Your message dated Sat, 14 Jul 2018 11:21:20 +0100 with message-id <1531563680.2095.30.camel@adam-barratt.org.uk> and subject line Closing bugs for updates included in 9.5 has caused the Debian Bug report #894713, regarding stretch-pu: Pre-approval of package apache2/2.4.25-3+deb9u5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 894713: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894713 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: stretch-pu: Pre-approval of package apache2/2.4.25-3+deb9u5
- From: Stefan Fritsch <sf@sfritsch.de>
- Date: Tue, 03 Apr 2018 14:07:33 +0200
- Message-id: <152275725330.3199.10882644970793316680.reportbug@manul.sfritsch.de>
Package: release.debian.org Severity: normal Tags: stretch User: release.debian.org@packages.debian.org Usertags: pu Hi, I would like to do an upgrade of apache2 in stretch that upgrades the complete mod_http2 and mod_proxy_http2 modules from the versions from 2.4.25 to the versions from 2.4.33. The reason is that the fix for CVE-2018-1302 [1] is difficult to backport because it concerns a complex life-time issue of data structures, the relevant code has changed greatly between 2.4.25 and 2.4.33, and I am not familiar with the internals of mod_http2. There are other random segfaults [2] and other bugs [3] in stretch's mod_http2 that are reportedly fixed by newer mod_http2. Therefore, upgrading the whole thing seems like the best solution to me. Do you agree with this approach? The diff is not reviewable (58 files changed, 5533 insertions, 4182 deletions), but it only touches the http2 modules. I may also include a few other small bug fixes. I will prepare the updated package and send the detailed information after the pending DSA for some other issues has been released (2.4.25-3+deb9u4). Cheers, Stefan [1] http://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-1302 [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873945 [3] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850947
--- End Message ---
--- Begin Message ---
- To: 873330-done@bugs.debian.org, 880037-done@bugs.debian.org, 882197-done@bugs.debian.org, 885333-done@bugs.debian.org, 885617-done@bugs.debian.org, 887160-done@bugs.debian.org, 888766-done@bugs.debian.org, 888909-done@bugs.debian.org, 889940-done@bugs.debian.org, 890791-done@bugs.debian.org, 891415-done@bugs.debian.org, 891466-done@bugs.debian.org, 891470-done@bugs.debian.org, 891559-done@bugs.debian.org, 891563-done@bugs.debian.org, 891576-done@bugs.debian.org, 891580-done@bugs.debian.org, 891587-done@bugs.debian.org, 891655-done@bugs.debian.org, 891658-done@bugs.debian.org, 891668-done@bugs.debian.org, 891772-done@bugs.debian.org, 891784-done@bugs.debian.org, 891788-done@bugs.debian.org, 891791-done@bugs.debian.org, 891793-done@bugs.debian.org, 892278-done@bugs.debian.org, 892734-done@bugs.debian.org, 892836-done@bugs.debian.org, 892857-done@bugs.debian.org, 892940-done@bugs.debian.org, 893043-done@bugs.debian.org, 893278-done@bugs.debian.org, 893803-done@bugs.debian.org, 893866-done@bugs.debian.org, 893971-done@bugs.debian.org, 894713-done@bugs.debian.org, 894960-done@bugs.debian.org, 894971-done@bugs.debian.org, 895596-done@bugs.debian.org, 895766-done@bugs.debian.org, 895846-done@bugs.debian.org, 895888-done@bugs.debian.org, 895936-done@bugs.debian.org, 896170-done@bugs.debian.org, 896689-done@bugs.debian.org, 896918-done@bugs.debian.org, 896940-done@bugs.debian.org, 896945-done@bugs.debian.org, 897188-done@bugs.debian.org, 897368-done@bugs.debian.org, 897912-done@bugs.debian.org, 897923-done@bugs.debian.org, 899006-done@bugs.debian.org, 899014-done@bugs.debian.org, 900920-done@bugs.debian.org, 901033-done@bugs.debian.org, 901089-done@bugs.debian.org, 901192-done@bugs.debian.org, 901288-done@bugs.debian.org, 901331-done@bugs.debian.org, 901355-done@bugs.debian.org, 901426-done@bugs.debian.org, 901476-done@bugs.debian.org, 901639-done@bugs.debian.org, 901811-done@bugs.debian.org, 902042-done@bugs.debian.org, 902282-done@bugs.debian.org, 902283-done@bugs.debian.org, 902294-done@bugs.debian.org, 902319-done@bugs.debian.org, 902325-done@bugs.debian.org, 902326-done@bugs.debian.org, 902688-done@bugs.debian.org, 902758-done@bugs.debian.org, 902832-done@bugs.debian.org, 903005-done@bugs.debian.org, 903015-done@bugs.debian.org, 903037-done@bugs.debian.org, 903052-done@bugs.debian.org, 903088-done@bugs.debian.org, 903199-done@bugs.debian.org, 903203-done@bugs.debian.org, 903216-done@bugs.debian.org, 859731-done@bugs.debian.org, 899189-done@bugs.debian.org, 901744-done@bugs.debian.org
- Subject: Closing bugs for updates included in 9.5
- From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Date: Sat, 14 Jul 2018 11:21:20 +0100
- Message-id: <1531563680.2095.30.camel@adam-barratt.org.uk>
Version: 9.5 Hi, The update referenced by each of these bugs was included in this morning's stretch point release. Regards, Adam
--- End Message ---