[Git][security-tracker-team/security-tracker][master] Claim xrdp

Dominik George (@natureshadow) natureshadow at debian.org
Mon Mar 27 11:59:32 BST 2023



Dominik George pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7816c862 by Dominik George at 2023-03-27T12:59:06+02:00
Claim xrdp

- - - - -


9 changed files:

- − bin/gen-DLA
- + bin/gen-DLA
- − bin/rejected-with-info
- + bin/rejected-with-info
- data/dla-needed.txt
- − doc/soriano.txt
- + doc/soriano.txt
- − packages/openjdk-7.txt
- + packages/openjdk-7.txt


Changes:

=====================================
bin/gen-DLA deleted
=====================================
@@ -1 +0,0 @@
-gen-DSA
\ No newline at end of file


=====================================
bin/gen-DLA
=====================================
@@ -0,0 +1,441 @@
+#!/bin/sh
+
+####################
+#    Copyright (C) 2011, 2012, 2013, 2014 by Raphael Geissert <geissert at debian.org>
+#
+#
+#    This file is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This file is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this file.  If not, see <https://www.gnu.org/licenses/>.
+####################
+
+set -e
+
+IDMODE=DSA
+case "$(basename "$0")" in
+    *gen-*)
+	IDMODE=${0#*gen-}
+    ;;
+esac
+
+if ! command -v jq >/dev/null ; then
+    echo "error: jq is needed to parse distributions, please install it"
+    exit 1
+fi
+
+RELEASES=`jq -r '.distributions | to_entries[] | select(.value.release) | .value.release | ascii_upcase' data/config.json`
+CODENAMES=`jq -r '.distributions | to_entries[] | select(.value.release) | .key' data/config.json`
+
+while read dist; do
+    read codename
+    eval $dist=$codename
+done << EOF
+`jq -r '.distributions | to_entries[] | select(.value.release) | (.value.release | ascii_upcase), .key' data/config.json`
+EOF
+
+NAME_SPACING=24
+DATE_SPACING=22
+
+export LC_ALL=C
+
+[ -f doc/$IDMODE.template ] || {
+    echo "error: call this script from the root of the repository" >&2
+    exit 1
+}
+
+[ $# -ge 1 ] || {
+    echo "usage: $0 [--save] [--embargoed|--unembargo] [$IDMODE] package[.changes] [regression] [cve(s) [bugnumber(s)]] "
+    echo "       '$IDMODE' is the $IDMODE number, required when issuing a revision"
+    echo "       'cve(s)' and 'bugnumber(s)' can be passed in any order but"
+    echo "         always AFTER the description"
+    echo ""
+    echo "       When specifying package.changes the package name, version, additional bug(s) and cve(s)"
+    echo "       are parsed from the .changes file."
+    echo ""
+    echo "       If it doesn't like your bug number, prefix it with # and report"
+    exit 1
+} >&2
+
+save=false
+if [ "$1" = "--save" ]; then
+    save=true
+    shift
+fi
+
+embargoed=false
+if [ "$1" = "--embargoed" ]; then
+    embargoed=true
+    shift
+fi
+
+unembargo=false
+if [ "$1" = "--unembargo" ]; then
+    unembargo=true
+    shift
+    set -- "$1"
+fi
+
+toupper() {
+    printf '%s' "$1" | tr '[:lower:]' '[:upper:]'
+}
+
+tolower() {
