, Jul 07, 2023 at 05:09:31PM +0200 schrieb Sebastiaan Couwenberg: > It seems that dh-r (20230707) should have closed #1040515 instead of the > transition bug report (#1040001). -- http://fam-tille.de
Processed: Re: adds unnecessarily strict versioned Depends on r-base-core
Processing control commands: > reopen -1 Bug #1040001 [release.debian.org] transition: r-base Bug 1040001 is not marked as done; doing nothing. -- 1040001: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040001 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
NEW changes in oldstable-new
Processing changes file: mediawiki_1.35.11-1~deb11u1_source.changes ACCEPT Processing changes file: mediawiki_1.35.11-1~deb11u1_all-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: aide_0.18.3-1+deb12u2_source.changes ACCEPT Processing changes file: chromium_114.0.5735.198-1~deb12u1_source.changes ACCEPT Processing changes file: chromium_114.0.5735.198-1~deb12u1_all-buildd.changes ACCEPT Processing changes file: chromium_114.0.5735.198-1~deb12u1_amd64-buildd.changes ACCEPT Processing changes file: chromium_114.0.5735.198-1~deb12u1_arm64-buildd.changes ACCEPT Processing changes file: chromium_114.0.5735.198-1~deb12u1_armhf-buildd.changes ACCEPT Processing changes file: chromium_114.0.5735.198-1~deb12u1_i386-buildd.changes ACCEPT Processing changes file: chromium_114.0.5735.198-1~deb12u1_ppc64el-buildd.changes ACCEPT
Processed: Re: Bug#1040563: bookworm-pu: package node-tough-cookie/4.0.0-2+deb12u1
Processing control commands: > tag -1 moreinfo Bug #1040563 [release.debian.org] bookworm-pu: package node-tough-cookie/4.0.0-2+deb12u1 Added tag(s) moreinfo. -- 1040563: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040563 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1040563: bookworm-pu: package node-tough-cookie/4.0.0-2+deb12u1
Control: tag -1 moreinfo On Fri, Jul 07, 2023 at 09:01:40PM +0400, Yadd wrote: > [ Reason ] > node-tough-cookie is vulnerable to prototype pollution How has this been fixed in unstable? You'll need an upload there anyway for version ordering. Thanks, -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
Processed: aide 0.18.3-1+deb12u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1040142 = bookworm pending Bug #1040142 [release.debian.org] bookworm-pu: package aide/0.18.3-1+deb12u2 Added tag(s) pending; removed tag(s) confirmed. > thanks Stopping processing here. Please contact me if you need assistance. -- 1040142: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040142 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1040142: aide 0.18.3-1+deb12u2 flagged for acceptance
package release.debian.org tags 1040142 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: aide Version: 0.18.3-1+deb12u2 Explanation: fix child directory processing on equal match
Bug#1040563: bookworm-pu: package node-tough-cookie/4.0.0-2+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: node-tough-coo...@packages.debian.org Control: affects -1 + src:node-tough-cookie [ Reason ] node-tough-cookie is vulnerable to prototype pollution [ Impact ] Littel security issue [ Tests ] Test updated, passed [ Risks ] No risk, patch is trivial and tested [ Checklist ] [X] *all* changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in (old)stable [X] the issue is verified as fixed in unstable [ Changes ] Create new object instead of using default {} Cheers, Yadd diff --git a/debian/changelog b/debian/changelog index 3652359..a8e8b7e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +node-tough-cookie (4.0.0-2+deb12u1) bookworm; urgency=medium + + * Team upload + * Fix prototype pollution (Closes: CVE-2023-26136) + + -- Yadd Fri, 07 Jul 2023 20:57:36 +0400 + node-tough-cookie (4.0.0-2) unstable; urgency=medium * Team upload diff --git a/debian/patches/CVE-2023-26136.patch b/debian/patches/CVE-2023-26136.patch new file mode 100644 index 000..05e6372 --- /dev/null +++ b/debian/patches/CVE-2023-26136.patch @@ -0,0 +1,71 @@ +Description: Fix prototype pollution + CVE-2023-26136 +Author: Yadd +Forwarded: not-needed +Last-Update: 2023-07-07 + +--- a/lib/memstore.js b/lib/memstore.js +@@ -39,7 +39,7 @@ + constructor() { + super(); + this.synchronous = true; +-this.idx = {}; ++this.idx = Object.create(null); + if (util.inspect.custom) { + this[util.inspect.custom] = this.inspect; + } +@@ -109,10 +109,10 @@ + + putCookie(cookie, cb) { + if (!this.idx[cookie.domain]) { +- this.idx[cookie.domain] = {}; ++ this.idx[cookie.domain] = Object.create(null); + } + if (!this.idx[cookie.domain][cookie.path]) { +- this.idx[cookie.domain][cookie.path] = {}; ++ this.idx[cookie.domain][cookie.path] = Object.create(null); + } + this.idx[cookie.domain][cookie.path][cookie.key] = cookie; + cb(null); +@@ -144,7 +144,7 @@ + return cb(null); + } + removeAllCookies(cb) { +-this.idx = {}; ++this.idx = Object.create(null); + return cb(null); + } + getAllCookies(cb) { +--- a/test/cookie_jar_test.js b/test/cookie_jar_test.js +@@ -669,4 +669,29 @@ + } + } + }) ++ .addBatch({ ++"Issue #282 - Prototype pollution": { ++ "when setting a cookie with the domain __proto__": { ++topic: function() { ++ const jar = new tough.CookieJar(undefined, { ++rejectPublicSuffixes: false ++ }); ++ // try to pollute the prototype ++ jar.setCookieSync( ++"Slonser=polluted; Domain=__proto__; Path=/notauth", ++"https://__proto__/admin; ++ ); ++ jar.setCookieSync( ++"Auth=Lol; Domain=google.com; Path=/notauth", ++"https://google.com/; ++ ); ++ this.callback(); ++}, ++"results in a cookie that is not affected by the attempted prototype pollution": function() { ++ const pollutedObject = {}; ++ assert(pollutedObject["/notauth"] === undefined); ++} ++ } ++} ++ }) + .export(module); diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 000..67af372 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1 @@ +CVE-2023-26136.patch
Processed: bookworm-pu: package node-tough-cookie/4.0.0-2+deb12u1
Processing control commands: > affects -1 + src:node-tough-cookie Bug #1040563 [release.debian.org] bookworm-pu: package node-tough-cookie/4.0.0-2+deb12u1 Added indication that 1040563 affects src:node-tough-cookie -- 1040563: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040563 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
NEW changes in stable-new
Processing changes file: autofs_5.1.8-2+deb12u1_mips64el-buildd.changes ACCEPT Processing changes file: autofs_5.1.8-2+deb12u1_mipsel-buildd.changes ACCEPT Processing changes file: postfix_3.7.6-0+deb12u2_mips64el-buildd.changes ACCEPT Processing changes file: postfix_3.7.6-0+deb12u2_mipsel-buildd.changes ACCEPT
NEW changes in stable-new
Processing changes file: autofs_5.1.8-2+deb12u1_amd64-buildd.changes ACCEPT Processing changes file: autofs_5.1.8-2+deb12u1_arm64-buildd.changes ACCEPT Processing changes file: autofs_5.1.8-2+deb12u1_armel-buildd.changes ACCEPT Processing changes file: autofs_5.1.8-2+deb12u1_armhf-buildd.changes ACCEPT Processing changes file: autofs_5.1.8-2+deb12u1_i386-buildd.changes ACCEPT Processing changes file: autofs_5.1.8-2+deb12u1_ppc64el-buildd.changes ACCEPT Processing changes file: autofs_5.1.8-2+deb12u1_s390x-buildd.changes ACCEPT Processing changes file: postfix_3.7.6-0+deb12u2_all-buildd.changes ACCEPT Processing changes file: postfix_3.7.6-0+deb12u2_amd64-buildd.changes ACCEPT Processing changes file: postfix_3.7.6-0+deb12u2_arm64-buildd.changes ACCEPT Processing changes file: postfix_3.7.6-0+deb12u2_armel-buildd.changes ACCEPT Processing changes file: postfix_3.7.6-0+deb12u2_armhf-buildd.changes ACCEPT Processing changes file: postfix_3.7.6-0+deb12u2_i386-buildd.changes ACCEPT Processing changes file: postfix_3.7.6-0+deb12u2_ppc64el-buildd.changes ACCEPT Processing changes file: postfix_3.7.6-0+deb12u2_s390x-buildd.changes ACCEPT Processing changes file: smarty4_4.3.0-1+deb12u1_all-buildd.changes ACCEPT
Bug#1040142: bookworm-pu: package aide/0.18.3-1+deb12u2
On Thu, Jul 06, 2023 at 07:25:35PM +0100, Adam D. Barratt wrote: > Please go ahead. Thanks for your advice. Uploaded. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Processed: reopening 1040001
Processing commands for cont...@bugs.debian.org: > reopen 1040001 Bug #1040001 {Done: Andreas Tille } [release.debian.org] transition: r-base 'reopen' may be inappropriate when a bug has been closed with a version; all fixed versions will be cleared, and you may need to re-add them. Bug reopened No longer marked as fixed in versions dh-r/20230707. > thanks Stopping processing here. Please contact me if you need assistance. -- 1040001: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040001 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1040001: marked as done (transition: r-base)
Your message dated Fri, 07 Jul 2023 08:57:16 + with message-id and subject line Bug#1040001: fixed in dh-r 20230707 has caused the Debian Bug report #1040001, regarding transition: r-base to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1040001: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040001 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: transition X-Debbugs-Cc: r-b...@packages.debian.org, debia...@lists.debian.org Control: affects -1 + src:r-base Hi, I'm not sure that we are in the right status to ask for a transition bug since the affected package was just uploaded some time ago by its maintainer who did not considered a proper transition. This was discussed on debia...@lists.debian.org in several postings - I try to point you to the most relevant ones https://lists.debian.org/debian-r/2023/06/msg00011.html as a response to >30 bugs against single packages all affecting the r-base migration due to (to be expected) autopkgtest errors in testing. You can basically get this list of now all RC buggy packages from the tracker page or r-base[1] https://lists.debian.org/debian-r/2023/06/msg00017.html suggests r-graphics-api-* after r-base maintainer confirmed "they cheated _a little_ and changes the graphics API" (probably meaning ABI not API) https://lists.debian.org/debian-r/2023/06/msg00016.html Reference to the docs https://lists.debian.org/debian-r/2023/06/msg00025.html In the end of this mail three options are listed which I simply repeat here for your comfort: 1. implement the r-graphics-api-* This might be a bit complex since for the moment I do not know any means how to detect the packages that need this dependency (and how we can implement this into dh-update-R) So this might become technically complex in the first case 2. Just do a full r-api transition This would work but affects more packages than strictly necessary. My gut feeling says we will be able to finish this earlier than 1. despite technically not perfect 3. Blindly ignore the fact that we need a transition and follow the hackish workaround by using random versioned Depends as suggested by Nilesh for r-cran-epi. https://lists.debian.org/debian-r/2023/06/msg00027.html Confirmation for option 1. While I would love to hear the opinion of the release team what kind of transition (1. or 2.) should be prefered (if this is possible now at all since the affected package r-base 4.3.1 is in the archive since some time and also the most urgent packages are rebuild manually) or whether we need to fight manually through this mess (option 3.) I confirm that I agree with Johannes Ranke to prefer option 1. and do it "right" to be safe for the next time. To support this idea I just commited some proof of concept change to dh-r which would support injecting a virtual package in case r-base would define it. This requires confirmation of the r-base maintainer. Sorry that this transition bug is that complex. I would have loved if it would went more coordinated but unfortunately that's not in my hands and I simply try to reassemble the pieces. Kind regards Andreas. [1] https://tracker.debian.org/pkg/r-base [2] https://salsa.debian.org/r-pkg-team/dh-r/-/commit/f79e2573a59c1ff01c526a7dcf15b7f85263cc29 Ben file: title = "r-base"; is_affected = ; is_good = ; is_bad = ; --- End Message --- --- Begin Message --- Source: dh-r Source-Version: 20230707 Done: Andreas Tille We believe that the bug you reported is fixed in the latest version of dh-r, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1040...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Andreas Tille (supplier of updated dh-r package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Fri, 07 Jul 2023 10:29:11 +0200 Source: dh-r Architecture: source Version: 20230707 Distribution: unstable Urgency: med
Processed: Re: Bug#1040519: bookworm-pu: package samba/2:4.17.9+dfsg-0+deb12u1
Processing control commands: > tag -1 confirmed Bug #1040519 [release.debian.org] bookworm-pu: package samba/2:4.17.9+dfsg-0+deb12u1 Added tag(s) confirmed. -- 1040519: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040519 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1040519: bookworm-pu: package samba/2:4.17.9+dfsg-0+deb12u1
Control: tag -1 confirmed On Fri, Jul 07, 2023 at 10:03:07AM +0300, Michael Tokarev wrote: > [ Reason ] > Here's the next stable/bugfix release of samba, 4.17.9. > As has been the case with samba stable/bugfix releases, this > one is of an excellent quality, well tested and with all changes > well selected as well. Please go ahead with the full proposal (upstream and your package fixes). Thanks, -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
