Bug#969272: buster-pu: package bacula/9.4.2-2

Package: release.debian.org Severity: normal Tags: buster User: release.debian@packages.debian.org Usertags: pu Dear Release Team, I'd like to fix CVE-2020-11061 for bacula in buster. The DSA team recommends fixing it via point release (according to the security tracker). The version in

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

Julien Cristau writes: > Control: tag -1 confirmed > Sorry for the delay, please go ahead. For information, I've uploaded the package some time ago and it's waiting in the NEW queue for FTP master review. Regards, Carsten

Bug#931610: stretch-pu: package pound/2.7-1.3+deb9u1

Control: tags -1 - confirmed Hi Adam, > On Sat, 2019-07-13 at 12:36 +0200, Carsten Leonhardt wrote: >> Control: tags -1 - moreinfo >> >> Hi, >> >> attached is a new debdiff, the only change is that I removed some >> cruft >> from the "Origin&

Bug#931610: stretch-pu: package pound/2.7-1.3+deb9u1

ed headers, CVE-2016-10711 +(Closes: #888786). + + -- Carsten Leonhardt Sun, 07 Jul 2019 23:44:04 +0200 + pound (2.7-1.3) unstable; urgency=medium * Non-maintainer upload. diff -Nru pound-2.7/debian/patches/0003-CVE-2016-1071.patch pound-2.7/debian/patches/0003-CVE-2016-1071.patch --- pound-

Bug#931610: stretch-pu: package pound/2.7-1.3+deb9u1

Control: tags -1 - moreinfo > On 2019-07-08 09:40, Carsten Leonhardt wrote: >> pound is affected by non-dsa CVE-2016-10711. > > The metadata for #888786 indicates that the issue affects the package > in unstable, and is not yet fixed there. Is that correct? No, the packag

Bug#931610: stretch-pu: package pound/2.7-1.3+deb9u1

: #888786). + + -- Carsten Leonhardt Sun, 07 Jul 2019 23:44:04 +0200 + pound (2.7-1.3) unstable; urgency=medium * Non-maintainer upload. diff --git a/debian/patches/0003-CVE-2016-1071.patch b/debian/patches/0003-CVE-2016-1071.patch new file mode 100644 index 000..09da940 --- /dev/null

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

Hi, is there a chance the fixed package will be accepted? Maybe you would prefer separate fixes for the two problems? Regards, Carsten

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

0 else log_progress_msg "- the configtest" diff --git a/debian/changelog b/debian/changelog index d0a4ac54..81b0627a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,21 @@ +bacula (7.4.4+dfsg-6+deb9u1) stretch; urgency=medium + + [Sven Hartge] + * Let PID files be o

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,21 @@ +bacula (7.4.4+dfsg-6+deb9u1) stretch; urgency=medium + + [Sven Hartge] + * Let PID files be owned by root. Mitigates a minor security problem +similar to CVE 2017-14610. Note that this change disables automatic +tr

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

Julien Cristau <jcris...@debian.org> writes: > On 01/15/2018 08:32 AM, Carsten Leonhardt wrote: >> Julien Cristau <jcris...@debian.org> writes: >> >>> Control: tag -1 moreinfo >>> >>> On Thu, Nov 16, 2017 at 00:02:29 +0100, Carsten Leonha

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

Julien Cristau <jcris...@debian.org> writes: > Control: tag -1 moreinfo > > On Thu, Nov 16, 2017 at 00:02:29 +0100, Carsten Leonhardt wrote: > >> 2) Bug #880529: When updating from jessie to stretch, the package >> "bacula-director-common" will be removed,

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

Hi, is there anything else I can do to help this into the next stable update? Or at least only one of the changes? Regards, Carsten

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

Hi, > 2) Bug #880529: When updating from jessie to stretch, the package > "bacula-director-common" will be removed, but the postrm will stay > around. Upon purging this package, postrm unconditionally removes the > main bacula configuration file /etc/bacula/bacula-dir.conf, leaving > bacula

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

9:25.0 +0100 +++ bacula-7.4.4+dfsg/debian/changelog 2017-11-15 22:55:15.0 +0100 @@ -1,3 +1,17 @@ +bacula (7.4.4+dfsg-6+deb9u1) stretch; urgency=medium + + [Sven Hartge] + * Let PID files be owned by root. Mitigates a minor security problem +similar to CVE 2017-14610. Note that th

Bug#858194: unblock: libsecret/0.18.5-3.1

-1,3 +1,25 @@ +libsecret (0.18.5-3.1) unstable; urgency=medium + + * Non-maintainer upload. + * debian/patches/0004-tests-collection-add-setup-delay.patch: ++ Fix failing test "collection/delete-sync" by correctly placing + the delay. Closes: #855951. + + -- Carsten Leonhardt &l

Bug#856236: unblock: bacula/7.4.4+dfsg-6 (pre-approval)

Control: tags -1 - moreinfo Ivo De Decker writes: > Please go ahead with the upload and remove the moreinfo tag from this bug once > the package is in unstable and built on all architectures. it's in installed on all release architectures now. - Carsten

Bug#856236: unblock: bacula/7.4.4+dfsg-6 (pre-approval)

Hi Ivo, > On Sun, Feb 26, 2017 at 09:36:30PM +0100, Ivo De Decker wrote: >> Control: tags -1 confirmed moreinfo >> >> Hi, >> >> On Sun, Feb 26, 2017 at 08:30:48PM +0100, Carsten Leonhardt wrote: >> > Please unblock package bacula >> &

Bug#856236: unblock: bacula/7.4.4+dfsg-6 (pre-approval)

+dfsg/debian/changelog 2017-02-26 13:39:25.0 +0100 @@ -1,3 +1,10 @@ +bacula (7.4.4+dfsg-6) unstable; urgency=medium + + [Sven Hartge] + * Backport fix for btape fill test from 7.4.5 (Closes: #855645) + + -- Carsten Leonhardt <l...@debian.org> Sun, 26 Feb 2017 13:39:25 +0100 + bacula

Re: OpenSSL 1.1.0

Ian Jackson writes: > Reading that bug I think it's a shame that we didn't manage to > effectively identify the issues we've now discussed here on -devel > earlier, despite Kurt's several messages to d-d-a. Concerns were already raised in June, in the subthread