date:20240120

Processed: Forward Python3.12 trackers

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> forwarded 1055085 https://deb.li/i49fC
Bug #1055085 [release.debian.org] (some kind of) transition: add python3.12 as 
a supported python3 version
Set Bug forwarded-to-address to 'https://deb.li/i49fC'.
> forwarded 1061188 https://deb.li/3ffth
Bug #1061188 [release.debian.org] transition: python3-defaults (making 
python3.12 the default python3 version)
Set Bug forwarded-to-address to 'https://deb.li/3ffth'.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1055085: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055085
1061188: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061188
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1061188: transition: python3-defaults (making python3.12 the default python3 version)

2024-01-20 Thread Graham Inggs

Hi Matthias

On Sat, 20 Jan 2024 at 16:45, Matthias Klose  wrote:
> Please setup a tracker for the python3-defaults transition, making 3.12
> the default Python version.

I've set up a tracker [1].  It is based on the tracker used for
python3.11 with the exclusion of source packages python3-defaults
(which confused ben in dependency levels 1 and 2) and python3.11.

Regards
Graham

[1] https://release.debian.org/transitions/html/python3.12-default.html

Bug#1059609: bookworm-pu: package engrampa/1.26.0-1+deb12u1

2024-01-20 Thread Mike Gabriel


Hi Adam,

On  Sa 20 Jan 2024 15:24:35 CET, Adam D. Barratt wrote:


Control: tags -1 + moreinfo

On Fri, 2023-12-29 at 08:25 +0100, Mike Gabriel wrote:

While upload a new upstream version of engrampa, a bookworm-pu has
been prepared that fixes various memleaks and resolves a bug in the
archive "save as" action.


The metadata for #969761 suggests that the bug affects the package in
unstable and is not yet resolved there. If that's correct, please apply
the update to unstable first; otherwise, please fix the metadata to
more accurately reflect the situation.

Regards,

Adam


thanks for spotting this. I referenced the wrong bug in the  
d/changelog file of the bookworm-pu upload. It should have been #913075.


Please reject engrampa 1.26.0-1+deb12u1, I will upload it anew with  
correct bug closure reference.


Thanks!
Mike
--

DAS-NETZWERKTEAM
c\o Technik- und Ökologiezentrum Eckernförde
Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde
mobile: +49 (1520) 1976 148
landline: +49 (4351) 850 8940

GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22  0782 9AF4 6B30 2577 1B31
mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de



pgpvBjbB3dBsa.pgp
Description: Digitale PGP-Signatur

NEW changes in oldstable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: mariadb-10.5_10.5.23-0+deb11u1_mipsel-buildd.changes
  ACCEPT

NEW changes in oldstable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: libmateweather_1.24.1-1+deb11u1_s390x-buildd.changes
  ACCEPT
Processing changes file: mariadb-10.5_10.5.23-0+deb11u1_arm64-buildd.changes
  ACCEPT
Processing changes file: mariadb-10.5_10.5.23-0+deb11u1_armhf-buildd.changes
  ACCEPT
Processing changes file: mariadb-10.5_10.5.23-0+deb11u1_mips64el-buildd.changes
  ACCEPT
Processing changes file: mariadb-10.5_10.5.23-0+deb11u1_s390x-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1+deb11u1_s390x-buildd.changes
  ACCEPT

NEW changes in stable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: pluma_1.26.0-1+deb12u1_mips64el-buildd.changes
  ACCEPT

NEW changes in oldstable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: dpdk_20.11.10-1~deb11u1_all-buildd.changes
  ACCEPT
Processing changes file: dpdk_20.11.10-1~deb11u1_amd64-buildd.changes
  ACCEPT
Processing changes file: dpdk_20.11.10-1~deb11u1_arm64-buildd.changes
  ACCEPT
Processing changes file: dpdk_20.11.10-1~deb11u1_armhf-buildd.changes
  ACCEPT
Processing changes file: dpdk_20.11.10-1~deb11u1_i386-buildd.changes
  ACCEPT
Processing changes file: dpdk_20.11.10-1~deb11u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.24.1-1+deb11u1_all-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.24.1-1+deb11u1_amd64-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.24.1-1+deb11u1_arm64-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.24.1-1+deb11u1_armel-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.24.1-1+deb11u1_armhf-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.24.1-1+deb11u1_i386-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.24.1-1+deb11u1_mips64el-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.24.1-1+deb11u1_mipsel-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.24.1-1+deb11u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: mariadb-10.5_10.5.23-0+deb11u1_all-buildd.changes
  ACCEPT
Processing changes file: mariadb-10.5_10.5.23-0+deb11u1_amd64-buildd.changes
  ACCEPT
Processing changes file: mariadb-10.5_10.5.23-0+deb11u1_armel-buildd.changes
  ACCEPT
Processing changes file: mariadb-10.5_10.5.23-0+deb11u1_i386-buildd.changes
  ACCEPT
Processing changes file: mariadb-10.5_10.5.23-0+deb11u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: ruby-aws-sdk-core_3.104.3-3+deb11u2_all-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1+deb11u1_amd64-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1+deb11u1_arm64-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1+deb11u1_armel-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1+deb11u1_armhf-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1+deb11u1_i386-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1+deb11u1_mips64el-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1+deb11u1_mipsel-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1+deb11u1_ppc64el-buildd.changes
  ACCEPT

NEW changes in stable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: atril_1.26.0-2+deb12u1_mips64el-buildd.changes
  ACCEPT
Processing changes file: caja_1.26.1-1+deb12u1_mips64el-buildd.changes
  ACCEPT
Processing changes file: espeak-ng_1.51+dfsg-10+deb12u1_mips64el-buildd.changes
  ACCEPT
Processing changes file: isl_0.25-1.1_mips64el-buildd.changes
  ACCEPT
Processing changes file: 
mate-screensaver_1.26.1-1+deb12u1_mips64el-buildd.changes
  ACCEPT
Processing changes file: 
mate-settings-daemon_1.26.0-1+deb12u1_mips64el-buildd.changes
  ACCEPT
Processing changes file: mate-utils_1.26.0-1+deb12u1_mips64el-buildd.changes
  ACCEPT
Processing changes file: 
proftpd-mod-proxy_0.9.2-1+deb12u1_mips64el-buildd.changes
  ACCEPT
Processing changes file: systemd_252.21-1~deb12u1_mips64el-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1.2+deb12u1_mips64el-buildd.changes
  ACCEPT

Re: Processed: systemd 252.21-1~deb12u1 flagged for acceptance

2024-01-20 Thread Tadeu Vianna


unsubscribe

Em sáb, 20 de jan de 2024 às 18:45:08 +00:00:00, Debian Bug Tracking 
System  escreveu:
Processing commands for cont...@bugs.debian.org 
:



 package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'

Limit currently set to 'package':'release.debian.org'


 tags 1057861 = bookworm pending
Bug #1057861 [release.debian.org] bookworm-pu: package 
systemd/252.21-1~deb12u1
Ignoring request to alter tags of bug #1057861 to the same tags 
previously set

 thanks

Stopping processing here.

Please contact me if you need assistance.
--
1057861: 
Debian Bug Tracking System
Contact ow...@bugs.debian.org  with 
problems

NEW changes in stable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: 
libmateweather_1.26.0-1.1+deb12u2_mips64el-buildd.changes
  ACCEPT
Processing changes file: mate-utils_1.26.0-1+deb12u1_mipsel-buildd.changes
  ACCEPT
Processing changes file: 
proftpd-dfsg_1.3.8+dfsg-4+deb12u3_mips64el-buildd.changes
  ACCEPT
Processing changes file: systemd_252.21-1~deb12u1_amd64-buildd.changes
  ACCEPT
Processing changes file: systemd_252.21-1~deb12u1_arm64-buildd.changes
  ACCEPT
Processing changes file: systemd_252.21-1~deb12u1_armel-buildd.changes
  ACCEPT
Processing changes file: systemd_252.21-1~deb12u1_armhf-buildd.changes
  ACCEPT
Processing changes file: systemd_252.21-1~deb12u1_i386-buildd.changes
  ACCEPT
Processing changes file: systemd_252.21-1~deb12u1_mipsel-buildd.changes
  ACCEPT
Processing changes file: systemd_252.21-1~deb12u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: systemd_252.21-1~deb12u1_s390x-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1.2+deb12u1_mipsel-buildd.changes
  ACCEPT

Re: Processed: ruby-aws-sdk-core 3.104.3-3+deb11u2 flagged for acceptance

2024-01-20 Thread Tadeu Vianna


unsubscribe

Em sáb, 20 de jan de 2024 às 19:48:18 +00:00:00, Debian Bug Tracking 
System  escreveu:
Processing commands for cont...@bugs.debian.org 
:



 package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'

Limit currently set to 'package':'release.debian.org'


 tags 1061096 = bullseye pending
Bug #1061096 [release.debian.org] bullseye-pu: package 
ruby-aws-sdk-core/3.104.3-3+deb11u1

Added tag(s) pending.

 thanks

Stopping processing here.