Processed: Re: Bug#1040505: bookworm-pu: package rime-cantonese/0.0~git20230209.e0295fa-2~deb12u1
Processing control commands: > tag -1 confirmed Bug #1040505 [release.debian.org] bookworm-pu: package rime-cantonese/0.0~git20230209.e0295fa-2~deb12u1 Added tag(s) confirmed. -- 1040505: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040505 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1040505: bookworm-pu: package rime-cantonese/0.0~git20230209.e0295fa-2~deb12u1
Control: tag -1 confirmed On Thu, Jul 06, 2023 at 04:45:41PM -0400, Boyuan Yang wrote: > This upload adds a missing file (word frequency file) to the > installation of binary package rime-data-jyut6ping3 to fix > https://bugs.debian.org/1037022 . Please go ahead. Thanks, -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
Processed: Re: Bug#1040502: bookworm-pu: package rime-luna-pinyin/0.0~git20230204.79aeae2-3~deb12u1
Processing control commands: > tag -1 confirmed Bug #1040502 [release.debian.org] bookworm-pu: package rime-luna-pinyin/0.0~git20230204.79aeae2-3~deb12u1 Added tag(s) confirmed. -- 1040502: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040502 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1040502: bookworm-pu: package rime-luna-pinyin/0.0~git20230204.79aeae2-3~deb12u1
Control: tag -1 confirmed On Thu, Jul 06, 2023 at 04:27:46PM -0400, Boyuan Yang wrote: > Fix input method deployment error and bug in customizing input method > as reported in https://bugs.debian.org/1040403 . It is caused by > missing installation of pinyin.yaml from upstream source code to > binary package according to the upstream bug report at > https://github.com/rime/home/issues/1326 . Please go ahead. Thanks, -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
NEW changes in stable-new
Processing changes file: autofs_5.1.8-2+deb12u1_source.changes ACCEPT Processing changes file: linux_6.1.37-1_source.changes ACCEPT Processing changes file: linux_6.1.37-1_all-buildd.changes ACCEPT Processing changes file: linux_6.1.37-1_amd64-buildd.changes ACCEPT Processing changes file: linux_6.1.37-1_arm64-buildd.changes ACCEPT Processing changes file: linux_6.1.37-1_armel-buildd.changes ACCEPT Processing changes file: linux_6.1.37-1_armhf-buildd.changes ACCEPT Processing changes file: linux_6.1.37-1_i386-buildd.changes ACCEPT Processing changes file: linux_6.1.37-1_mips64el-buildd.changes ACCEPT Processing changes file: linux_6.1.37-1_mipsel-buildd.changes ACCEPT Processing changes file: linux_6.1.37-1_ppc64el-buildd.changes ACCEPT Processing changes file: linux_6.1.37-1_s390x-buildd.changes ACCEPT Processing changes file: linux-signed-amd64_6.1.37+1_source.changes ACCEPT Processing changes file: linux-signed-amd64_6.1.37+1_amd64-buildd.changes ACCEPT Processing changes file: linux-signed-arm64_6.1.37+1_source.changes ACCEPT Processing changes file: linux-signed-arm64_6.1.37+1_arm64-buildd.changes ACCEPT Processing changes file: linux-signed-i386_6.1.37+1_source.changes ACCEPT Processing changes file: linux-signed-i386_6.1.37+1_i386-buildd.changes ACCEPT Processing changes file: postfix_3.7.6-0+deb12u2_source.changes ACCEPT Processing changes file: smarty4_4.3.0-1+deb12u1_source.changes ACCEPT
Processed: Re: Bug#1040415: bullseye-pu: package pacemaker/2.1.5-1+deb12u1
Processing control commands: > tag -1 confirmed Bug #1040415 [release.debian.org] bookworm-pu: package pacemaker/2.1.5-1+deb12u1 Added tag(s) confirmed. -- 1040415: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040415 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1040415: bullseye-pu: package pacemaker/2.1.5-1+deb12u1
Control: tag -1 confirmed On Wed, Jul 05, 2023 at 07:14:09PM +0200, Ferenc Wágner wrote: > [ Reason ] > Shortly after the release of bookworm we got a report that Pacemaker > regressed in certain migration scenarios when compared to the bullseye > version. Upstream identified the cause (a bug already fixed in 2.1.6), > and after backporting the fix the submitter acknowledged that they can't > reproduce the bug anymore with the proposed packages. > https://bugs.clusterlabs.org/show_bug.cgi?id=5521 > Pacemaker package bug opened after discussion on the mailing list: > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040165 Please go ahead, and bear in mind the upload window closes next weekend. Thanks, -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
