Bug#1113761: trixie-pu: package python-eventlet/0.39.1-2 CVE-2025-58068

[Thomas Goirand <zigo@debian.org>]

On 9/2/25 11:56 AM, Emilio Pozuelo Monfort wrote:
> On 02/09/2025 10:50, Thomas Goirand wrote:
> > Package: release.debian.org
> > Severity: normal
> > Tags: trixie
> > X-Debbugs-Cc: python-eventlet@packages.debian.org
> > Control: affects -1 + src:python-eventlet
> > User: release.debian.org@packages.debian.org
> > Usertags: pu
> >
> > Hi,
> >
> > [ Reason ]
> > I'd like to fix:
> > https://bugs.debian.org/1112515
>
> The change in sid, which seems to be mostly the CVE fix, is causing 
> regressions in autopkgtest:
>
> https://tracker.debian.org/pkg/python-eventlet
>
> It'd be good to clarify if those regressions are caused by the CVE fix 
> or if those are not regressions but unreliable autopkgtest, or something 
> else.
>
> Cheers,
> Emilio

Hi,

As you can now see, the autopkgtest passed after a retry.

Is it ok to upload to Trixie p-u now? I will also prepare an update for 
Bookworm. FYI, the package is already updated in bullseye-security 
(thanks to the LTS team).

Cheers,

Thomas Goirand (zigo)