Please contact me if you need assistance.
--
1061096: 
Debian Bug Tracking System
Contact ow...@bugs.debian.org  with 
problems

Re: Processed: tar 1.34+dfsg-1+deb11u1 flagged for acceptance

2024-01-20 Thread Tadeu Vianna


unsubscribe

Em sáb, 20 de jan de 2024 às 19:48:20 +00:00:00, Debian Bug Tracking 
System  escreveu:
Processing commands for cont...@bugs.debian.org 
:



 package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'

Limit currently set to 'package':'release.debian.org'


 tags 1061177 = bullseye pending
Bug #1061177 [release.debian.org] bullseye-pu: package 
tar/1.34+dfsg-1+deb11u1

Added tag(s) pending.

 thanks

Stopping processing here.

Please contact me if you need assistance.
--
1061177: 
Debian Bug Tracking System
Contact ow...@bugs.debian.org  with 
problems

Re: Processed: mariadb-10.5 10.5.23-0+deb11u1 flagged for acceptance

2024-01-20 Thread Tadeu Vianna


unsubscribe

Em sáb, 20 de jan de 2024 às 19:48:16 +00:00:00, Debian Bug Tracking 
System  escreveu:
Processing commands for cont...@bugs.debian.org 
:



 package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'

Limit currently set to 'package':'release.debian.org'


 tags 1057180 = bullseye pending
Bug #1057180 [release.debian.org] bullseye-pu: package 
mariadb-10.5/1:10.5.23-0+deb11u1

Added tag(s) pending.

 thanks

Stopping processing here.

Please contact me if you need assistance.
--
1057180: 
Debian Bug Tracking System
Contact ow...@bugs.debian.org  with 
problems

NEW changes in oldstable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: chromium_120.0.6099.224-1~deb11u1_source.changes
  ACCEPT
Processing changes file: chromium_120.0.6099.224-1~deb11u1_all-buildd.changes
  ACCEPT
Processing changes file: chromium_120.0.6099.224-1~deb11u1_amd64-buildd.changes
  ACCEPT
Processing changes file: chromium_120.0.6099.224-1~deb11u1_arm64-buildd.changes
  ACCEPT
Processing changes file: chromium_120.0.6099.224-1~deb11u1_armhf-buildd.changes
  ACCEPT
Processing changes file: chromium_120.0.6099.224-1~deb11u1_i386-buildd.changes
  ACCEPT
Processing changes file: 
chromium_120.0.6099.224-1~deb11u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: dpdk_20.11.10-1~deb11u1_source.changes
  ACCEPT
Processing changes file: libmateweather_1.24.1-1+deb11u1_source.changes
  ACCEPT
Processing changes file: mariadb-10.5_10.5.23-0+deb11u1_source.changes
  ACCEPT
Processing changes file: ruby-aws-sdk-core_3.104.3-3+deb11u2_source.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1+deb11u1_sourceonly.changes
  ACCEPT

NEW changes in stable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: caja_1.26.1-1+deb12u1_mipsel-buildd.changes
  ACCEPT
Processing changes file: espeak-ng_1.51+dfsg-10+deb12u1_mipsel-buildd.changes
  ACCEPT
Processing changes file: isl_0.25-1.1_mipsel-buildd.changes
  ACCEPT
Processing changes file: mate-screensaver_1.26.1-1+deb12u1_mipsel-buildd.changes
  ACCEPT
Processing changes file: 
mate-settings-daemon_1.26.0-1+deb12u1_mipsel-buildd.changes
  ACCEPT
Processing changes file: pluma_1.26.0-1+deb12u1_mipsel-buildd.changes
  ACCEPT
Processing changes file: proftpd-mod-proxy_0.9.2-1+deb12u1_mipsel-buildd.changes
  ACCEPT

Processed: ruby-aws-sdk-core 3.104.3-3+deb11u2 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1061096 = bullseye pending
Bug #1061096 [release.debian.org] bullseye-pu: package 
ruby-aws-sdk-core/3.104.3-3+deb11u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1061096: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061096
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: libmateweather 1.24.1-1+deb11u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1060130 = bullseye pending
Bug #1060130 [release.debian.org] bullseye-pu: package 
libmateweather/1.24.1-1+deb11u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1060130: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060130
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: mariadb-10.5 10.5.23-0+deb11u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1057180 = bullseye pending
Bug #1057180 [release.debian.org] bullseye-pu: package 
mariadb-10.5/1:10.5.23-0+deb11u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1057180: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057180
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: dpdk 20.11.10-1~deb11u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1058463 = bullseye pending
Bug #1058463 [release.debian.org] bullseye-pu: package dpdk/20.11.10-1~deb11u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1058463: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1058463
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: tar 1.34+dfsg-1+deb11u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1061177 = bullseye pending
Bug #1061177 [release.debian.org] bullseye-pu: package tar/1.34+dfsg-1+deb11u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1061177: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061177
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1061177: tar 1.34+dfsg-1+deb11u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1061177 = bullseye pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bullseye.

Thanks for your contribution!

Upload details
==

Package: tar
Version: 1.34+dfsg-1+deb11u1

Explanation: fix boundary checking in base-256 decoder [CVE-2022-48303], 
handling of extended header prefixes [CVE-2023-39804]

Bug#1061096: ruby-aws-sdk-core 3.104.3-3+deb11u2 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1061096 = bullseye pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bullseye.

Thanks for your contribution!

Upload details
==

Package: ruby-aws-sdk-core
Version: 3.104.3-3+deb11u2

Explanation: include VERSION file in package

Bug#1060130: libmateweather 1.24.1-1+deb11u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1060130 = bullseye pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bullseye.

Thanks for your contribution!

Upload details
==

Package: libmateweather
Version: 1.24.1-1+deb11u1

Explanation: update included location data; update data server URL

Bug#1058463: dpdk 20.11.10-1~deb11u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1058463 = bullseye pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bullseye.

Thanks for your contribution!

Upload details
==

Package: dpdk
Version: 20.11.10-1~deb11u1

Explanation: new upstream stable release

Bug#1057180: mariadb-10.5 10.5.23-0+deb11u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1057180 = bullseye pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bullseye.

Thanks for your contribution!

Upload details
==

Package: mariadb-10.5
Version: 10.5.23-0+deb11u1

Explanation: new upstream stable release; fix denial of service issue 
[CVE-2023-22084]

NEW changes in stable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: atril_1.26.0-2+deb12u1_mipsel-buildd.changes
  ACCEPT

NEW changes in stable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: systemd_252.20-1~deb12u1_source.changes
  ACCEPT
Processing changes file: systemd_252.21-1~deb12u1_source.changes
  ACCEPT
Processing changes file: mate-utils_1.26.0-1+deb12u1_all-buildd.changes
  ACCEPT
Processing changes file: pluma_1.26.0-1+deb12u1_all-buildd.changes
  ACCEPT
Processing changes file: proftpd-dfsg_1.3.8+dfsg-4+deb12u3_mipsel-buildd.changes
  ACCEPT
Processing changes file: pypdf_3.4.1-1+deb12u1_all-buildd.changes
  ACCEPT
Processing changes file: pypdf2_2.12.1-3+deb12u1_all-buildd.changes
  ACCEPT

Processed: systemd 252.21-1~deb12u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1057861 = bookworm pending
Bug #1057861 [release.debian.org] bookworm-pu: package systemd/252.21-1~deb12u1
Ignoring request to alter tags of bug #1057861 to the same tags previously set
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1057861: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057861
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1057861: systemd 252.21-1~deb12u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1057861 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: systemd
Version: 252.21-1~deb12u1

Explanation: new upstream stable release; fix missing verification issue in 
systemd-resolved [CVE-2023-7008]

Processed: systemd 252.20-1~deb12u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1057861 = bookworm pending
Bug #1057861 [release.debian.org] bookworm-pu: package systemd/252.21-1~deb12u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1057861: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057861
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1057861: systemd 252.20-1~deb12u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1057861 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: systemd
Version: 252.20-1~deb12u1

Explanation: new upstream stable release

NEW changes in stable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: atril_1.26.0-2+deb12u1_all-buildd.changes
  ACCEPT
Processing changes file: caja_1.26.1-1+deb12u1_all-buildd.changes
  ACCEPT
Processing changes file: espeak-ng_1.51+dfsg-10+deb12u1_all-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.26.0-1.1+deb12u2_mipsel-buildd.changes
  ACCEPT
Processing changes file: mate-screensaver_1.26.1-1+deb12u1_all-buildd.changes
  ACCEPT
Processing changes file: 
mate-settings-daemon_1.26.0-1+deb12u1_all-buildd.changes
  ACCEPT

