Bug#1068798: bookworm-pu: package fdroidserver/2.2.1-1

To: Jochen Sprickerhof <jspricke@debian.org>, 1068798@bugs.debian.org
Subject: Bug#1068798: bookworm-pu: package fdroidserver/2.2.1-1
From: Jonathan Wiltshire <jmw@debian.org>
Date: Sun, 22 Jun 2025 14:41:47 +0100
Message-id: <[🔎] aFgIG5UFca_j4Q0d@powdarrmonkey.net>
Reply-to: Jonathan Wiltshire <jmw@debian.org>, 1068798@bugs.debian.org
In-reply-to: <171282817202.19608.79851754559500317.reportbug@fenchel>
References: <171282817202.19608.79851754559500317.reportbug@fenchel> <171282817202.19608.79851754559500317.reportbug@fenchel>

Hi,

On Thu, Apr 11, 2024 at 11:36:12AM +0200, Jochen Sprickerhof wrote:
> [ Reason ]
> There was a security problem reported against fdroidserver:
> 
> https://www.openwall.com/lists/oss-security/2024/04/08/8
> 
> [ Impact ]
> Stable users of fdroidserver running their own repo could be tricked
> into providing wrongly signed files.

Is this issue fixed in unstable yet?

Thanks,

-- 
Jonathan Wiltshire                                      jmw@debian.org
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Reply to:

Prev by Date: Bug#1108175: marked as done (unblock: pci.ids/0.0~2025.06.09-1)
Next by Date: Processed: closing 1073193
Previous by thread: Bug#1108175: unblock: pci.ids/0.0~2025.06.09-1
Next by thread: Processed: closing 1073193
Index(es):
- Date
- Thread