Processed: smarty4 4.3.0-1+deb12u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1040449 = bookworm pending Bug #1040449 [release.debian.org] bookworm-pu: package smarty4/4.3.0-1+deb12u1 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1040449: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040449 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Processed: autofs 5.1.8-2+deb12u1 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1040448 = bookworm pending Bug #1040448 [release.debian.org] bookworm-pu: package autofs/5.1.8-2+deb12u1 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1040448: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040448 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1040449: smarty4 4.3.0-1+deb12u1 flagged for acceptance
package release.debian.org tags 1040449 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: smarty4 Version: 4.3.0-1+deb12u1 Explanation: fix arbitrary code execution issue [CVE-2023-28447]
Processed: postfix 3.7.6-0+deb12u2 flagged for acceptance
Processing commands for cont...@bugs.debian.org: > package release.debian.org Limiting to bugs with field 'package' containing at least one of 'release.debian.org' Limit currently set to 'package':'release.debian.org' > tags 1040435 = bookworm pending Bug #1040435 [release.debian.org] bookworm-pu: package postfix/3.7.4-2 Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 1040435: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040435 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1040435: postfix 3.7.6-0+deb12u2 flagged for acceptance
package release.debian.org tags 1040435 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: postfix Version: 3.7.6-0+deb12u2 Explanation: fix "postfix set-permissions"
Bug#1040448: autofs 5.1.8-2+deb12u1 flagged for acceptance
package release.debian.org tags 1040448 = bookworm pending thanks Hi, The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm. Thanks for your contribution! Upload details == Package: autofs Version: 5.1.8-2+deb12u1 Explanation: fix hang when using Kerberos-authenticated LDAP
Bug#1040519: bookworm-pu: package samba/2:4.17.9+dfsg-0+deb12u1
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian@packages.debian.org Usertags: pu X-Debbugs-Cc: sa...@packages.debian.org Control: affects -1 + src:samba [ Reason ] Here's the next stable/bugfix release of samba, 4.17.9. As has been the case with samba stable/bugfix releases, this one is of an excellent quality, well tested and with all changes well selected as well. Usually in debian we patched previous stable samba release, picking up just some changes from upstream. But I believe every bit fixed by samba upstream project deserves to come to debian, together with their version number, - there's no reason for patching and especially for picking a subset of changes from a well-selected and well-tested upstream bugfix release. As is usual for samba stable/bugfix releases again, this release fixes a bunch of bugs which affects users of samba in one way or another, despite the fact there's no corresponding bug reports in debian. All bugs fixed in this release are linked to in the new changelog entry. One of the patches has been already applied in the previous debian release of samba, so that patch is removed from d/patches. [ Impact ] The list of bugs fixed isn't large, but some of the bugs are annoying and serious enough. For example, https://bugzilla.samba.org/show_bug.cgi?id=15361 "wibindd recurses into itself via rpcd_lsad" affects getpwnam() lookups when nss_winbind is used, - it's quite severe issue. (the patchset fixing it is also quite large). [ Tests ] This is samba upstream stable/bugfix release, which passes whole upstream testsuite and wider testing by the users. The debian package is running on my sites already, and passes my real-life test scenarious. [ Risks ] The changes aren't trivial. And there's always risks. Still, this release brings real fixes for real issues which is better to fix anyway. [ Checklist ] [*] *all* changes are documented in the d/changelog [*] I reviewed all changes and I approve them [*] attach debdiff against the package in (old)stable [*] the issue is verified as fixed in unstable [ Changes ] * new upstream stable/bugfix release, with the following fixes: * https://bugzilla.samba.org/show_bug.cgi?id=14030 named crashes on DLZ zone update (this was in debian in