Bug#992331: bullseye-pu: package keystone/18.0.0-3+deb11u1 (CVE-2021-38155)

To: Thomas Goirand <zigo@debian.org>, 992331@bugs.debian.org
Subject: Bug#992331: bullseye-pu: package keystone/18.0.0-3+deb11u1 (CVE-2021-38155)
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Mon, 29 Nov 2021 17:35:12 +0000
Message-id: <[🔎] 59c771949d574b192cde87c0f6400b4f90360224.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 992331@bugs.debian.org
In-reply-to: <6e50a414-dd8c-8065-83b8-dd03fcdba1a7@debian.org>
References: <162920086060.82827.18262014220382089006.reportbug@zbuz.infomaniak.ch> <6e50a414-dd8c-8065-83b8-dd03fcdba1a7@debian.org> <162920086060.82827.18262014220382089006.reportbug@zbuz.infomaniak.ch>

On Mon, 2021-10-04 at 14:59 +0200, Thomas Goirand wrote:
> Hi,
> 
> Thanks for your reply.
> 
> I have uploaded keystone/18.0.0-3+deb11u2 to Bullseye. You can flag
> it for acceptance.
> 

It's very kind of you to give us permission. ;-)

> For Buster, I'm having the problem that I cannot build the package
> without subunit 1.4.0-3 which is in Bullseye only (Buster has 1.3.0-
> 1).
> Would it be acceptable that I upload both subunit 1.4.0-3 and
> Keystone
> 2:14.2.0-0+deb10u2 to Buster? Please let me know your thoughts.

We'd have to see the relevant diffs, really. In any case, to avoid
potentially confusing issues, please open a new bug(s) for any proposed
update(s) to buster, rather than re-using this one.

Regards,

Adam

Reply to:

Prev by Date: Bug#999673: bullseye-pu: package lldpd/1.0.11-1
Next by Date: Bug#992331: keystone 18.0.0-3+deb11u1 flagged for acceptance
Previous by thread: Bug#1000811: bullseye-pu: package debian-edu-doc/2.11.26+deb11u1
Next by thread: Bug#992331: keystone 18.0.0-3+deb11u1 flagged for acceptance
Index(es):
- Date
- Thread