NEW changes in stable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: libmateweather_1.26.0-1.1+deb12u2_all-buildd.changes
  ACCEPT
Processing changes file: proftpd-dfsg_1.3.8+dfsg-4+deb12u3_all-buildd.changes
  ACCEPT
Processing changes file: proftpd-mod-proxy_0.9.2-1+deb12u1_amd64-buildd.changes
  ACCEPT
Processing changes file: proftpd-mod-proxy_0.9.2-1+deb12u1_i386-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1.2+deb12u1_amd64-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1.2+deb12u1_i386-buildd.changes
  ACCEPT

NEW changes in stable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: mate-screensaver_1.26.1-1+deb12u1_amd64-buildd.changes
  ACCEPT
Processing changes file: mate-screensaver_1.26.1-1+deb12u1_i386-buildd.changes
  ACCEPT
Processing changes file: 
mate-settings-daemon_1.26.0-1+deb12u1_amd64-buildd.changes
  ACCEPT
Processing changes file: 
mate-settings-daemon_1.26.0-1+deb12u1_i386-buildd.changes
  ACCEPT
Processing changes file: mate-utils_1.26.0-1+deb12u1_amd64-buildd.changes
  ACCEPT
Processing changes file: mate-utils_1.26.0-1+deb12u1_arm64-buildd.changes
  ACCEPT
Processing changes file: mate-utils_1.26.0-1+deb12u1_armel-buildd.changes
  ACCEPT
Processing changes file: mate-utils_1.26.0-1+deb12u1_i386-buildd.changes
  ACCEPT
Processing changes file: pluma_1.26.0-1+deb12u1_amd64-buildd.changes
  ACCEPT
Processing changes file: pluma_1.26.0-1+deb12u1_i386-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1.2+deb12u1_arm64-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1.2+deb12u1_armel-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1.2+deb12u1_armhf-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1.2+deb12u1_s390x-buildd.changes
  ACCEPT

NEW changes in stable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: atril_1.26.0-2+deb12u1_amd64-buildd.changes
  ACCEPT
Processing changes file: atril_1.26.0-2+deb12u1_armel-buildd.changes
  ACCEPT
Processing changes file: atril_1.26.0-2+deb12u1_i386-buildd.changes
  ACCEPT
Processing changes file: caja_1.26.1-1+deb12u1_amd64-buildd.changes
  ACCEPT
Processing changes file: caja_1.26.1-1+deb12u1_arm64-buildd.changes
  ACCEPT
Processing changes file: caja_1.26.1-1+deb12u1_i386-buildd.changes
  ACCEPT
Processing changes file: caja_1.26.1-1+deb12u1_s390x-buildd.changes
  ACCEPT
Processing changes file: espeak-ng_1.51+dfsg-10+deb12u1_amd64-buildd.changes
  ACCEPT
Processing changes file: espeak-ng_1.51+dfsg-10+deb12u1_armel-buildd.changes
  ACCEPT
Processing changes file: espeak-ng_1.51+dfsg-10+deb12u1_i386-buildd.changes
  ACCEPT
Processing changes file: espeak-ng_1.51+dfsg-10+deb12u1_s390x-buildd.changes
  ACCEPT
Processing changes file: isl_0.25-1.1_amd64-buildd.changes
  ACCEPT
Processing changes file: isl_0.25-1.1_arm64-buildd.changes
  ACCEPT
Processing changes file: isl_0.25-1.1_i386-buildd.changes
  ACCEPT
Processing changes file: isl_0.25-1.1_s390x-buildd.changes
  ACCEPT
Processing changes file: mate-screensaver_1.26.1-1+deb12u1_arm64-buildd.changes
  ACCEPT
Processing changes file: mate-screensaver_1.26.1-1+deb12u1_armhf-buildd.changes
  ACCEPT
Processing changes file: 
mate-screensaver_1.26.1-1+deb12u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: mate-screensaver_1.26.1-1+deb12u1_s390x-buildd.changes
  ACCEPT
Processing changes file: 
mate-settings-daemon_1.26.0-1+deb12u1_arm64-buildd.changes
  ACCEPT
Processing changes file: 
mate-settings-daemon_1.26.0-1+deb12u1_armel-buildd.changes
  ACCEPT
Processing changes file: 
mate-settings-daemon_1.26.0-1+deb12u1_armhf-buildd.changes
  ACCEPT
Processing changes file: 
mate-settings-daemon_1.26.0-1+deb12u1_s390x-buildd.changes
  ACCEPT
Processing changes file: mate-utils_1.26.0-1+deb12u1_armhf-buildd.changes
  ACCEPT
Processing changes file: mate-utils_1.26.0-1+deb12u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: mate-utils_1.26.0-1+deb12u1_s390x-buildd.changes
  ACCEPT
Processing changes file: pluma_1.26.0-1+deb12u1_arm64-buildd.changes
  ACCEPT
Processing changes file: pluma_1.26.0-1+deb12u1_armel-buildd.changes
  ACCEPT
Processing changes file: pluma_1.26.0-1+deb12u1_armhf-buildd.changes
  ACCEPT
Processing changes file: pluma_1.26.0-1+deb12u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: pluma_1.26.0-1+deb12u1_s390x-buildd.changes
  ACCEPT
Processing changes file: proftpd-dfsg_1.3.8+dfsg-4+deb12u3_armel-buildd.changes
  ACCEPT
Processing changes file: proftpd-dfsg_1.3.8+dfsg-4+deb12u3_i386-buildd.changes
  ACCEPT
Processing changes file: proftpd-mod-proxy_0.9.2-1+deb12u1_arm64-buildd.changes
  ACCEPT
Processing changes file: proftpd-mod-proxy_0.9.2-1+deb12u1_armel-buildd.changes
  ACCEPT
Processing changes file: proftpd-mod-proxy_0.9.2-1+deb12u1_armhf-buildd.changes
  ACCEPT
Processing changes file: 
proftpd-mod-proxy_0.9.2-1+deb12u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: proftpd-mod-proxy_0.9.2-1+deb12u1_s390x-buildd.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1.2+deb12u1_ppc64el-buildd.changes
  ACCEPT

NEW changes in stable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: atril_1.26.0-2+deb12u1_arm64-buildd.changes
  ACCEPT
Processing changes file: atril_1.26.0-2+deb12u1_armhf-buildd.changes
  ACCEPT
Processing changes file: atril_1.26.0-2+deb12u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: atril_1.26.0-2+deb12u1_s390x-buildd.changes
  ACCEPT
Processing changes file: caja_1.26.1-1+deb12u1_armel-buildd.changes
  ACCEPT
Processing changes file: caja_1.26.1-1+deb12u1_armhf-buildd.changes
  ACCEPT
Processing changes file: caja_1.26.1-1+deb12u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: espeak-ng_1.51+dfsg-10+deb12u1_arm64-buildd.changes
  ACCEPT
Processing changes file: espeak-ng_1.51+dfsg-10+deb12u1_armhf-buildd.changes
  ACCEPT
Processing changes file: espeak-ng_1.51+dfsg-10+deb12u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: isl_0.25-1.1_armel-buildd.changes
  ACCEPT
Processing changes file: isl_0.25-1.1_armhf-buildd.changes
  ACCEPT
Processing changes file: isl_0.25-1.1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.26.0-1.1+deb12u2_amd64-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.26.0-1.1+deb12u2_arm64-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.26.0-1.1+deb12u2_armel-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.26.0-1.1+deb12u2_armhf-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.26.0-1.1+deb12u2_i386-buildd.changes
  ACCEPT
Processing changes file: 
libmateweather_1.26.0-1.1+deb12u2_ppc64el-buildd.changes
  ACCEPT
Processing changes file: libmateweather_1.26.0-1.1+deb12u2_s390x-buildd.changes
  ACCEPT
Processing changes file: mate-screensaver_1.26.1-1+deb12u1_armel-buildd.changes
  ACCEPT
Processing changes file: 
mate-settings-daemon_1.26.0-1+deb12u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: proftpd-dfsg_1.3.8+dfsg-4+deb12u3_amd64-buildd.changes
  ACCEPT
Processing changes file: proftpd-dfsg_1.3.8+dfsg-4+deb12u3_arm64-buildd.changes
  ACCEPT
Processing changes file: proftpd-dfsg_1.3.8+dfsg-4+deb12u3_armhf-buildd.changes
  ACCEPT
Processing changes file: 
proftpd-dfsg_1.3.8+dfsg-4+deb12u3_ppc64el-buildd.changes
  ACCEPT
Processing changes file: proftpd-dfsg_1.3.8+dfsg-4+deb12u3_s390x-buildd.changes
  ACCEPT

Processed: transition: vtk9

2024-01-20 Thread Debian Bug Tracking System

Processing control commands:

> affects -1 + src:vtk9
Bug #1061200 [release.debian.org] transition: vtk9
Added indication that 1061200 affects src:vtk9

-- 
1061200: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061200
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1061200: transition: vtk9

2024-01-20 Thread Anton Gladky

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
X-Debbugs-Cc: v...@packages.debian.org
Control: affects -1 + src:vtk9

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512


Dear release team,

please schedule vtk9.3 transition.

