Bug#1070478: bookworm-pu: package tryton-server/tryton-server_6.0.29-2+deb12u2

To: Mathias Behrle <mbehrle@debian.org>, 1070478@bugs.debian.org
Subject: Bug#1070478: bookworm-pu: package tryton-server/tryton-server_6.0.29-2+deb12u2
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 15 Jun 2024 16:16:32 +0100
Message-id: <[🔎] 490bcefeb761a8fd917166383aa8ec33419c8c26.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1070478@bugs.debian.org
In-reply-to: <20240506103502.1ed277de@monsterix.mbehrle.de>
References: <20240506103502.1ed277de@monsterix.mbehrle.de> <20240506103502.1ed277de@monsterix.mbehrle.de>

Control: tags -1 + confirmed

On Mon, 2024-05-06 at 10:35 +0200, Mathias Behrle wrote:
> Backport the patch to fix the vulnerabilty to zip bomb
> attacks via decoded gzip content from unauthenticated users.
> https://discuss.tryton.org/t/security-release-for-issue-13142/7196

Please go ahead.

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#1070478: bookworm-pu: package tryton-server/tryton-server_6.0.29-2+deb12u2
  - From: Mathias Behrle <mbehrle@debian.org>

Prev by Date: Processed: Re: Bug#1070466: bookworm-pu: package dm-writeboost/2.2.17-0.2~deb12u1
Next by Date: Processed: Re: Bug#1070478: bookworm-pu: package tryton-server/tryton-server_6.0.29-2+deb12u2
Previous by thread: Bug#1070478: bookworm-pu: package tryton-server/tryton-server_6.0.29-2+deb12u2
Next by thread: Processed: Re: Bug#1070478: bookworm-pu: package tryton-server/tryton-server_6.0.29-2+deb12u2
Index(es):
- Date
- Thread