Accepted isc-kea 2.6.3-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted isc-kea 2.6.3-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Tue, 03 Jun 2025 15:16:49 +0000
Message-id: <[🔎] E1uMTNh-0003TF-BK@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Mon, 02 Jun 2025 19:00:06 +0200
Source: isc-kea
Architecture: source
Version: 2.6.3-1
Distribution: unstable
Urgency: medium
Maintainer: Kea <isc-kea@packages.debian.org>
Changed-By: Paride Legovini <paride@debian.org>
Closes: 1106737
Changes:
 isc-kea (2.6.3-1) unstable; urgency=medium
 .
   * New upstream version 2.6.3.
     Closes: #1106737 by fixing:
     - CVE-2025-32801:
       Loading a malicious hook library can lead to local privilege escalation
     - CVE-2025-32802:
       Insecure handling of file paths allows multiple local attacks
     - CVE-2025-32803:
       Insecure file permissions can result in confidential information leakage
     Thanks: Salvatore Bonaccorso
   * d/*.service: restrict RuntimeDirectory and StateDirectory.
     This is part of the fix of the aforementioned CVEs.
   * d/kea-common.postinst: make /etc/kea owned by _kea:_kea and chmod 0750
   * d/p/0009-disable-database-tests.patch: refresh (context)
   * d/p/0010-set-control-sockets-location.patch drop patch (upstreamed)
   * d/p/0011-kea-ctrl-agent-authentication.patch: drop patch (upstreamed)
   * d/t/smoke-test: execute some test commands as the _kea user.
Checksums-Sha1:
 af04797ef518f5f77eebe682741757fd6cc01723 2865 isc-kea_2.6.3-1.dsc
 1b3074be301ae6f885ce63028503c9d0fa38c5c1 10498882 isc-kea_2.6.3.orig.tar.gz
 d29c3c7aac170276838dd44d148eecfcb231f315 833 isc-kea_2.6.3.orig.tar.gz.asc
 8c3a0e1d61af8cbf7e00cbd2269f135b0cdf0a79 42376 isc-kea_2.6.3-1.debian.tar.xz
 1934a4318131f488d712e46466df164f95b15994 8913 isc-kea_2.6.3-1_source.buildinfo
Checksums-Sha256:
 80ed03d97f6af9c79134859b23cc8bc64114e3a93848a8d2c9a0895972ea8efe 2865 isc-kea_2.6.3-1.dsc
 00241a5955ffd3d215a2c098c4527f9d7f4b203188b276f9a36250dd3d9dd612 10498882 isc-kea_2.6.3.orig.tar.gz
 f6946770faeaeb055dced609bf29a949542236921b6780e1a07a56d66b461883 833 isc-kea_2.6.3.orig.tar.gz.asc
 7f99de391aaf3aa6a786b052ce8078ea261f9c6df395d73169dc17681e4b1367 42376 isc-kea_2.6.3-1.debian.tar.xz
 c313ad970c1950146668a8ab0c048e5d3fe4ea00c3c796eda951e9378cc44bff 8913 isc-kea_2.6.3-1_source.buildinfo
Files:
 e00d372923a7260513b8f2f0973ddcda 2865 net optional isc-kea_2.6.3-1.dsc
 abf8cb8bbc74fd7691883b837e9deec8 10498882 net optional isc-kea_2.6.3.orig.tar.gz
 91b1f7ddd097fef8852b6ae7b1deb664 833 net optional isc-kea_2.6.3.orig.tar.gz.asc
 77832fc2f4737a63e0be56d7e4928318 42376 net optional isc-kea_2.6.3-1.debian.tar.xz
 e2ea98f5c30d730f3689f92bee7ddf63 8913 net optional isc-kea_2.6.3-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

wsC7BAEBCgBvBYJoPusrCRDWWGGIPgFNuUcUAAAAAAAeACBzYWx0QG5vdGF0aW9u
cy5zZXF1b2lhLXBncC5vcmeVdLFbQiHcjOfQ4doOLg9BbfmEBwohHan0yhqgeV7W
0xYhBFYa1YXu12aSG6jdltZYYYg+AU25AACzMQf/dSifc7t+wjlwtioMpS1y+EJ9
9NtjxKnI7XLethiVd3ezqj2Nn3YQC3fh8jEByhYnGU5feK+RzluXSzaJmwt1Q1wQ
jCCV6LjM/KdiLvtWmhX0TxoK9zZFbgq4HjsSj0pD6mnQQ+KwtzXIRwZpQt391MnH
AMlZsVKG+zW+Fj7ooVNcnCt0iDtENY0nfHROCJWNyTFVfng/ghAu/cAWukHBTdqD
1y9K/UNj8KNqeoIRTQ9YN18dNvK60AqDxY1Vv/Mb7tsPawa6eQJZovinvL2Z2LIN
1DcTAxmHnssvBF2lWJu9A/BBWlGrIXc83bebrG97W8/ncQ/C2KZXjUdqGZG4aw==
=zQwn
-----END PGP SIGNATURE-----

Attachment: pgpkF0GT5H8r0.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted imx-code-signing-tool 3.4.1+dfsg-4 (source) into unstable
Next by Date: Accepted kf6-kcmutils 6.13.0-2 (source) into unstable
Previous by thread: Accepted imx-code-signing-tool 3.4.1+dfsg-4 (source) into unstable
Next by thread: Accepted kf6-kcmutils 6.13.0-2 (source) into unstable
Index(es):
- Date
- Thread