Ben file:

title = "vtk9";
is_affected = .depends ~ "libvtk9\.1|libvtk9\.1\-qt" | .depends ~ 
"libvtk9\.3|libvtk9\.3\-qt";
is_good = .depends ~ "libvtk9\.3|libvtk9\.3\-qt";
is_bad = .depends ~ "libvtk9\.1|libvtk9\.1\-qt";

I have done a full rebuild and some failures are detected. Bugs (most of them 
with patches) will
be filed in the next time.

Thank you

Anton

-BEGIN PGP SIGNATURE-

iQJFBAEBCgAvFiEEu71F6oGKuG/2fnKF0+Fzg8+n/wYFAmWr/7QRHGdsYWRrQGRl
Ymlhbi5vcmcACgkQ0+Fzg8+n/wYKUA//a5VTdDoQST30wyb4hSsN40HKHU5Y65xX
wLIcozZWvdzSnFQa7NDojOihsiYEjUEokhqqCGf7XbVZ/FokyJclzgh6ZHoX9APj
6O/Xfz5GHPpYblwMGC8029yUqnlQfQXcR7gS5HqfGBGZ1FyWRAqY0hS5kzbY/LYK
mpcOAo0zGqj/4FaSNCCycPP9Yn+0HMUqcmT2mmGPye3cjnhrl+Ixlo/Is8+1vb3Z
92APiFLa259DeucniY02qMMSZdCS9Gv3VjMSah/4qYpJnbdtGjz/Vy0t0IRY6hSY
D06I/YJiM8miY1QK5xwG2F5ElXermhuWNvf8dfy/DFJk7gul6HiSTUpe18xcv2y9
PR1h+NA0fEFVtaHf0KYaST45KPN2xIcRLovZQPX3IPzxuwHO5TcGYzd632/TTF7e
8OnVj3yoqhd41Gc0K8/0XBv7TgJ7nrXhcsUwi8MA1CArir0fGr5ZjTrKRBrzCc4p
xF7AtxZuxWXoJ18SXE3oudWmuk97kSS5yAHzgBOgj4LUjTtJAzZIQtwgJT+sLvLJ
QeISyC3z3mEf9+ed287EuYxWKuhdyUdElvLDfU66H/FL6Nzb2LrjskK6HfPrLsBe
tDyyDm09rnhI47t6gDy3X+oPcgLd7SzIrXQQm8jmXCx3PxKHx8bDWXanF5ViBvte
pfsgZmdit5k=
=56QT
-END PGP SIGNATURE-

NEW changes in stable-new

2024-01-20 Thread Debian FTP Masters

Processing changes file: atril_1.26.0-2+deb12u1_source.changes
  ACCEPT
Processing changes file: caja_1.26.1-1+deb12u1_source.changes
  ACCEPT
Processing changes file: chromium_120.0.6099.224-1~deb12u1_source.changes
  ACCEPT
Processing changes file: chromium_120.0.6099.224-1~deb12u1_all-buildd.changes
  ACCEPT
Processing changes file: chromium_120.0.6099.224-1~deb12u1_amd64-buildd.changes
  ACCEPT
Processing changes file: chromium_120.0.6099.224-1~deb12u1_arm64-buildd.changes
  ACCEPT
Processing changes file: chromium_120.0.6099.224-1~deb12u1_armhf-buildd.changes
  ACCEPT
Processing changes file: chromium_120.0.6099.224-1~deb12u1_i386-buildd.changes
  ACCEPT
Processing changes file: 
chromium_120.0.6099.224-1~deb12u1_ppc64el-buildd.changes
  ACCEPT
Processing changes file: espeak-ng_1.51+dfsg-10+deb12u1_source.changes
  ACCEPT
Processing changes file: isl_0.25-1.1_source.changes
  ACCEPT
Processing changes file: libmateweather_1.26.0-1.1+deb12u2_source.changes
  ACCEPT
Processing changes file: mate-screensaver_1.26.1-1+deb12u1_source.changes
  ACCEPT
Processing changes file: mate-settings-daemon_1.26.0-1+deb12u1_source.changes
  ACCEPT
Processing changes file: mate-utils_1.26.0-1+deb12u1_source.changes
  ACCEPT
Processing changes file: 
node-undici_5.15.0+dfsg1+~cs20.10.9.3-1+deb12u3_amd64.changes
  ACCEPT
Processing changes file: pluma_1.26.0-1+deb12u1_source.changes
  ACCEPT
Processing changes file: proftpd-dfsg_1.3.8+dfsg-4+deb12u3_source.changes
  ACCEPT
Processing changes file: proftpd-mod-proxy_0.9.2-1+deb12u1_source.changes
  ACCEPT
Processing changes file: pypdf_3.4.1-1+deb12u1_source.changes
  ACCEPT
Processing changes file: pypdf2_2.12.1-3+deb12u1_source.changes
  ACCEPT
Processing changes file: tar_1.34+dfsg-1.2+deb12u1_sourceonly.changes
  ACCEPT

Processed: tar 1.34+dfsg-1.2+deb12u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1061176 = bookworm pending
Bug #1061176 [release.debian.org] bookworm-pu: package tar/1.34+dfsg-1.2+deb12u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1061176: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061176
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: proftpd-dfsg 1.3.8+dfsg-4+deb12u3 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1060417 = bookworm pending
Bug #1060417 [release.debian.org] bookworm-pu: package 
proftpd-dfsg/1.3.8+dfsg-4+deb12u3
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1060417: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060417
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: pypdf2 2.12.1-3+deb12u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1061161 = bookworm pending
Bug #1061161 [release.debian.org] bookworm-pu: package pypdf2/2.12.1-3
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1061161: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061161
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: mate-settings-daemon 1.26.0-1+deb12u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1060132 = bookworm pending
Bug #1060132 [release.debian.org] bookworm-pu: package 
mate-settings-daemon/1.26.0-1+deb12u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1060132: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060132
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: mate-screensaver 1.26.1-1+deb12u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1059524 = bookworm pending
Bug #1059524 [release.debian.org] bookworm-pu: package 
mate-screensaver/1.26.1-1+deb12u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1059524: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059524
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: pypdf 3.4.1-1+deb12u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1060851 = bookworm pending
Bug #1060851 [release.debian.org] bookworm-pu: package pypdf/3.4.1-1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1060851: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060851
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: proftpd-mod-proxy 0.9.2-1+deb12u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1060767 = bookworm pending
Bug #1060767 [release.debian.org] bookworm-pu: package 
proftpd-mod-proxy/0.9.2-1+deb12u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1060767: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060767
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: isl 0.25-1.1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1059846 = bookworm pending
Bug #1059846 [release.debian.org] bookworm-pu: package isl/0.25-1.1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1059846: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059846
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: pluma 1.26.0-1+deb12u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1059705 = bookworm pending
Bug #1059705 [release.debian.org] bookworm-pu: package pluma/1.26.0-1+deb12u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1059705: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059705
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: mate-utils 1.26.0-1+deb12u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1059696 = bookworm pending
Bug #1059696 [release.debian.org] bookworm-pu: package 
mate-utils/1.26.0-1+deb12u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1059696: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059696
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: atril 1.26.0-2+deb12u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1060122 = bookworm pending
Bug #1060122 [release.debian.org] bookworm-pu: package atril/1.26.0-2+deb12u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1060122: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060122
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1061176: tar 1.34+dfsg-1.2+deb12u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1061176 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: tar
Version: 1.34+dfsg-1.2+deb12u1

Explanation: fix boundary checking in base-256 decoder [CVE-2022-48303], 
handling of extended header prefixes [CVE-2023-39804]

Bug#1060851: pypdf 3.4.1-1+deb12u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1060851 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: pypdf
Version: 3.4.1-1+deb12u1

Explanation: fix infinite loop issue [CVE-2023-36464]

Bug#1061161: pypdf2 2.12.1-3+deb12u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1061161 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: pypdf2
Version: 2.12.1-3+deb12u1

Explanation: fix infinite loop issue [CVE-2023-36464]

