Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor

To: 1021364-submitter@bugs.debian.org
Subject: Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
From: Bastian Germann <bage@debian.org>
Date: Wed, 12 Oct 2022 20:23:38 +0200
Message-id: <[🔎] 7ee44480-d017-619c-de94-433b9be6e911@debian.org>
Reply-to: Bastian Germann <bage@debian.org>, 1021364-quiet@bugs.debian.org
In-reply-to: <[🔎] CANxOp7AbzCmEBv0TyHhmoFFXBNc3+=usdn4=N=2-odpYtXOMVw@mail.gmail.com>
References: <[🔎] 40710850-7cbe-7086-8ee0-6e24ac1cd217@debian.org> <[🔎] 3dae2273-f6ee-f17a-7679-41e80d220061@gmail.com> <[🔎] fbe6b217-e12d-9b6c-1fb1-c32bce32e710@debian.org> <[🔎] 8bd6148b-2aa3-311d-d95e-81290a308c55@gmail.com> <[🔎] 1de3e345-0c7e-ff48-75de-653e07bbb757@debian.org> <[🔎] bff88ca1-7dc7-e014-5f60-add7d0c8e0d3@gmail.com> <[🔎] CANxOp7DszM9OLx66=L86KgLc62Po_EdsBgA71z9udeDO_cDk-w@mail.gmail.com> <[🔎] 20221011004441.GO27919@mail.wookware.org> <[🔎] CANxOp7BDkfMYt6JMn-E09FC0SpeQz1xwbi4Ka3Ec+Gz1y-Ea1A@mail.gmail.com> <[🔎] CANxOp7Ba=mFiDU7zi0CN852t-n=wqjcQfVck2yZhim=X4NW-Gg@mail.gmail.com> <[🔎] 87edve5ecu.fsf@DigitalMercury.freeddns.org> <[🔎] CANxOp7AbzCmEBv0TyHhmoFFXBNc3+=usdn4=N=2-odpYtXOMVw@mail.gmail.com> <[🔎] CANxOp7AbzCmEBv0TyHhmoFFXBNc3+=usdn4=N=2-odpYtXOMVw@mail.gmail.com> <[🔎] CANxOp7BDkfMYt6JMn-E09FC0SpeQz1xwbi4Ka3Ec+Gz1y-Ea1A@mail.gmail.com>

With the new upload's changelog you claim:
"vulnerability patched in 3rdparty/cmark-gfm CVE-2022-24724, CVE-2022-39209"

1) I do not see the +dfsg version indication represented - no repack is done.
   If you do not repack please remove the +dfsg and tell if you have verified the uglified
   JS to be represented in the included MathJax src.

2) I would have expected this to contain a patch that fixes CVE-2022-39209. There is no patch.
   If you cannot afford to fix this, remove the identifier from the changelog.
   But I will only sponsor this package when this is fixed.

Reply to:

References:
- Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
  - From: Bastian Germann <bage@debian.org>
- Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
  - From: Sebastien CHAVAUX <seb95.scou@gmail.com>
- Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
  - From: Bastian Germann <bage@debian.org>
- Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
  - From: Sebastien CHAVAUX <seb95.scou@gmail.com>
- Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
  - From: Bastian Germann <bage@debian.org>
- Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
  - From: Sebastien CHAVAUX <seb95.scou@gmail.com>
- Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
  - From: Sebastien Chavaux <seb95.scou@gmail.com>
- Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
  - From: Wookey <wookey@wookware.org>
- Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
  - From: Sebastien Chavaux <seb95.scou@gmail.com>
- Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
  - From: Sebastien Chavaux <seb95.scou@gmail.com>
- Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
  - From: Nicholas D Steeves <sten@debian.org>
- Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
  - From: Sebastien Chavaux <seb95.scou@gmail.com>

Prev by Date: Bug#1014078: RE: Bug#1014078: RFS: librosa/0.9.2-1 [ITP] -- Python package for music and audio analysis
Next by Date: Bug#1012196: marked as done (RFS: exaile/4.1.2+dfsg-1 [ITP] -- music player with a simple interface)
Previous by thread: Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
Next by thread: Bug#1021364: RFS: ghostwriter/2.2.0-1 [RC] -- Distraction-free, themeable Markdown editor
Index(es):
- Date
- Thread