1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1104154: bookworm-pu: package fig2dev/1:3.2.8b-3+deb12u2

    From Salvatore Bonaccorso@21:1/5 to Salvatore Bonaccorso on Thu May 15 22:40:01 2025
    XPost: linux.debian.devel.release

    Hi Roland,

    On Sat, May 10, 2025 at 02:50:42PM +0200, Salvatore Bonaccorso wrote:
    Hi Roland,

    On Mon, May 05, 2025 at 08:15:42PM +0200, Roland Rosenfeld wrote:
    Hi Salvatore!

    On Wed, 30 Apr 2025, Salvatore Bonaccorso wrote:

    FWIW, the CVEs have been rejected in meanwhile as there is no real security impact. I think still it is worth you might upload your
    package for the upcoming point release, but please drop the CVE id mentionings.

    Okay, I renamed the patches to their names from sid/trixie and removed
    the CVE references from the patches and from debian/changelog.

    An updated debdiff is attached.
    The updated salsa pipeline is at https://salsa.debian.org/debian/fig2dev/-/pipelines/861650

    Everything else didn't change since the initial bugreport.
    A diff against the initial bug report can be found in https://salsa.debian.org/debian/fig2dev/-/commit/792b63860a7e4bdc6199da9e049cc617512c44b9

    Thanks a lot. AFAICS you did not got an ack yet from release team, but
    if you are confident that it will be accepted as it is, you can take advantage of the improved workflow and upload as well the package
    already. I'm mentioning that since the window for uploading fixes for
    the next point release will close this weekend.

    To late for the next point release, but we can do the next one :)

    FWIW, just from today the CVEs got assigned back after they got
    dropped. I restored the tracking from security-tracker point of view
    as:

    https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7302ddf264401a63ade31814877256fe6a21861

    Regards,
    Salvatore

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)