Am Donnerstag, dem 27.02.2025 um 11:49 +0100 schrieb Marc SCHAEFER: > > There is a docker.io upgrade for bullseye: > > https://security-tracker.debian.org/tracker/TEMP-0000000-7C9547 > > However, it was not yet announced, if I am not mistaken. > > Is this because of a responsible disclosure policy? > > $ dpkg -s docker.io|grep Version > Version: 20.10.5+dfsg1-1+deb11u3 > > $ apt-cache show docker.io | grep Version | head > Version: 20.10.5+dfsg1-1+deb11u4 > > Manually downloading, the changelog says: > > docker.io (20.10.5+dfsg1-1+deb11u4) bullseye-security; > urgency=medium > > * LTS Team upload. > * Rebuild with golang-glog 0.0~git20160126.23def4e-3+deb11u1. > * No source changes. > > Does that mean that it actually would fix a go issue that docker.io > uses? I think this relates to DLA-4056-1. According to a recent discussion, there should probably be separate DLAs for affected and updated packages like docker.io (there were more). I'll forward this to the LTS team's list. Regards, Daniel
Attachment:
signature.asc
Description: This is a digitally signed message part