+    printf '%s' "$1" | tr '[:upper:]' '[:lower:]'
+}
+
+split_n_sort() {
+    printf '%s' "$1" | sed -r 's/[ ,;]+/ /g;s/^ //' | tr ' ' "\n" | sort -u |
+    sort ${2:--n} | tr "\n" ' ' | sed -r 's/\s+/ /g;s/\s$//'
+}
+
+_d_space() {
+    local direction="$1" text="$2" to_length="$3"
+    local right='' left='' output='' spacing=0
+
+    if [ "$direction" = 'right' ]; then
+	right=' '
+    elif [ "$direction" = 'left' ]; then
+	left=' '
+    else
+	echo FIXME >&2
+	exit 1
+    fi
+
+    spacing=$(($to_length-${#text}))
+    output="$text"
+    while [ $spacing -gt 0 ]; do
+	output="${left}${output}${right}"
+	spacing=$((spacing-1))
+    done
+    printf '%s' "$output"
+}
+
+left_space() {
+    _d_space left "$@"
+}
+
+right_space() {
+    _d_space right "$@"
+}
+
+warn() {
+    printf "${YELLOW}warning:${NORMAL} %s\n" "$1"
+}
+
+notice() {
+    printf "${MAGENTA}notice:${NORMAL} %s\n" "$1"
+}
+
+error() {
+    printf "${RED}error:${NORMAL} %s\n" "$1"
+}
+
+setvar() {
+    local var="$1" value="$2"
+
+    if [ -z "$value" ]; then
+	value="$(eval 'printf "%s" "$'"$var"'"')"
+    fi
+
+    sed -i "s=\$$var=$value=g" "$tmpf"
+}
+
+if command -v tput >/dev/null; then
+    RED=$(tput setaf 1)
+    YELLOW=$(tput setaf 3)
+    MAGENTA=$(tput setaf 5)
+    NORMAL=$(tput op)
+else
+    RED=''
+    YELLOW=''
+    MAGENTA=''
+    NORMAL=''
+fi
+
+DAID=
+if printf '%s' "$1" | grep -Eq '^('"$IDMODE"'-|)[0-9]+(-[0-9]+|)$'; then
+    DAID="${1#$IDMODE-}"
+    shift
+fi
+
+PACKAGE=
+CHANGES=
+
+if echo "$1" | grep -q '_.*\.changes$'; then
+    CHANGES="$1"
+    PACKAGE=$(awk '/^Source: / {print $2}' $CHANGES)
+else
+    PACKAGE="$(tolower "$1")"
+fi
+
+shift
+
+TYPE=security
+if [ regression = "$1" ]; then
+    TYPE=regression
+    shift
+fi
+
+CVE=
+BUGNUM=
+REFERENCES=0
+TEXT=
+
+while [ $# -gt 0 ]; do
+    case "$1" in
+	[cC][vV][eE]-*)
+	    CVE="$CVE $(toupper "$1")"
+	;;
+	[0-9][0-9][0-9][0-9][0-9][0-9][0-9]|[#][0-9]*)
+	    BUGNUM="$BUGNUM ${1#\#}"
+	;;
+	*)
+	    error "Don't know what to do with '$1' argument" >&2
+	    exit 1
+	;;
+    esac
+    shift
+done
+
+if ! [ -z "$CHANGES" ]; then
+    # parse info from .changes file
+    # Version can occur in GPG signature, thus we exit on first occurence
+    version="$(awk '/^Version: / {print $2; exit 0}' $CHANGES)"
+    dist="$(awk '/^Distribution: / {print $2}' $CHANGES | sed 's/-.*//')"
+    export ${dist}_VERSION="$version"
+
+    for bug in $(awk '/^Closes: / {sub(".*"$2,$2); print $0}' $CHANGES); do
+        BUGNUM="$BUGNUM ${bug#\#}"
+    done
+    for cve in $(awk 'BEGIN {RS="[ ().,:;\n\\[\\]]" } /^CVE-[0-9]+-[0-9]+$/ {print $1}' $CHANGES); do
+        CVE="$CVE $cve"
+    done
+fi
+
+BUGNUM="$(split_n_sort "$BUGNUM")"
+
+CVE="$(split_n_sort "$CVE" -V)"
+cve_spacing="$(right_space '' 17)"
+
+sed_cmd='s/((CVE-[0-9-]+[ ]+){4})/\1\\n'"$cve_spacing"'/g;P;D'
+CVE_LIST="$(printf '%s' "$CVE" | sed -r "$sed_cmd")"
+
+for id in $CVE; do
+    REFERENCES=$(($REFERENCES+1))
+    grep -wq "^$id" data/CVE/list || {