Processed: libmateweather 1.26.0-1.1+deb12u2 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1060129 = bookworm pending
Bug #1060129 [release.debian.org] bookworm-pu: package 
libmateweather/1.26.0-1.1+deb12u2
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1060129: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060129
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: espeak-ng 1.51+dfsg-10+deb12u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1059656 = bookworm pending
Bug #1059656 [release.debian.org] bookworm-pu: package 
espeak-ng/1.51+dfsg-10+deb12u1
Added tag(s) pending; removed tag(s) moreinfo, d-i, and confirmed.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1059656: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059656
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: caja 1.26.1-1+deb12u1 flagged for acceptance

2024-01-20 Thread Debian Bug Tracking System

Processing commands for cont...@bugs.debian.org:

> package release.debian.org
Limiting to bugs with field 'package' containing at least one of 
'release.debian.org'
Limit currently set to 'package':'release.debian.org'

> tags 1059522 = bookworm pending
Bug #1059522 [release.debian.org] bookworm-pu: package caja/1.26.1-1+deb12u1
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
1059522: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059522
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1060132: mate-settings-daemon 1.26.0-1+deb12u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1060132 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: mate-settings-daemon
Version: 1.26.0-1+deb12u1

Explanation: fix memory leaks; relax High DPI limits; fix handling of multiple 
rfkill events

Bug#1060767: proftpd-mod-proxy 0.9.2-1+deb12u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1060767 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: proftpd-mod-proxy
Version: 0.9.2-1+deb12u1

Explanation: implement fix for the Terrapin attack [CVE-2023-48795]

Bug#1060122: atril 1.26.0-2+deb12u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1060122 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: atril
Version: 1.26.0-2+deb12u1

Explanation: fix crash when opening some epub files; fix index loading for 
certain epub documents; add fallback for malformed epub files in check_mime_type

Bug#1059705: pluma 1.26.0-1+deb12u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1059705 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: pluma
Version: 1.26.0-1+deb12u1

Explanation: fix memory leak issues; fix double activation of extensions

Bug#1060417: proftpd-dfsg 1.3.8+dfsg-4+deb12u3 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1060417 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: proftpd-dfsg
Version: 1.3.8+dfsg-4+deb12u3

Explanation: implement fix for the Terrapin attack (CVE-2023-48795); fix 
out-of-bounds read issue [CVE-2023-51713]

Bug#1060129: libmateweather 1.26.0-1.1+deb12u2 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1060129 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: libmateweather
Version: 1.26.0-1.1+deb12u2

Explanation: fix URL for aviationweather.gov

Bug#1059696: mate-utils 1.26.0-1+deb12u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1059696 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: mate-utils
Version: 1.26.0-1+deb12u1

Explanation: fix various memory leaks

Bug#1059846: isl 0.25-1.1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1059846 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: isl
Version: 0.25-1.1

Explanation: fix use on older CPUs

Bug#1059656: espeak-ng 1.51+dfsg-10+deb12u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1059656 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: espeak-ng
Version: 1.51+dfsg-10+deb12u1

Explanation: fix buffer overflow issues [CVE-2023-49990 CVE-2023-49992 
CVE-2023-49993], buffer underflow issue [CVE-2023-49991], floating point 
exception issue [CVE-2023-49994]

Bug#1059524: mate-screensaver 1.26.1-1+deb12u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1059524 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: mate-screensaver
Version: 1.26.1-1+deb12u1

Explanation: fix memory leaks

Bug#1059522: caja 1.26.1-1+deb12u1 flagged for acceptance

2024-01-20 Thread Adam D Barratt

package release.debian.org
tags 1059522 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into 
the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==

Package: caja
Version: 1.26.1-1+deb12u1

Explanation: fix desktop rendering artifacts after resolution changes; fix use 
of "informal" date format

Uploading linux (6.6.13-1)

2024-01-20 Thread Salvatore Bonaccorso

I would like to upload linux version 6.6.13-1 later today to unstable.
The new version imports two versions of 6.6.y stable series (though
the only commit from 6.6.12 was already included in the last update).
The new upstream stable version fixes CVE-2023-6610 and CVE-2023-6915.

Note, that the armel situation is still unresolved from the
https://lists.debian.org/debian-release/2024/01/msg00089.html thread.

Still still will prevent us thus to go with the 6.6.y series to
testing.

Regards,
Salvatore


signature.asc
Description: PGP signature

Bug#1061190: bullseye-pu: package gnutls28/3.7.1-5+deb11u5

2024-01-20 Thread Salvatore Bonaccorso

Hi,

On Sat, Jan 20, 2024 at 03:53:45PM +0100, Andreas Metzler wrote:
> Package: release.debian.org
> Severity: normal
> Tags: bullseye
> User: release.debian@packages.debian.org
> Usertags: pu
> X-Debbugs-Cc: gnutl...@packages.debian.org, t...@security.debian.org
> Control: affects -1 + src:gnutls28
> 
> Hello,
> 
> I would like to fix both CVE-2024-0567 and CVE-2024-0553 via a
> oldstable-updates since they do not require a DSA.

Only a small remark about the CVE tracking, no direct need to change
anything: CVE-2024-0553 exists because of an incomplete fix of
CVE-2024-0553, so technically weh ave that incomplete fix not yet in
any official bullseye release (apart the bullseye-pu).

For the security-tracker so I tend to consider CVE-2024-0553
not-affected for bullseye, but then CVE-2023-5981 only fixed in
3.7.1-5+deb11u5 rather than 3.7.1-5+deb11u4. For that I have done the
following two commits:

https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f30f93b036b864eb245daf7dec5f70a824a7fb5c
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0fd218ec683140739797aa973d354e00b8660e9b

Let me know if you diagree and we should revert that to track all 3
CVEs for gnutls28 in bullseye.

Regards,
Salvatore

Bug#1061190: bullseye-pu: package gnutls28/3.7.1-5+deb11u5

2024-01-20 Thread Andreas Metzler

Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: gnutl...@packages.debian.org, t...@security.debian.org
Control: affects -1 + src:gnutls28

Hello,

I would like to fix both CVE-2024-0567 and CVE-2024-0553 via a
oldstable-updates since they do not require a DSA.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

cu Andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
diff -Nru gnutls28-3.7.1/debian/changelog gnutls28-3.7.1/debian/changelog
--- gnutls28-3.7.1/debian/changelog	2023-11-30 11:37:44.0 +0100
+++ gnutls28-3.7.1/debian/changelog	2024-01-20 07:56:15.0 +0100
@@ -1,3 +1,13 @@
+gnutls28 (3.7.1-5+deb11u5) bullseye; urgency=medium
+
+  * Cherrypick two CVE fixes from 3.8.3:
+Fix assertion failure when verifying a certificate chain with a cycle of
+cross signatures. CVE-2024-0567 GNUTLS-SA-2024-01-09 Closes: #1061045
+Fix more timing side-channel inside RSA-PSK key exchange. CVE-2024-0553
+GNUTLS-SA-2024-01-14 Closes: #1061046
+
+ -- Andreas Metzler   Sat, 20 Jan 2024 07:56:15 +0100
+
 gnutls28 (3.7.1-5+deb11u4) bullseye; urgency=medium
 
