* Mathias Behrle: " Bug#1070484: bookworm-pu: package tryton-client/tryton-client_6.0.26-1+deb12u1" (Mon, 6 May 2024 11:19:28 +0200):
> Package: release.debian.org > Severity: normal > Tags: bookworm > X-Debbugs-Cc: tryton-cli...@packages.debian.org > Control: affects -1 + src:tryton-client > User: release.debian....@packages.debian.org > Usertags: pu > > [ Reason ] > Backport the patch to send only compressed content from > authenticated sessions. > https://foss.heptapod.net/tryton/tryton/-/commit/96ccd17bd4db4be46bb42eb4217ba5c7dcb7de82 > > The security release > https://discuss.tryton.org/t/security-release-for-issue-13142/7196 > and filed for Debian as 1070...@bugs.debian.org > introduced a regression for the client shown at > https://foss.heptapod.net/tryton/tryton/-/issues/13203 > > [ Impact ] > Without the patch a user could be confronted with an error in the client > connecting to a patched server. > > [ Tests ] > The test suite completes without errors. The patch is now publicly > available and in use since 2 weeks. > > [ Risks ] > The patch has minimal complexity and is from the upstream author > who is generally very knowledgable about his code. > > [ Checklist ] > [x] *all* changes are documented in the d/changelog > [x] I reviewed all changes and I approve them > [x] attach debdiff against the package in (old)stable > [x] the issue is verified as fixed in unstable > > [ Changes ] > The upstream commit was added as a patch that allows gzip > compressed content only for authenticated users. > > [ Other info ] > This patch follows 1070...@bugs.debian.org. Friendly ping like for 1070...@bugs.debian.org: " I see that requests for bookworm-pu of other packages were accepted in the meantime. If there is something missing or wrong with this request please let me know. " Thanks, Mathias -- Mathias Behrle PGP/GnuPG key availabable from any keyserver, ID: 0xD6D09BE48405BBF6 AC29 7E5C 46B9 D0B6 1C71 7681 D6D0 9BE4 8405 BBF6
