Bug#1001180: bullseye-pu: package isync/1.3.0-2.2+deb11u1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1001180: bullseye-pu: package isync/1.3.0-2.2+deb11u1
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Sun, 05 Dec 2021 21:30:14 +0100
Message-id: <[🔎] 163873621497.3224462.1169380010196625101.reportbug@elende.valinor.li>
Reply-to: Salvatore Bonaccorso <carnil@debian.org>, 1001180@bugs.debian.org

Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian.org@packages.debian.org
Usertags: pu
X-Debbugs-Cc: carnil@debian.org,anarcat@debian.org

Hi SRM,

isync in bullseye is affected by CVE-2021-3657[1]. Upstream is
providing as well explicit patches for the 1.3.x series. That said, I
could not explicitly thest the package for the CVE is question.

But I'm X-Debbugs-CC'ing Antoine which might additionally be able to
expose the package for bullseye to some real situation testing.

Regards,
Salvatore

 [1] https://www.openwall.com/lists/oss-security/2021/12/03/1

Reply to:

Follow-Ups:
- Bug#1001180: bullseye-pu: package isync/1.3.0-2.2+deb11u1
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Bug#1001180: bullseye-pu: package isync/1.3.0-2.2+deb11u1
  - From: Antoine Beaupré <anarcat@debian.org>
- Bug#1001180: isync 1.3.0-2.2+deb11u1 flagged for acceptance
  - From: Adam D Barratt <adam@adam-barratt.org.uk>
- Bug#1001180: marked as done (bullseye-pu: package isync/1.3.0-2.2+deb11u1)
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Re: please stop block janus from entering testing
Next by Date: Re: please stop block janus from entering testing
Previous by thread: Re: please stop block janus from entering testing
Next by thread: Bug#1001180: bullseye-pu: package isync/1.3.0-2.2+deb11u1
Index(es):
- Date
- Thread