   * Backport fix for CVE-2023-5981 / GNUTLS-SA-2023-10-23 (timing sidechannel
diff -Nru gnutls28-3.7.1/debian/patches/63-x509-detect-loop-in-certificate-chain.patch gnutls28-3.7.1/debian/patches/63-x509-detect-loop-in-certificate-chain.patch
--- gnutls28-3.7.1/debian/patches/63-x509-detect-loop-in-certificate-chain.patch	1970-01-01 01:00:00.0 +0100
+++ gnutls28-3.7.1/debian/patches/63-x509-detect-loop-in-certificate-chain.patch	2024-01-20 07:56:15.0 +0100
@@ -0,0 +1,188 @@
+From 9edbdaa84e38b1bfb53a7d72c1de44f8de373405 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno 
+Date: Thu, 11 Jan 2024 15:45:11 +0900
+Subject: [PATCH 1/2] x509: detect loop in certificate chain
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+There can be a loop in a certificate chain, when multiple CA
+certificates are cross-signed with each other, such as A → B, B → C,
+and C → A.  Previously, the verification logic was not capable of
+handling this scenario while sorting the certificates in the chain in
+_gnutls_sort_clist, resulting in an assertion failure.  This patch
+properly detects such loop and aborts further processing in a graceful
+manner.
+
+Signed-off-by: Daiki Ueno 
+---
+ lib/x509/common.c   |   4 ++
+ tests/test-chains.h | 125 
+ 2 files changed, 129 insertions(+)
+
+--- a/lib/x509/common.c
 b/lib/x509/common.c
+@@ -1794,10 +1794,14 @@ unsigned int _gnutls_sort_clist(gnutls_x
+ 		prev = issuer[prev];
+ 		if (prev < 0) {	/* no issuer */
+ 			break;
+ 		}
+ 
++		if (insorted[prev]) { /* loop detected */
++			break;
++		}
++
+ 		sorted[i] = clist[prev];
+ 		insorted[prev] = 1;
+ 	}
+ 
+ 	/* append the remaining certs */
+--- a/tests/test-chains.h
 b/tests/test-chains.h
+@@ -4261,10 +4261,133 @@ static const char *rsa_sha1_not_in_trust
+ 	"tnYFXKC0Q+QUf38horqG2Mc3/uh8MOm0eYUXwGJOdXYD\n"
+ 	"-END CERTIFICATE-\n",
+ 	NULL
+ };
+ 
++static const char *cross_signed[] = {
++	/* server (signed by A1) */
++	"-BEGIN CERTIFICATE-\n"
++	"MIIBqDCCAVqgAwIBAgIUejlil+8DBffazcnMNwyOOP6yCCowBQYDK2VwMBoxGDAW\n"
++	"BgNVBAMTD0ludGVybWVkaWF0ZSBBMTAgFw0yNDAxMTEwNjI3MjJaGA85OTk5MTIz\n"
++	"MTIzNTk1OVowNzEbMBkGA1UEChMSR251VExTIHRlc3Qgc2VydmVyMRgwFgYDVQQD\n"
++	"Ew90ZXN0LmdudXRscy5vcmcwKjAFBgMrZXADIQA1ZVS0PcNeTPQMZ+FuVz82AHrj\n"
++	"qL5hWEpCDgpG4M4fxaOBkjCBjzAMBgNVHRMBAf8EAjAAMBoGA1UdEQQTMBGCD3Rl\n"
++	"c3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAOBgNVHQ8BAf8EBAMC\n"
++	"B4AwHQYDVR0OBBYEFGtEUv+JSt+zPoO3lu0IiObZVoiNMB8GA1UdIwQYMBaAFPnY\n"
++	"v6Pw0IvKSqIlb6ewHyEAmTA3MAUGAytlcANBAAS2lyc87kH/aOvNKzPjqDwUYxPA\n"
++	"CfYjyaKea2d0DZLBM5+Bjnj/4aWwTKgVTJzWhLJcLtaSdVHrXqjr9NhEhQ0=\n"
++	"-END CERTIFICATE-\n",
++	/* A1 (signed by A) */
++	"-BEGIN CERTIFICATE-\n"
++	"MIIBUjCCAQSgAwIBAgIUe/R+NVp04e74ySw2qgI6KZgFR20wBQYDK2VwMBExDzAN\n"
++	"BgNVBAMTBlJvb3QgQTAgFw0yNDAxMTEwNjI1MDFaGA85OTk5MTIzMTIzNTk1OVow\n"
++	"GjEYMBYGA1UEAxMPSW50ZXJtZWRpYXRlIEExMCowBQYDK2VwAyEAlkTNqwz973sy\n"
++	"u3whMjSiUMs77CZu5YA7Gi5KcakExrKjYzBhMA8GA1UdEwEB/wQFMAMBAf8wDgYD\n"
++	"VR0PAQH/BAQDAgIEMB0GA1UdDgQWBBT52L+j8NCLykqiJW+nsB8hAJkwNzAfBgNV\n"
++	"HSMEGDAWgBRbYgOkRGsd3Z74+CauX4htzLg0lzAFBgMrZXADQQBM0NBaFVPd3cTJ\n"
++	"DSaZNT34fsHuJk4eagpn8mBxKQpghq4s8Ap+nYtp2KiXjcizss53PeLXVnkfyLi0\n"
++	"TLVBHvUJ\n"
++	"-END CERTIFICATE-\n",
++	/* A (signed by B) */
++	"-BEGIN CERTIFICATE-\n"
++	"MIIBSDCB+6ADAgECAhQtdJpg+qlPcLoRW8iiztJUD4xNvDAFBgMrZXAwETEPMA0G\n"
++

Processed: bullseye-pu: package gnutls28/3.7.1-5+deb11u5

2024-01-20 Thread Debian Bug Tracking System

Processing control commands:

> affects -1 + src:gnutls28
Bug #1061190 [release.debian.org] bullseye-pu: package gnutls28/3.7.1-5+deb11u5
Added indication that 1061190 affects src:gnutls28

-- 
1061190: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061190
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1061189: bookworm-pu: package gnutls28/3.7.9-2+deb12u2

2024-01-20 Thread Andreas Metzler

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: gnutl...@packages.debian.org, t...@security.debian.org, 
gnutl...@packages.debian.org
Control: affects -1 + src:gnutls28

Hello,

I would like to fix both CVE-2024-0567 and CVE-2024-0553 via a
stable-updates since they do not require a DSA.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

cu Andreas
diff -Nru gnutls28-3.7.9/debian/changelog gnutls28-3.7.9/debian/changelog
--- gnutls28-3.7.9/debian/changelog	2023-11-30 07:50:48.0 +0100
+++ gnutls28-3.7.9/debian/changelog	2024-01-19 18:28:37.0 +0100
@@ -1,3 +1,13 @@
+gnutls28 (3.7.9-2+deb12u2) bookworm; urgency=medium
+
+  * Cherrypick two CVE fixes from 3.8.3:
+Fix assertion failure when verifying a certificate chain with a cycle of
+cross signatures. CVE-2024-0567 GNUTLS-SA-2024-01-09 Closes: #1061045
+Fix more timing side-channel inside RSA-PSK key exchange. CVE-2024-0553
+GNUTLS-SA-2024-01-14 Closes: #1061046
+
+ -- Andreas Metzler   Fri, 19 Jan 2024 18:28:37 +0100
+
 gnutls28 (3.7.9-2+deb12u1) bookworm; urgency=medium
 
   * Backport fix for CVE-2023-5981 / GNUTLS-SA-2023-10-23 (timing sidechannel
diff -Nru gnutls28-3.7.9/debian/patches/61-x509-detect-loop-in-certificate-chain.patch gnutls28-3.7.9/debian/patches/61-x509-detect-loop-in-certificate-chain.patch
--- gnutls28-3.7.9/debian/patches/61-x509-detect-loop-in-certificate-chain.patch	1970-01-01 01:00:00.0 +0100
+++ gnutls28-3.7.9/debian/patches/61-x509-detect-loop-in-certificate-chain.patch	2024-01-19 18:28:07.0 +0100
@@ -0,0 +1,188 @@
+From 9edbdaa84e38b1bfb53a7d72c1de44f8de373405 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno 
+Date: Thu, 11 Jan 2024 15:45:11 +0900
+Subject: [PATCH 1/2] x509: detect loop in certificate chain
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+There can be a loop in a certificate chain, when multiple CA
+certificates are cross-signed with each other, such as A → B, B → C,
+and C → A.  Previously, the verification logic was not capable of
+handling this scenario while sorting the certificates in the chain in
+_gnutls_sort_clist, resulting in an assertion failure.  This patch
+properly detects such loop and aborts further processing in a graceful
+manner.
+
+Signed-off-by: Daiki Ueno 
+---
+ lib/x509/common.c   |   4 ++
+ tests/test-chains.h | 125 
+ 2 files changed, 129 insertions(+)
+
+--- a/lib/x509/common.c
 b/lib/x509/common.c
+@@ -1794,10 +1794,14 @@ unsigned int _gnutls_sort_clist(gnutls_x
+ 		prev = issuer[prev];
+ 		if (prev < 0) {	/* no issuer */
+ 			break;
+ 		}
+ 
++		if (insorted[prev]) { /* loop detected */
++			break;
++		}
++
+ 		sorted[i] = clist[prev];
+ 		insorted[prev] = 1;
+ 	}
+ 
+ 	/* append the remaining certs */
+--- a/tests/test-chains.h
 b/tests/test-chains.h
+@@ -4261,10 +4261,133 @@ static const char *rsa_sha1_not_in_trust
+ 	"tnYFXKC0Q+QUf38horqG2Mc3/uh8MOm0eYUXwGJOdXYD\n"
+ 	"-END CERTIFICATE-\n",
+ 	NULL
+ };
+ 
++static const char *cross_signed[] = {
++	/* server (signed by A1) */
++	"-BEGIN CERTIFICATE-\n"
++	"MIIBqDCCAVqgAwIBAgIUejlil+8DBffazcnMNwyOOP6yCCowBQYDK2VwMBoxGDAW\n"
++	"BgNVBAMTD0ludGVybWVkaWF0ZSBBMTAgFw0yNDAxMTEwNjI3MjJaGA85OTk5MTIz\n"
++	"MTIzNTk1OVowNzEbMBkGA1UEChMSR251VExTIHRlc3Qgc2VydmVyMRgwFgYDVQQD\n"
++	"Ew90ZXN0LmdudXRscy5vcmcwKjAFBgMrZXADIQA1ZVS0PcNeTPQMZ+FuVz82AHrj\n"
++	"qL5hWEpCDgpG4M4fxaOBkjCBjzAMBgNVHRMBAf8EAjAAMBoGA1UdEQQTMBGCD3Rl\n"
++	"c3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAOBgNVHQ8BAf8EBAMC\n"
++	"B4AwHQYDVR0OBBYEFGtEUv+JSt+zPoO3lu0IiObZVoiNMB8GA1UdIwQYMBaAFPnY\n"
++	"v6Pw0IvKSqIlb6ewHyEAmTA3MAUGAytlcANBAAS2lyc87kH/aOvNKzPjqDwUYxPA\n"
++	"CfYjyaKea2d0DZLBM5+Bjnj/4aWwTKgVTJzWhLJcLtaSdVHrXqjr9NhEhQ0=\n"
++	"-END CERTIFICATE-\n",
++	/* A1 (signed by A) */
++	"-BEGIN CERTIFICATE-\n"
++	"MIIBUjCCAQSgAwIBAgIUe/R+NVp04e74ySw2qgI6KZgFR20wBQYDK2VwMBExDzAN\n"
++	"BgNVBAMTBlJvb3QgQTAgFw0yNDAxMTEwNjI1MDFaGA85OTk5MTIzMTIzNTk1OVow\n"
++	"GjEYMBYGA1UEAxMPSW50ZXJtZWRpYXRlIEExMCowBQYDK2VwAyEAlkTNqwz973sy\n"
++	"u3whMjSiUMs77CZu5YA7Gi5KcakExrKjYzBhMA8GA1UdEwEB/wQFMAMBAf8wDgYD\n"
++	"VR0PAQH/BAQDAgIEMB0GA1UdDgQWBBT52L+j8NCLykqiJW+nsB8hAJkwNzAfBgNV\n"
++	"HSMEGDAWgBRbYgOkRGsd3Z74+CauX4htzLg0lzAFBgMrZXADQQBM0NBaFVPd3cTJ\n"
++	"DSaZNT34fsHuJk4eagpn8mBxKQpghq4s8Ap+nYtp2KiXjcizss53PeLXVnkfyLi0\n"
++	"TLVBHvUJ\n"
++	"-END CERTIFICATE-\n",
++	/* A (signed by B) */
++	"-BEGIN CERTIFICATE-\n"
++	"MIIBSDCB+6ADAgECAhQtdJpg+qlPcLoRW8iiztJUD4xNvDAFBgMrZXAwETEPMA0G\n"
++	"A1UEAxMGUm9vdCBCMCAXDTI0MDExMTA2MTk1OVoYDzk5OTkxMjMxMjM1OTU5WjAR\n"
++	"MQ8wDQYDVQQDEwZSb290IEEwKjAFBgMrZXADIQA0vDYyg3tgotSETL1Wq2hBs32p\n"
++

Processed: bookworm-pu: package gnutls28/3.7.9-2+deb12u2

2024-01-20 Thread Debian Bug Tracking System

Processing control commands:

> affects -1 + src:gnutls28
Bug #1061189 [release.debian.org] bookworm-pu: package gnutls28/3.7.9-2+deb12u2
Added indication that 1061189 affects src:gnutls28

-- 
1061189: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061189
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1059609: bookworm-pu: package engrampa/1.26.0-1+deb12u1

2024-01-20 Thread Adam D. Barratt

Control: tags -1 + moreinfo

On Fri, 2023-12-29 at 08:25 +0100, Mike Gabriel wrote:
> While upload a new upstream version of engrampa, a bookworm-pu has
> been prepared that fixes various memleaks and resolves a bug in the
> archive "save as" action.

The metadata for #969761 suggests that the bug affects the package in
unstable and is not yet resolved there. If that's correct, please apply
the update to unstable first; otherwise, please fix the metadata to
more accurately reflect the situation.

Regards,

Adam

Bug#1061188: transition: python3-defaults (making python3.12 the default python3 version)

2024-01-20 Thread Matthias Klose


Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition

Please setup a tracker for the python3-defaults transition, making 3.12 
the default Python version.

Processed: Re: Bug#1059609: bookworm-pu: package engrampa/1.26.0-1+deb12u1

2024-01-20 Thread Debian Bug Tracking System

Processing control commands:

> tags -1 + moreinfo
Bug #1059609 [release.debian.org] bookworm-pu: package engrampa/1.26.0-1+deb12u1
Added tag(s) moreinfo.

-- 
1059609: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059609
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Processed: transition: qtbase-abi-5-15-12

2024-01-20 Thread Debian Bug Tracking System

Processing control commands:

> block -1 by 1060761 1060802
Bug #1061179 [release.debian.org] transition: qtbase-abi-5-15-12
1061179 was not blocked by any bugs.
1061179 was not blocking any bugs.
Added blocking bug(s) of 1061179: 1060761 and 1060802

-- 
1061179: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061179
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1061179: transition: qtbase-abi-5-15-12

2024-01-20 Thread Dmitry Shachnev

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: transition
Control: block -1 by 1060761 1060802

Dear Release team,

I have skipped Qt 5.15.11 release and would like to upgrade to 5.15.12
which was published in December. Qt WebEngine will be upgraded from 5.15.15
to 5.15.16. The transition is prepared in experimental.

There are two blockers, lomiri-ui-toolkit and stellarium, but I can NMU them.

I have submitted a merge request with the ben file:
https://salsa.debian.org/release-team/transition-data/-/merge_requests/47

--
Dmitry Shachnev


signature.asc
Description: PGP signature

Bug#1061177: bullseye-pu: package tar/1.34+dfsg-1+deb11u1

2024-01-20 Thread Salvatore Bonaccorso

Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: t...@packages.debian.org, Janos Lenart , 
car...@debian.org
Control: affects -1 + src:tar

Dear Stable release managers,

[ Reason ]
tar in bullseye is affected by two issues with assigned CVEs,
CVE-2022-48303 and CVE-2023-39804 both which do not warrant a DSA and
have minor impact.

[ Impact ]
Remain vulnerable to the two CVEs, with DoS potential.

[ Tests ]
Verified the fixes against the PoCs available for both CVEs.

[ Risks ]
Should be minor, the fixes are targeted to address the respective
issues and taken from upstream git repository. Both fixes are
available in unstable and testing with no regression reporting to the
best of my knowledge.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
The upstream changes fix the boundary checking in base-256 decoder for
CVE-2022-48303 and the handling of extended header prefixes for
CVE-2023-39804.

[ Other info ]
Nothing else.

Regards,
Salvatore
diff -Nru tar-1.34+dfsg/debian/changelog tar-1.34+dfsg/debian/changelog
--- tar-1.34+dfsg/debian/changelog  2021-02-17 10:55:26.0 +0100
+++ tar-1.34+dfsg/debian/changelog  2024-01-20 10:59:10.0 +0100
@@ -1,3 +1,12 @@
+tar (1.34+dfsg-1+deb11u1) bullseye; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix boundary checking in base-256 decoder (CVE-2022-48303)
+  * Fix handling of extended header prefixes (CVE-2023-39804)
+(Closes: #1058079)
+
+ -- Salvatore Bonaccorso   Sat, 20 Jan 2024 10:59:10 +0100
+
 tar (1.34+dfsg-1) unstable; urgency=medium
 