previous upload) * https://bugzilla.samba.org/show_bug.cgi?id=15275 smbd_scavenger crashes when service smbd is stopped * https://bugzilla.samba.org/show_bug.cgi?id=15361 winbind recurses into itself via rpcd_lsad * https://bugzilla.samba.org/show_bug.cgi?id=15374 aes256 smb3 encryption algorithms are not allowed in smb3_sid_parse() * https://bugzilla.samba.org/show_bug.cgi?id=15378 vfs_fruit might cause a failing open for delete * https://bugzilla.samba.org/show_bug.cgi?id=15382 cli_list loops 100% CPU against pre-lanman2 servers * https://bugzilla.samba.org/show_bug.cgi?id=15391 smbclient leaks fds with showacls * https://bugzilla.samba.org/show_bug.cgi?id=15403 smbget memory leak if failed to download files recursively * https://bugzilla.samba.org/show_bug.cgi?id=15404 Backport --pidl-developer fixes * https://bugzilla.samba.org/show_bug.cgi?id=15413 winbindd gets stuck on NT_STATUS_RPC_SEC_PKG_ERROR * remove dnsserver-rename-dns_name_equal.patch (included upstream) [ Other info ] In the debdiff below, I filtered out *.[1-8] and *.[1-8].html - these are auto-generated manpages which gets updated for the current version number and release date, making the debdiff really huge. In trixie I removed these generated manpages at the dfsg-repack stage so it is not an issue anymore there, but for bookworm it hasn't been done in time. Each bug report linked to from the changelog has a patch(set) fixing it in this (4.17) release, which are included in the upstream tarball. To simplify review, it might be good idea to take a look there. Also, each individual commit is available at https://gitlab.com/samba-team/samba/-/commits/samba-4.17.9 (up to previous tag therem samba-4.17.8). The diff itself between 4.17.8 and 4.17.9 is rather difficult to read as a whole, while individual logical changes/commits are more manageable. While at it, I'm asking about 2 more possible changes in this package for bookworm, if it is okay with the release team to have them or not. If yes, I'll prepare another upload with them included. First, I'd love to get rid of the autogenerated manpages in the orig.tar.gz during the dfsg-repack stage, which has been noticed too late in the bookworm release cycle. Upstream ships auto-generated manpages (in man and html format) in the source tarball, and the boilerplates in these manpages are updated for each version number and the release date. During build, the manpages are regenerated (actually this happens sometimes only, the upstream build system is difficult to follow; at least the patched manpages are regenerated). This makes difference
Processed: bookworm-pu: package samba/2:4.17.9+dfsg-0+deb12u1
Processing control commands: > affects -1 + src:samba Bug #1040519 [release.debian.org] bookworm-pu: package samba/2:4.17.9+dfsg-0+deb12u1 Added indication that 1040519 affects src:samba -- 1040519: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040519 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1040001: To strict version restrictions injected by dh-r (Was: Bug#1040001: Seeking advise how to proceed with the transition / move R stack to testing)
Le jeudi 06 juillet 2023 à 22:09 +0200, Andreas Tille a écrit : > Am Thu, Jul 06, 2023 at 09:13:46PM +0200 schrieb Sébastien Villemot: > > > I'm not sure so please explain in more detail. dh-r was designed to put > > > the lowest restriction regarding the versions. I remember some > > > discussion some time ago that Dirk thought we should put stronger > > > restrictions (and he is sometimes adding version restrictions manually > > > that are not helpful for backporting). If I will be sure I understand > > > your point exactly I can check the code and the relevant discussion. > > > (Feel free to file a bug report about this and we can discuss it there > > > if you think this makes more sense.) > > > > It comes from this line: > > https://salsa.debian.org/r-pkg-team/dh-r/-/blob/master/dh/R.pm#L272 > > > > More precisely the “r-base-core (>= $rbase_version)” part, which > > imposes an unnecessarily tight restriction on the r-base-core version. > > Got it, thanks for the explanation. […] > I'd consider it sensible if you open a bug against dh-r where we can > document the change you are suggesting. Done in #1040515. -- ⢀⣴⠾⠻⢶⣦⠀ Sébastien Villemot ⣾⠁⢠⠒⠀⣿⡁ Debian Developer ⢿⡄⠘⠷⠚⠋⠀ https://sebastien.villemot.name ⠈⠳⣄ https://www.debian.org signature.asc Description: This is a digitally signed message part