[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#984565: marked as done (unblock: containerd/1.4.4~ds1-1)

Your message dated Fri, 5 Mar 2021 19:21:13 +0100
with message-id <YEJ2mffnNkFHk+D0@ramacher.at>
and subject line Re: Bug#984565: unblock: containerd/1.4.4~ds1-1
has caused the Debian Bug report #984565,
regarding unblock: containerd/1.4.4~ds1-1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
984565: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984565
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: zhsj@debian.org

Please unblock package containerd

[ Reason ]
It's a new upstream point release with bugfix only, and
it fixes CVE-2021-21334
Most changes are cherry-pick by myself in upstream.

Diff:
https://salsa.debian.org/go-team/packages/containerd/-/compare/debian%2F1.4.3_ds1-2...debian%2F1.4.4_ds1-1
Many pb.go are changed, it's caused by another CVE fix, which is in
protobuf generator, golang-gogoprotobuf CVE-2021-3121
Without these pb.go files, the diff is small.

The package can migrate itself, but I file this unblock to
reduce the migrate days. Since it will become 20 days nows.

[ Impact ]
Bullseye will have 20 days without CVE fix.

[ Tests ]
The package has autopkgtest, and I have done other integration
tests, like tests with CRI-test[1], Kubernetes Node e2e tests[2].

[1] https://github.com/kubernetes-sigs/cri-tools
[2] https://github.com/kubernetes/community/blob/master/contributors/devel/sig-testing/e2e-tests.md

[ Risks ]
No

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]
No

unblock containerd/1.4.4~ds1-1

--- End Message ---
--- Begin Message --- 
On 2021-03-05 16:59:44 +0800, Shengjing Zhu wrote:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> X-Debbugs-Cc: zhsj@debian.org
> 
> Please unblock package containerd
> 
> [ Reason ]
> It's a new upstream point release with bugfix only, and
> it fixes CVE-2021-21334
> Most changes are cherry-pick by myself in upstream.
> 
> Diff:
> https://salsa.debian.org/go-team/packages/containerd/-/compare/debian%2F1.4.3_ds1-2...debian%2F1.4.4_ds1-1
> Many pb.go are changed, it's caused by another CVE fix, which is in
> protobuf generator, golang-gogoprotobuf CVE-2021-3121
> Without these pb.go files, the diff is small.
> 
> The package can migrate itself, but I file this unblock to
> reduce the migrate days. Since it will become 20 days nows.
> 
> [ Impact ]
> Bullseye will have 20 days without CVE fix.
> 
> [ Tests ]
> The package has autopkgtest, and I have done other integration
> tests, like tests with CRI-test[1], Kubernetes Node e2e tests[2].
> 
> [1] https://github.com/kubernetes-sigs/cri-tools
> [2] https://github.com/kubernetes/community/blob/master/contributors/devel/sig-testing/e2e-tests.md
> 
> [ Risks ]
> No
> 
> [ Checklist ]
>   [x] all changes are documented in the d/changelog
>   [x] I reviewed all changes and I approve them
>   [x] attach debdiff against the package in testing
> 
> [ Other info ]
> No
> 
> unblock containerd/1.4.4~ds1-1

Aged to 5 days. Thanks

Cheers
-- 
Sebastian Ramacher

Attachment: signature.asc
Description: PGP signature


--- End Message ---
Reply to: