Accepted kanboard 1.2.47+ds-1 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted kanboard 1.2.47+ds-1 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 31 Aug 2025 03:04:35 +0000
Message-id: <[🔎] E1usYMt-00FfYZ-0c@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 30 Aug 2025 22:32:02 -0400
Source: kanboard
Architecture: source
Version: 1.2.47+ds-1
Distribution: unstable
Urgency: medium
Maintainer: Joseph Nahmias <jello@debian.org>
Changed-By: Joseph Nahmias <jello@debian.org>
Closes: 1112360 1112361 1112362 1112363 1112364
Changes:
 kanboard (1.2.47+ds-1) unstable; urgency=medium
 .
   * New upstream version 1.2.47+ds
     + Password Reset Poisoning via Host Header Injection:
       GHSA-2ch5-gqjm-8p92 aka CVE-2025-52560. Closes: #1112361.
     + Authenticated Admin Remote Code Execution via Unsafe Deserialization
       of Events:  GHSA-359x-c69j-q64r aka CVE-2025-55010. Closes: #1112363.
     + Stored XSS in project name: GHSA-5wj3-c9v4-pj9v aka CVE-2025-46825.
       Closes: #1112360.
     + Username Enumeration via Login Behavior and Bruteforce Protection Bypass:
       GHSA-qw57-7cx6-wvp7 aka CVE-2025-52576. Closes: #1112362.
     + Path Traversal in File Write via Task File Upload Api:
       GHSA-26f4-rx96-xc55 aka CVE-2025-55011. Closes: #1112364.
   * drop/refresh patches, as needed
   * enable build profiles in salsa ci
   * build package twice in salsa ci
   * enable salsa ci stats reporting
   * run wrap-and-sort -asbkt; enable job in salsa ci
Checksums-Sha1:
 236268b07ac301b2b26c7075274105637db70810 2768 kanboard_1.2.47+ds-1.dsc
 56b9567bc38ad87610186bc2f29b800cebba639e 1073704 kanboard_1.2.47+ds.orig.tar.xz
 7f110f991d4a812e6d7c2a9d84c827837ad36315 15920 kanboard_1.2.47+ds-1.debian.tar.xz
 55fabd4fc8d490566d22015ae90087c76e34711b 11323 kanboard_1.2.47+ds-1_amd64.buildinfo
Checksums-Sha256:
 d28af6c3ae7f338ad2cefc6fac3f2b87be006837396331937db574b19190a112 2768 kanboard_1.2.47+ds-1.dsc
 aae0f769cef6a99308082691a1d481d71014cf5b57f48084d46e88e9907ad96e 1073704 kanboard_1.2.47+ds.orig.tar.xz
 7d027ea8b9bc2608708447b405f7af629037431847b50fe5a0b4f79ca00cccbe 15920 kanboard_1.2.47+ds-1.debian.tar.xz
 8abfbebd8e695cb4dd563e5cac2740ebc2267f3fd94716c726d1443a669150f3 11323 kanboard_1.2.47+ds-1_amd64.buildinfo
Files:
 99bdcb7f0af94cd25933400cceaa6e8a 2768 web optional kanboard_1.2.47+ds-1.dsc
 6cca187546cefae07dd3786bc8c6c2fb 1073704 web optional kanboard_1.2.47+ds.orig.tar.xz
 3ca9279f6b888ace5003da929604601c 15920 web optional kanboard_1.2.47+ds-1.debian.tar.xz
 7bb2a0305da0f7be48c1efd8368ecad8 11323 web optional kanboard_1.2.47+ds-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcxc7CTsDz7hRCK0UsRvZGQeaO5gFAmizuIUACgkQsRvZGQea
O5h+Rw/9Gsw5fGtWJms5pPViNIq+qZoVn32j2XjY6NsPJV7FoVSdJzhb2SnDAvUW
JWgsCWEJOT2nKnHK9Bxcn+ukDmtO1A70T086uVjKyT/QQXIV6mJSDM8Menahu2J6
PGE2T9+wGCYybMfMavfQbOtBNH103/TSeSVWYQM81EhVht3qi+WGel6zlYsMfmKm
FaDBd3Eb+RWGM0YWmNbbCbehNoDWxNE8qNb+i0p1pPuEtK2ad9Gzo/pKQtfTzlCz
jO4pFlhMK1ClOG3I+Qij+MeyHZS4Mbrn1Hi5D7kuxFRMZWkE16srKX7dAZ77b1jx
A2ySf2mPkheOW6luHJrSngke+Dk/vsQXiZu9JCl3o2VeglEYJhbq6rHI+5zOR1MN
cjEW/QVvZA/Wxlu6kvUtO6lskfV1oNCZiXumdmc4zt8y4i4Y/1WT7IPOnFR2tDuP
GZyv9C/XY5nfzimJmcyWKNtLutCRNRGdX5U6yn8cOcAutPGXGn2M8DDDS5uYepeH
b/OilG1sg/U61v+whfbDDwC7qgf5OLyE+Vupo3OJcdl+AWiAjlUyS88VVLf/CKbm
nKFj59do4isfcUSPS+YoP0/1Bf8NQAXjbGu1/V08d5+z87M4ORJGgiy8d6s4TaEg
QPe18ZuFWFGWu9FHcy6NGqSUi5frdpJ4QvhHvJdNsNWQjDYoAZ4=
=fL4A
-----END PGP SIGNATURE-----

Attachment: pgpPArc8XzWGk.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted freetds 1.5.5+ds-1 (source) into unstable
Next by Date: Accepted rust-minreq 2.13.4-4 (source) into unstable
Previous by thread: Accepted freetds 1.5.5+ds-1 (source) into unstable
Next by thread: Accepted rust-minreq 2.13.4-4 (source) into unstable
Index(es):
- Date
- Thread