Bug#1051466: bookworm-pu: package ovn/23.03.1-1~deb12u1
On Thu, 28 Sept 2023 at 21:13, Adam D. Barratt <adam@adam-barratt.org.uk> wrote:
>
> On Tue, 2023-09-19 at 08:59 +0100, Luca Boccassi wrote:
> > On Tue, 19 Sept 2023 at 08:21, Salvatore Bonaccorso <
> > carnil@debian.org> wrote:
> [...]
> > > Two obervations: Can you please close #1043598 in the
> > > debian/changelog as well as the update addresses CVE-2023-3153.
> [...]
> > Changelog mentions CVE and bug:
> >
> > ovn (23.03.1-1~deb12u1) bookworm; urgency=medium
> >
> > * Team upload.
> > * Update upstream source from tag 'upstream/23.03.1'
> > - Add CoPP for the svc_monitor_mac. This addresses CVE-2023-3153.
> > (Closes: #1043598)
> > * d/p/*vif-plug-representor*: Lower severity of failure to set udev
> > receive buffer size (LP: #2034700).
> >
>
> In fact, the debdiff that was attached to the request does not contain
> that bug closure:
>
> + * Team upload.
> + * Update upstream source from tag 'upstream/23.03.1'
> + - Add CoPP for the svc_monitor_mac. This addresses CVE-2023-3153.
> + * d/p/*vif-plug-representor*: Lower severity of failure to set udev
> + receive buffer size (LP: #2034700).
>
> Is it not the correct debdiff?
Yes it was the old one, I just downloaded it from the original mail,
forgetting that we made that change later. New one:
https://pastebin.ubuntu.com/p/5TV6fWFYtx/
Reply to: