Bug#1124621: marked as done (bookworm-pu: package debian-security-support/1:12+2026.01.04)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Sat, 10 Jan 2026 11:59:45 +0000
with message-id <E1veXdB-00000004SHx-2ptG@coccia.debian.org>
and subject line Released with 12.13
has caused the Debian Bug report #1124621,
regarding bookworm-pu: package debian-security-support/1:12+2026.01.04
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1124621: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1124621
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: bookworm-pu: package debian-security-support/1:12+2026.01.04
• From: Holger Levsen <holger@debian.org>
• Date: Sun, 4 Jan 2026 13:40:33 +0100
• Message-id: <[🔎] aVpfwR4HJ01A9JVP@layer-acht.org>

Package: release.debian.org
Severity: normal
Tags: security
X-Debbugs-Cc: debian-security-support@packages.debian.org, Debian Security Team <team@security.debian.org>
Control: affects -1 + src:debian-security-support
User: release.debian.org@packages.debian.org
Usertags: pu

[ Reason ]
To inform the users about the following changes:

debian-security-support (1:12+2026.01.04) bookworm; urgency=medium

  [ Holger Levsen ]
  * Mark zabbix as limited support, thanks to Moritz Muehlenhoff.
    Closes: #1124558.
  * Mark hdf5 as limited supported, thanks to Jochen Sprickerhof.
    Closes: #1117607.
  * Mark dnsdist, pdns, pdns-recursor as EOL. Thanks to Bastien Roucariès.
    Closes: #1119290.
  * Add libsoup2.4 and libsoup3 to limited support. Thanks to Simon McVittie.
    Closes: #1109118.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Other info ]
(Anything else the release team should know.)

Thank you for your work on bookworm!


-- 
cheers,
	Holger

 ⢀⣴⠾⠻⢶⣦⠀
 ⣾⠁⢠⠒⠀⣿⡁  holger@(debian|reproducible-builds|layer-acht).org
 ⢿⡄⠘⠷⠚⠋⠀  OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
 ⠈⠳⣄

Everything so stupid but I have faith it can get stupider.

diff -Nru debian-security-support-12+2025.06.20/debian/changelog debian-security-support-12+2026.01.04/debian/changelog
--- debian-security-support-12+2025.06.20/debian/changelog	2025-06-20 22:58:38.000000000 +0200
+++ debian-security-support-12+2026.01.04/debian/changelog	2026-01-04 13:20:51.000000000 +0100
@@ -1,3 +1,17 @@
+debian-security-support (1:12+2026.01.04) bookworm; urgency=medium
+
+  [ Holger Levsen ]
+  * Mark zabbix as limited support, thanks to Moritz Muehlenhoff.
+    Closes: #1124558.
+  * Mark hdf5 as limited supported, thanks to Jochen Sprickerhof.
+    Closes: #1117607.
+  * Mark dnsdist, pdns, pdns-recursor as EOL. Thanks to Bastien Roucariès.
+    Closes: #1119290.
+  * Add libsoup2.4 and libsoup3 to limited support. Thanks to Simon McVittie.
+    Closes: #1109118.
+
+ -- Holger Levsen <holger@debian.org>  Sun, 04 Jan 2026 13:20:51 +0100
+
 debian-security-support (1:12+2025.06.20) bookworm; urgency=medium
 
   * Query source:Package instead of Source to get the list of packages
diff -Nru debian-security-support-12+2025.06.20/security-support-ended.deb12 debian-security-support-12+2026.01.04/security-support-ended.deb12
--- debian-security-support-12+2025.06.20/security-support-ended.deb12	2025-06-20 22:54:47.000000000 +0200
+++ debian-security-support-12+2026.01.04/security-support-ended.deb12	2026-01-04 13:20:28.000000000 +0100
@@ -15,3 +15,6 @@
 libnet-easytcp-perl	0.26-6		2025-01-18	https://bugs.debian.org/1093386; unmaintained upstream
 php-horde.*	0			2025-03-22	https://lists.debian.org/debian-lts/2025/03/msg00012.html; incompatible with PHP8
 ckeditor3	3.6.6.1+dfsg-7		2025-04-04	Only present as a build dependency for virtuoso-opensource, no updates will be issued
+dnsdist         1.7.3-2                 2025-10-01      No security support upstream and backports not feasible, only for use on private and trusted network
+pdns            4.7.3-2                 2025-10-01      No security support upstream and backports not feasible, only for use on private and trusted network
+pdns-recursor   4.8.8-1+deb12u1         2025-10-01      No security support upstream and backports not feasible, only for use on private and trusted network
diff -Nru debian-security-support-12+2025.06.20/security-support-limited debian-security-support-12+2026.01.04/security-support-limited
--- debian-security-support-12+2025.06.20/security-support-limited	2025-06-20 22:54:47.000000000 +0200
+++ debian-security-support-12+2026.01.04/security-support-limited	2026-01-04 13:20:51.000000000 +0100
@@ -14,9 +14,12 @@
 golang.*        See https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#golang-static-linking
 gobgp           See https://www.debian.org/releases/bookworm/amd64/release-notes/ch-information.en.html#golang-static-linking
 gnupg1          See #982258 and https://www.debian.org/releases/stretch/amd64/release-notes/ch-whats-new.en.html#modern-gnupg
+hdf5            limited  Not covered by security support, only suitable for trusted content, see #1117722
 jython          Includes python2.7 stdlib, support limited until Py3 port, see #975058 and https://lists.debian.org/debian-lts/2024/08/msg00027.html
 kde4libs        khtml has no security support upstream, only for use on trusted content
 khtml           khtml has no security support upstream, only for use on trusted content, see #1004293
+libsoup2.4      Only supported as a client, not as a server: see https://gitlab.gnome.org/GNOME/libsoup/-/commit/2a9d8ecc45bb814f6a81b1241e6c0c55d632aa28
+libsoup3        Only supported as a client, not as a server: see https://gitlab.gnome.org/GNOME/libsoup/-/commit/2a9d8ecc45bb814f6a81b1241e6c0c55d632aa28
 libspring-java  See README.Debian.security included in the package
 mozjs102        Not covered by security support, only suitable for trusted content, see package description
 mozjs78         Not covered by security support, only suitable for trusted content, see #959804
@@ -30,4 +33,5 @@
 sql-ledger      Only supported behind an authenticated HTTP zone
 tiles           Only supported for building packages, #1057343
 vte             Not covered by security support, only used by debian-installer, #1082885
+zabbix          The WEB UI is only supported for access by trusted users, no security updates issued for it, #1124558
 zoneminder      See README.Debian.security, only supported behind an authenticated HTTP zone, #922724

Attachment: signature.asc
Description: PGP signature

--- End Message ---

--- Begin Message ---

• To: 1124621-done@bugs.debian.org
• Subject: Released with 12.13
• From: Jonathan Wiltshire <jmw@coccia.debian.org>
• Date: Sat, 10 Jan 2026 11:59:45 +0000
• Message-id: <E1veXdB-00000004SHx-2ptG@coccia.debian.org>

Package: release.debian.org\nVersion: 12.13\n\nThis update has been released as part of Debian 12.13.

--- End Message ---