Your message dated Sat, 26 Apr 2025 11:04:39 +0200
with message-id <fd602d99-609d-4bb2-84e6-1224b58d7...@debian.org>
and subject line Re: Bug#1103997: unblock: epiphany-browser/48.2-1
has caused the Debian Bug report #1103997,
regarding unblock: epiphany-browser/48.2-1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1103997: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103997
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Control: affects -1 + src:epiphany-browser
X-Debbugs-Cc: epiphany-brow...@packages.debian.org
User: release.debian....@packages.debian.org
Usertags: unblock
Please allow epiphany-browser 48.2-1 to migrate faster than 10 days.
[ Reason ]
This package update includes regular bug fixes for the stable 48.x series.
It also includes the epiphany-brower part of the security fix for
https://security-tracker.debian.org/tracker/CVE-2025-3839
https://gitlab.gnome.org/GNOME/epiphany/-/blob/48.1/NEWS
https://gitlab.gnome.org/GNOME/epiphany/-/compare/48.0...48.1
[ Impact ]
The security update adds hardening to mitigate the impact of the
recent vulnerability in the 'yelp' package
https://blogs.gnome.org/mcatanzaro/2025/04/15/dangerous-arbitrary-file-read-vulnerability-in-yelp-cve-2025-3155/
[ Tests ]
I manually tested epiphany-browser and verified that epiphany-browser
now prompts what app to open a specific mimetype.
My manual testing is part of why this is an unblock request for 48.2
instead of 48.1 (although I was not the only person to report the
regression in 48.1).
[ Risks ]
Not a key package, but is recommended by phosh-core and is part of
task-junior-desktop-blend
[ Checklist ]
[X] all changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[N/A] attach debdiff against the package in testing
Thank you,
Jeremy Bícha
--- End Message ---
--- Begin Message ---
Hi,
On 23-04-2025 21:03, Jeremy Bícha wrote:
It also includes the epiphany-brower part of the security fix for
https://security-tracker.debian.org/tracker/CVE-2025-3839
urgent epiphany-browser/48.2-1
Paul
OpenPGP_signature.asc
Description: OpenPGP digital signature
--- End Message ---
