Bug#969190: buster-pu: package libvncserver/0.9.11+dfsg-1.3+deb10u3

Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu Dear release team, several (minor) CVE issues have been resolved in buster's libvncserver: + * CVE-2019-20839: libvncclient: bail out if unix socket name would overflow. + *

Re: Go issues wrt. Debian infrastructure: moving forward

On Thu, Aug 27, 2020 at 07:16:19PM +0200, Clément Hermann wrote: > I'm fine with IRC too. I think the dak implementation would be the best > (along with a script or something that can tell which packages to > binNMU, but with the proper field set d/control for binaries that > doesn't sound

NEW changes in stable-new

Processing changes file: bind9_9.11.5.P4+dfsg-5.1+deb10u2_sourceonly.changes ACCEPT Processing changes file: bind9_9.11.5.P4+dfsg-5.1+deb10u2_all.changes ACCEPT Processing changes file: bind9_9.11.5.P4+dfsg-5.1+deb10u2_amd64-buildd.changes ACCEPT Processing changes file:

Bug#969172: buster-pu: package asterisk/1:16.2.1~dfsg-1+deb10u2

Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu Hi, I would like to make a stable-update for asterisk. It fixes three minor CVEs (marked no-dsa) #940060 CVE-2019-15297: AST-2019-004: Crash when negotiating for T.38 with a

Bug#969168: RM: ruby-has-scope/0.7.2-2 ruby-inherited-resources/1.11.0-4

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm FTBFS with rails 6 (#969166) and blocking testing migration of rails 6. It has a leaf package as reverse dependency: ruby-inherited-resources/1.11.0-4 So please remove both packages to allow

Bug#969163: buster-pu: package npm/5.8.0+ds6-4+deb10u2

Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu Hi, [ Reason ] npm is vulnerable to CVE-2020-15095: password in URL are stored in logs. This fixes import upstream commit to fix it. [ Impact ] (What is the impact for the user if

Bug#969161: RM: ruby-diaspora-federation-rails/0.2.6-1

Package: release.debian.org Severity: normal User: release.debian@packages.debian.org Usertags: rm This package is not yet compatible with rails 6 (#969157) and is blocking migration of rails 6 to testing. -- System Information: Debian Release: bullseye/sid APT prefers unstable APT

Bug#969158: expeyes: maybe a false positive generated by mail_autoremovals.pl?

Package: release.debian.org Severity: normal Dear members of the release team, The package expeyes which I maintain is affected repeatedly by announcements telling that "expeyes is marked for autoremoval from testing", ... on 2020-09-16, due to the fact that it is supposed to (build-)depend on