+	warn "'$id' is not known" >&2
+    }
+
+    TEXT="$TEXT\n\n$id\n\n    Description"
+done
+
+if [ $REFERENCES -eq 1 ]; then
+    TEXT=
+fi
+
+if [ -n "$TEXT" ]; then
+    TEXT="Brief introduction $TEXT"
+    
+    if ! $save; then
+	TEXT="The CVE ids will be listed here when --save'ing"
+    fi
+fi
+
+case "$DAID" in
+    *-*|'')
+	:
+    ;;
+    *)
+	notice "missing $IDMODE revision number, assuming 1" >&2
+	DAID="$DAID-1"
+    ;;
+esac
+
+daid_exists() {
+    grep -wq "$IDMODE-$1" data/$IDMODE/list
+}
+
+if $embargoed; then
+    DAID=EMBRGD-"$PACKAGE"
+fi
+
+if [ -z "$DAID" ]; then
+    if [ "$TYPE" = regression ]; then
+	latest_daid="$(sed -nr '/'"$IDMODE"'-[0-9]+-[0-9]+'" $PACKAGE "'/{s/^.+'"$IDMODE"'-[0]*([0-9-]+).*$/\1/;p;q}' data/$IDMODE/list)"
+	revision=${latest_daid#*-}
+	daid=${latest_daid%-*}
+    else
+	latest_daid="$(sed -nr '/'"$IDMODE"'-[0-9]+-1/{s/^.+'"$IDMODE"'-[0]*([0-9]+).*$/\1/;p;q}' data/$IDMODE/list)"
+	daid=$(($latest_daid+1))
+	revision=1
+    fi
+
+    c=0
+    while daid_exists "$daid-$revision"; do
+	if [ "$TYPE" = regression ]; then
+	    revision=$(($revision+1))
+	else
+	    daid=$(($daid+1))
+	fi
+	c=$(($c+1))
+	if [ $c -eq 10 ]; then
+	    error "unable to find an unused $IDMODE id after $c attempts" >&2
+	    error "to workaround specify an id as the first parameter" >&2
+	    exit 1
+	fi
+    done
+    DAID="$daid-$revision"
+fi
+
+if daid_exists "$DAID"; then
+    error "$IDMODE-$DAID has already been used" >&2
+    exit 1
+fi
+
+if $unembargo; then
+    EMBRGD_ID="EMBRGD-$PACKAGE"
+    mv "$IDMODE-${EMBRGD_ID}" $IDMODE-"$DAID"
+
+    # get the date of when the embargoed entry was generated
+    gen_date="$(sed -rn "/$IDMODE-${EMBRGD_ID}/{s/^\[(.+)\].+$/\1/;p;t}" data/$IDMODE/list)"
+
+    OLD_DATE="$(date -d "$gen_date" +"%B %d, %Y")"
+    OLD_SPACEDDATE="$(right_space "$OLD_DATE" "$DATE_SPACING")"
+
+    NEW_DATE="$(date +"%B %d, %Y")"
+    NEW_SPACEDDATE="$(right_space "$NEW_DATE" "$DATE_SPACING")"
+
+    sed -ri "/$IDMODE-${EMBRGD_ID}/{s/\[.+\]/[$(date +"%d %b %Y")]/;s/$IDMODE-${EMBRGD_ID}/$IDMODE-$DAID/;}" data/$IDMODE/list
+    sed -i "s/${EMBRGD_ID}/$DAID/g" $IDMODE-"$DAID"
+    sed -i "s/^$OLD_SPACEDDATE/$NEW_SPACEDDATE/" $IDMODE-"$DAID"
+
+    echo "'Unembargoing' as $IDMODE-$DAID"
+    exit
+fi
+
+tmpf=$(mktemp)
+cat doc/$IDMODE.template > $tmpf
+
+if [ "$TYPE" = regression ]; then
+    sed -ri '/^Subject:/s/security update$/regression update/' $tmpf
+fi
+
+if [ $REFERENCES -gt 1 ]; then
+    sed -ri 's/this problem has/these problems have/' $tmpf
+fi
+
+if [ -z "$DEBFULLNAME" ]; then
+    "error: DEBFULLNAME env variable required"
+    exit 1
+fi
+SPACEDDEBFULLNAME="$(left_space "$DEBFULLNAME" "$NAME_SPACING")"
+
+DATE="$(date +"%B %d, %Y")"
+SPACEDDATE="$(right_space "$DATE" "$DATE_SPACING")"
+
+setvar DEBEMAIL
+setvar DEBFULLNAME
+setvar SPACEDDEBFULLNAME
+setvar PACKAGE
+setvar CVE "$CVE_LIST"
+setvar ${IDMODE}ID "$DAID"
+setvar BUGNUM
+setvar SPACEDDATE
+setvar DATE
+setvar TEXT "${TEXT:-$IDMODE text goes here}"
+
+for dist in $RELEASES; do
+    setvar $dist
+done
+
+DISTS=
+
+for dist in $CODENAMES; do
+    version="$(eval 'printf "%s" "$'"$dist"_VERSION'"')"
+    if $save && [ -z "$version" ] && grep -q "${dist}_VERSION" "$tmpf"; then
+	printf "Enter $dist's version [unset]: "
+	read version
+	if [ -n "$version" ]; then
+	    eval "${dist}_VERSION='$version'"
+	fi
+    fi
+    [ -z "$version" ] || setvar "${dist}_VERSION" "$version"
+    [ -z "$version" ] || DISTS="${DISTS},${dist}"
+done
+
+DISTS="${DISTS#,}"
+
+if [ -n "${DISTS}" ]; then
+    bin/remove-cve-dist-tags "${DISTS}" "${PACKAGE}" ${CVE}
+fi
+
+if ! $save; then
+    cat $tmpf
+    echo
+    echo " ---- "
+    echo "Pass --save as the first parameter to save the text to $IDMODE-$DAID"
+    echo "(the data/$IDMODE/list entry will also be added)"
+    rm -f "$tmpf"
+    exit
+else
+    mv -i $tmpf "$IDMODE-$DAID" || { rm -f $tmpf; exit; }
+
+    needed_file=data/"$(tolower "$IDMODE")"-needed.txt
+
+    daid_entry=$(mktemp)
+    cat <<EOF > $daid_entry
+[$(date +"%d %b %Y")] $IDMODE-$DAID $PACKAGE - $TYPE update
+EOF
+
+    if [ "$CVE" ]; then
+	printf "\t{%s}\n" "$CVE" >> $daid_entry
+    fi
+
+    for dist in $CODENAMES; do
+	version="$(eval 'printf "%s" "$'"$dist"_VERSION'"')"
+	[ -z "$version" ] || \
+	    printf "\t[%s] - %s %s\n" "$dist" "$PACKAGE" "$version" >> $daid_entry
+    done
+    tmp_list="$(mktemp)"
+    cat $daid_entry data/$IDMODE/list > $tmp_list
+    cat $tmp_list > data/$IDMODE/list
+    rm -f $tmp_list
+    sed -rn '/^'"$PACKAGE"'(\/\w+)?(\s.*|$)\b/{: next;n;/^\s/b next;d};p' $needed_file > $needed_file.new
+    mv $needed_file.new $needed_file
+    echo "$IDMODE text written to ./$IDMODE-$DAID"
+    if [ "$IDMODE" = "DLA" ] || [ "$IDMODE" = "ELA" ]; then
+	idmode=$(echo "$IDMODE" | tr A-Z a-z)
+	if [ -n "${DISTS}" ]; then
+	    # in case the advisory applies to several dists, we only look for an
+	    # extra cve file in the first one
+	    DIST="`echo ${DISTS} | sed 's/,.*//'`"
+	    extracvefile=`jq -r ".distributions.${DIST}.maincvefile // empty" data/config.json`
+	fi
+	if [ -d .git ]; then
+	    echo "Made the following changes:"
+	    git diff -- data/$IDMODE/list data/CVE/list $extracvefile $needed_file
+	    if ! git diff-index --name-only HEAD -- $needed_file | grep -qs . && [ $TYPE = security ]; then
+		warn "did not make any changes to $needed_file - this may indicate duplicate work or misspelled package name"
+	    fi
+	fi
+	warn "you need to commit and push the changes to data/$IDMODE/list etc. to actually reserve the $IDMODE-$DAID number and avoid conflicts with others."
+	if [ -d .git ]; then
+	    echo -n "Do you want to commit and push them now ? [Yn] "
+	    read reply
+	    if [ "$reply" = "Y" ] || [ "$reply" = "" ] || [ "$reply" = "y" ]; then
+		git add data/$IDMODE/list data/CVE/list $extracvefile $needed_file
+		git commit -m "Reserve $IDMODE-$DAID for $PACKAGE"
+		git push origin master
+	    fi
+	fi
+    fi
+fi


=====================================
bin/rejected-with-info deleted
=====================================
@@ -1 +0,0 @@
-reserved-but-public
\ No newline at end of file


=====================================
bin/rejected-with-info
=====================================
@@ -0,0 +1,86 @@
+#!/bin/sh
+
+####################
+#    Copyright (C) 2011 by Raphael Geissert <geissert at debian.org>
+#
+#
+#    This file is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This file is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this file.  If not, see <https://www.gnu.org/licenses/>.
+####################
+
+set -eu
+
+list=data/CVE/list
+
+[ -f $list ] || {
+    echo "error: $list doesn't exist" >&2
+    exit 1
+}
+
+verbose=false
+if [ "${1:-}" = "--verbose" ]; then
+    verbose=true
+    shift
+fi
+
+regex='*'
+if [ -n "${1:-}" ]; then
+    regex="${1:-}"
+fi
+
+condition=RESERVED
+case "$(basename "$0")" in
+    reserved-*)
+	condition=RESERVED
+    ;;
+    rejected-*)
+	condition=REJECTED
+    ;;
+esac
+
+condition_seen=false
+wanted=false
+cve=
+while read line; do
+    case $line in
+	CVE-$regex)
+	    cve="$line"
+	    condition_seen=false
+	    wanted=true
+	;;
+	CVE-*)
+	    cve="$line"
+	    condition_seen=false
+	    wanted=false
+	;;
+	*$condition)
+	    condition_seen=true
+	;;
+	*)
+	    if ! $condition_seen || ! $wanted; then
+		continue
+	    fi
+	    if [ "$cve" ]; then
+		if $verbose; then
+		    printf "%s\n" "$cve"
+		else
+		    printf "%s\n" "$(printf '%s' "$cve" | cut -d\  -f1)"
+		fi
+		cve=
+	    fi
+	    if $verbose; then
+		printf "\t%s\n" "$line"
+	    fi
+	;;
+    esac
+done < "$list"


=====================================
data/dla-needed.txt
=====================================
@@ -340,7 +340,7 @@ wordpress (guilhem)
   NOTE: 20230302: Testsuite: https://lts-team.pages.debian.net/wiki/TestSuites/wordpress.html
   NOTE: 20230302: buster is 6 CVEs behind bullseye (Beuc/front-desk)
 --
-xrdp
+xrdp (Dominik George)
   NOTE: 20221225: Programming language: C.
   NOTE: 20221225: VCS: https://salsa.debian.org/lts-team/packages/xrdp.git
   NOTE: 20230117: Fixed 6 out 10 CVEs. Testing (abhijith)


=====================================
doc/soriano.txt deleted
=====================================
@@ -1 +0,0 @@
-setup.txt
\ No newline at end of file


=====================================
doc/soriano.txt
=====================================
@@ -0,0 +1,109 @@
+Tracker setup on soriano.debian.org
+===================================
+
+(This is internal documentation, in case things need to be fixed.
+It is not relevant to day-to-day editing tasks.)
+
+The code and data is organized via
+https://salsa.debian.org/security-tracker-team/
+
+Required packages for running the security-tracker are pulled in via the
+debian.org-security-tracker.debian.org . A mirror for to the packaging
+repository is at https://salsa.debian.org/dsa-team/mirror/debian.org,
+which creates the debian.org-security-tracker.debian.org binary package.
+
+Relevant files and directories
+------------------------------
+
+The tracker runs under the user ID "sectracker".  Most of its files
+are stored in the directory /srv/security-tracker.debian.org/website:
+
+  bin/cron                  invoked by cron once every minute
+  bin/cron-hourly           invoked by cron once every hour
+  bin/cron-daily            invoked by cron once every day
+  bin/read-and-touch        invoked by ~/.procmailrc
+  bin/start-daemon          invoked by cron at reboot
+
+  security-tracker          Git checkout
+  security-tracker/bin/*    main entry points, called bin bin/cron
+  security-tracker/stamps/* files which trigger processing by bin/cron
+
+~sectracker/.procmailrc invokes bin/read-and-touch to create stamp
+files, which are then picked up by bin/cron.  This is done to serialize
+change events in batches (e.g., commits originated from git).
+<sectracker at soriano.debian.org> is subscribed to these mailing lists to
+be notified of changes:
+
+  <debian-security-announce at lists.debian.org>
+  <debian-lts-announce at lists.debian.org>
+  <debian-security-tracker-commits.alioth-lists.debian.net>
+
+The crontab of the "sectracker" user is set up such that the scripts
+are invoked as specified above.
+
+~sectracker/.wgetrc contains the path to the bundle of certificate
+authorities to verify peers for the data fetched via wget:
+
+ca-certificate=/etc/ssl/ca-global/ca-certificates.crt
+
+~sectracker/.curlrc contains a similar setting:
+
+capath=/etc/ssl/ca-global
+
+Web server
+----------
+
+80/TCP is handled by Apache.  The Apache configuration is here:
+
+  /srv/security-tracker.debian.org/etc/apache.conf
+
+mod_proxy is used to forward requests to the actual server which
+listens on 127.0.0.1:25648 and is started by a user systemd unit
+/srv/security-tracker.debian.org/website/systemd/tracker_service.service
+
+The user systemd unit needs to be activated and started once at initial
+setup of the host (including requesting DSA to activate lingering for
+the sectracker user):
+
+As the sectracker running user:
+
+systemctl --user enable --now /srv/security-tracker.debian.org/website/systemd/tracker_service.service
+
+To restart the security tracker service, restart the user systemd unit.
+
+Logging
+-------
+
+Apache logs are stored in:
+
+  /var/log/apache2/security-tracker.debian.org.access.log
+  /var/log/apache2/security-tracker.debian.org.error.log
+
+The Python daemon writes logs to a separate file, too:
+
+  /srv/security-tracker.debian.org/website/log/daemon.log
+
+This also contains the exception traces.
+
+debsecan metadata
+-----------------
+
+/srv/security-tracker.debian.org/website/bin/cron contains code which
+pushes updates to secure-testing-master, using rsync.
+
+PTS interface
+-------------
+
+The PTS fetches bug counts from this URL:
+
+  https://security-tracker.debian.org/tracker/data/pts/1
+
+Code updates
+------------
+
+Updates to the Git checkout only affect the directory
+/srv/security-tracker.debian.org/website/security-tracker/data.  Code
+changes need to be applied manually by inspecting the changes done in
+the security-tracker.git.
+
+After that a service restart is needed (see above)


=====================================
packages/openjdk-7.txt deleted
=====================================
@@ -1 +0,0 @@
-openjdk-6.txt
\ No newline at end of file


=====================================
packages/openjdk-7.txt
=====================================
@@ -0,0 +1,21 @@
+Build
+-----
+
+We follow the upstream releases in oldstable and stable, i.e. the version in sid
+is recompiled. The package scripts automatically create the control and rules
+with the appropriate dependencies. 
+
+- You need to download the fixed package from unstable
+- Modify the version number to something like 6b31-1.13.3-1~deb7u1
+- Regenerate the control/rules file: (squeeze is also supported)
+  touch debian/control.in; debian/rules debian/control distrel=wheezy
+- Build with "-sa" (since each security update usually updates to a new release)
+
+Testing
+-------
+
+OpenJDK has an extensive test suite, the result should be compared with previous
+build logs.
+
+Other than that some functionality tests of Java packages in the archive or with
+openjdk-6-demos.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7816c862df2fc979aebce9f072e3cbf3d84c253c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7816c862df2fc979aebce9f072e3cbf3d84c253c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230327/2828bc61/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list