   * New upstream version
diff -Nru 
tar-1.34+dfsg/debian/patches/Fix-boundary-checking-in-base-256-decoder.patch 
tar-1.34+dfsg/debian/patches/Fix-boundary-checking-in-base-256-decoder.patch
--- 
tar-1.34+dfsg/debian/patches/Fix-boundary-checking-in-base-256-decoder.patch
1970-01-01 01:00:00.0 +0100
+++ 
tar-1.34+dfsg/debian/patches/Fix-boundary-checking-in-base-256-decoder.patch
2024-01-20 10:59:10.0 +0100
@@ -0,0 +1,31 @@
+From: Sergey Poznyakoff 
+Date: Sat, 11 Feb 2023 11:57:39 +0200
+Subject: Fix boundary checking in base-256 decoder
+Origin: 
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=3da78400eafcccb97e2f2fd4b227ea40d794ede8
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2022-48303
+
+* src/list.c (from_header): Base-256 encoding is at least 2 bytes
+long.
+---
+ src/list.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/src/list.c b/src/list.c
+index 9fafc425a824..86bcfdd1cc30 100644
+--- a/src/list.c
 b/src/list.c
+@@ -881,8 +881,9 @@ from_header (char const *where0, size_t digs, char const 
*type,
+ where++;
+   }
+ }
+-  else if (*where == '\200' /* positive base-256 */
+- || *where == '\377' /* negative base-256 */)
++  else if (where <= lim - 2
++ && (*where == '\200' /* positive base-256 */
++ || *where == '\377' /* negative base-256 */))
+ {
+   /* Parse base-256 output.  A nonnegative number N is
+represented as (256**DIGS)/2 + N; a negative number -N is
+-- 
+2.43.0
+
diff -Nru 
tar-1.34+dfsg/debian/patches/Fix-handling-of-extended-header-prefixes.patch 
tar-1.34+dfsg/debian/patches/Fix-handling-of-extended-header-prefixes.patch
--- tar-1.34+dfsg/debian/patches/Fix-handling-of-extended-header-prefixes.patch 
1970-01-01 01:00:00.0 +0100
+++ tar-1.34+dfsg/debian/patches/Fix-handling-of-extended-header-prefixes.patch 
2024-01-20 10:59:10.0 +0100
@@ -0,0 +1,62 @@
+From: Sergey Poznyakoff 
+Date: Sat, 28 Aug 2021 16:02:12 +0300
+Subject: Fix handling of extended header prefixes
+Origin: 
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=a339f05cd269013fa133d2f148d73f6f7d4247e4
+Bug-Debian: https://bugs.debian.org/1058079
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-39804
+
+* src/xheader.c (locate_handler): Recognize prefix keywords only
+when followed by a dot.
+(xattr_decoder): Use xmalloc/xstrdup instead of alloc
+---
+ src/xheader.c | 17 +
+ 1 file changed, 9 insertions(+), 8 deletions(-)
+
+diff --git a/src/xheader.c b/src/xheader.c
+index 4f8b2b27cc62..3cd694d1b12a 100644
+--- a/src/xheader.c
 b/src/xheader.c
+@@ -637,11 +637,11 @@ static struct xhdr_tab const *
+ locate_handler (char const *keyword)
+ {
+   struct xhdr_tab const *p;
+-
+   for (p = xhdr_tab; p->keyword; p++)
+ if (p->prefix)
+   {
+-if (strncmp (p->keyword, keyword, strlen(p->keyword)) == 0)
++  size_t kwlen = strlen (p->keyword);
++if (keyword[kwlen] == '.' && strncmp (p->keyword, keyword, kwlen) == 
0)
+   return p;
+   }
+ else
+@@ -1716,19 +1716,20 @@ xattr_decoder (struct

Processed: bullseye-pu: package tar/1.34+dfsg-1+deb11u1

2024-01-20 Thread Debian Bug Tracking System

Processing control commands:

> affects -1 + src:tar
Bug #1061177 [release.debian.org] bullseye-pu: package tar/1.34+dfsg-1+deb11u1
Added indication that 1061177 affects src:tar

-- 
1061177: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061177
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#1061176: bookworm-pu: package tar/1.34+dfsg-1.2+deb12u1

2024-01-20 Thread Salvatore Bonaccorso

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: t...@packages.debian.org, Janos Lenart , 
car...@debian.org
Control: affects -1 + src:tar

Dear Stable release managers,

[ Reason ]
tar in bookworm is affected by two issues with assigned CVEs,
CVE-2022-48303 and CVE-2023-39804 both which do not warrant a DSA and
have minor impact.

[ Impact ]
Remain vulnerable to the two CVEs, with DoS potential.

[ Tests ]
Verified the fixes against the PoCs available for both CVEs.

[ Risks ]
Should be minor, the fixes are targeted to address the respective
issues and taken from upstream git repository. Both fixes are
available in unstable and testing with no regression reporting to the
best of my knowledge.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
The upstream changes fix the boundary checking in base-256 decoder for
CVE-2022-48303 and the handling of extended header prefixes for
CVE-2023-39804.

[ Other info ]
Nothing else.

Regards,
Salvatore
diff -Nru tar-1.34+dfsg/debian/changelog tar-1.34+dfsg/debian/changelog
--- tar-1.34+dfsg/debian/changelog  2023-04-06 16:25:47.0 +0200
+++ tar-1.34+dfsg/debian/changelog  2024-01-20 10:27:07.0 +0100
@@ -1,3 +1,12 @@
+tar (1.34+dfsg-1.2+deb12u1) bookworm; urgency=medium
+
+  * Non-maintainer upload.
+  * Fix boundary checking in base-256 decoder (CVE-2022-48303)
+  * Fix handling of extended header prefixes (CVE-2023-39804)
+(Closes: #1058079)
+
+ -- Salvatore Bonaccorso   Sat, 20 Jan 2024 10:27:07 +0100
+
 tar (1.34+dfsg-1.2) unstable; urgency=medium
 
   * Non-maintainer upload.
diff -Nru 
tar-1.34+dfsg/debian/patches/Fix-boundary-checking-in-base-256-decoder.patch 
tar-1.34+dfsg/debian/patches/Fix-boundary-checking-in-base-256-decoder.patch
--- 
tar-1.34+dfsg/debian/patches/Fix-boundary-checking-in-base-256-decoder.patch
1970-01-01 01:00:00.0 +0100
+++ 
tar-1.34+dfsg/debian/patches/Fix-boundary-checking-in-base-256-decoder.patch
2024-01-20 10:27:07.0 +0100
@@ -0,0 +1,31 @@
+From: Sergey Poznyakoff 
+Date: Sat, 11 Feb 2023 11:57:39 +0200
+Subject: Fix boundary checking in base-256 decoder
+Origin: 
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=3da78400eafcccb97e2f2fd4b227ea40d794ede8
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2022-48303
+
+* src/list.c (from_header): Base-256 encoding is at least 2 bytes
+long.
+---
+ src/list.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/src/list.c b/src/list.c
+index 9fafc425a824..86bcfdd1cc30 100644
+--- a/src/list.c
 b/src/list.c
+@@ -881,8 +881,9 @@ from_header (char const *where0, size_t digs, char const 
*type,
+ where++;
+   }
+ }
+-  else if (*where == '\200' /* positive base-256 */
+- || *where == '\377' /* negative base-256 */)
++  else if (where <= lim - 2
++ && (*where == '\200' /* positive base-256 */
++ || *where == '\377' /* negative base-256 */))
+ {
+   /* Parse base-256 output.  A nonnegative number N is
+represented as (256**DIGS)/2 + N; a negative number -N is
+-- 
+2.43.0
+
diff -Nru 
tar-1.34+dfsg/debian/patches/Fix-handling-of-extended-header-prefixes.patch 
tar-1.34+dfsg/debian/patches/Fix-handling-of-extended-header-prefixes.patch
--- tar-1.34+dfsg/debian/patches/Fix-handling-of-extended-header-prefixes.patch 
1970-01-01 01:00:00.0 +0100
+++ tar-1.34+dfsg/debian/patches/Fix-handling-of-extended-header-prefixes.patch 
2024-01-20 10:27:07.0 +0100
@@ -0,0 +1,62 @@
+From: Sergey Poznyakoff 
+Date: Sat, 28 Aug 2021 16:02:12 +0300
+Subject: Fix handling of extended header prefixes
+Origin: 
https://git.savannah.gnu.org/cgit/tar.git/commit/?id=a339f05cd269013fa133d2f148d73f6f7d4247e4
+Bug-Debian: https://bugs.debian.org/1058079
+Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-39804
+
+* src/xheader.c (locate_handler): Recognize prefix keywords only
+when followed by a dot.
+(xattr_decoder): Use xmalloc/xstrdup instead of alloc
+---
+ src/xheader.c | 17 +
+ 1 file changed, 9 insertions(+), 8 deletions(-)
+
+diff --git a/src/xheader.c b/src/xheader.c
+index 4f8b2b27cc62..3cd694d1b12a 100644
+--- a/src/xheader.c
 b/src/xheader.c
+@@ -637,11 +637,11 @@ static struct xhdr_tab const *
+ locate_handler (char const *keyword)
+ {
+   struct xhdr_tab const *p;
+-
+   for (p = xhdr_tab; p->keyword; p++)
+ if (p->prefix)
+   {
+-if (strncmp (p->keyword, keyword, strlen(p->keyword)) == 0)
++  size_t kwlen = strlen (p->keyword);
++if (keyword[kwlen] == '.' && strncmp (p->keyword, keyword, kwlen) == 
0)
+   return p;
+   }
+ else
+@@ -1716,19 +1716,20 @@ xattr_decoder (struct

Processed: bookworm-pu: package tar/1.34+dfsg-1.2+deb12u1

2024-01-20 Thread Debian Bug Tracking System

Processing control commands:

> affects -1 + src:tar
Bug #1061176 [release.debian.org] bookworm-pu: package tar/1.34+dfsg-1.2+deb12u1
Added indication that 1061176 affects src:tar

-- 
1061176: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061176
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

82 matches

Mail list logo