Your message dated Thu, 16 Jan 2025 00:19:20 +0000
with message-id <e1tydbu-00b26p...@fasolo.debian.org>
and subject line Bug#1000053: fixed in courier 1.3.13-1
has caused the Debian Bug report #1000053,
regarding courier: depends on obsolete pcre3 library
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1000053: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1000053
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: courier
Severity: important
User: matthew-pcre...@debian.org
Usertags: obsolete-pcre3
Dear maintainer,
Your package still depends on the old, obsolete PCRE3[0] libraries
(i.e. libpcre3-dev). This has been end of life for a while now, and
upstream do not intend to fix any further bugs in it. Accordingly, I
would like to remove the pcre3 libraries from Debian, preferably in
time for the release of Bookworm.
The newer PCRE2 library was first released in 2015, and has been in
Debian since stretch. Upstream's documentation for PCRE2 is available
here: https://pcre.org/current/doc/html/
Many large projects that use PCRE have made the switch now (e.g. git,
php); it does involve some work, but we are now at the stage where
PCRE3 should not be used, particularly if it might ever be exposed to
untrusted input.
This mass bug filing was discussed on debian-devel@ in
https://lists.debian.org/debian-devel/2021/11/msg00176.html
Regards,
Matthew [0] Historical reasons mean that old PCRE is packaged as
pcre3 in Debian
--- End Message ---
--- Begin Message ---
Source: courier
Source-Version: 1.3.13-1
Done: Soren Stoutner <so...@debian.org>
We believe that the bug you reported is fixed in the latest version of
courier, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1000...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Soren Stoutner <so...@debian.org> (supplier of updated courier package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 15 Jan 2025 15:51:16 -0700
Source: courier
Architecture: source
Version: 1.3.13-1
Distribution: unstable
Urgency: medium
Maintainer: Soren Stoutner <so...@debian.org>
Changed-By: Soren Stoutner <so...@debian.org>
Closes: 978755 989375 1000053 1069307 1086096
Changes:
courier (1.3.13-1) unstable; urgency=medium
.
* New upstream release (Closes: #1069307).
* Fixes CVE-2021-38084 (fixed upstream in 1.1.5, Closes: #989375).
* Set myself to be the maintainer (Closes: #978755).
* Add debian/gbp.conf to enforce pristine-tar and sign-tags.
* Add debian/README.Source to document CRLF issues.
* Add debian/salsa-ci.yml with default contents.
* Remove the following patches (applied upstream)
- 0004-Remove-Google-Ads-from-documentation.patch
- 0024-Dynamically-resolver-mailuid-and-mailgid-on-runtime-.patch
* debian/control:
- Update build-depend from libgcrypt-dev to libgcrypt20-dev.
- Update build-depend from libidn11-dev to libidn-dev (Closes: #1086096).
- Update build-depend from libpcre3-dev to libpcre2-dev (which is newer
even
though the name would indicate otherwise, Closes: #1000053).
- Remove obsolete depends on lsb-base.
- Bump standard version to 4.7.0 (no changes needed).
* debian/copyright: Update and refactor for readability.
* debian/courier-base.install: Install
usr/share/man/man1/maildirwatch.courier.1.
* debian/courier-webadmin.install: Install
etc/courier/webadmin/restartauthcmd.
* debian/patches: Refresh patches.
* debian/rules: Fix the extraction of subproject versions.
* debian/upstream/signing-key.asc: Update to match current upstream signing
key.
Checksums-Sha1:
a98c5c024711f11106fac6b70591fc17f0f3c6af 3164 courier_1.3.13-1.dsc
0cb17b4a27d5f6fb3f79808ac39d34364f679702 7903044 courier_1.3.13.orig.tar.bz2
ee75a88849ac9d7011d988864ba989f3dcb65a30 260 courier_1.3.13.orig.tar.bz2.asc
f0910b525a0f938816e5e4314d12a30870de462b 106636 courier_1.3.13-1.debian.tar.xz
5dacedb73d95e36ee0afd751b7fba11234f9f6ce 15990 courier_1.3.13-1_amd64.buildinfo
Checksums-Sha256:
583f47acdd94f8722e51fccfb9500e0a34cf0568241b3e4b84f9c02277b81c7a 3164
courier_1.3.13-1.dsc
6fe069ef5f9e14e1c96065384de7f0033812a170d76a2c6731d96c1f627793d4 7903044
courier_1.3.13.orig.tar.bz2
3ef5ab3acb7f3269687be7247d1b00c3ed089da972947711060204ace2c44c24 260
courier_1.3.13.orig.tar.bz2.asc
9f450429c33fdfe654badf7ae2db4b2374aa067d4944355d8a8a033bfc311f9a 106636
courier_1.3.13-1.debian.tar.xz
0103f52ac5a4de2831d103dc04543b9dc017a057cac8599174877f0dc3deb8d0 15990
courier_1.3.13-1_amd64.buildinfo
Files:
a365fcff17d159cea703ef7a4cf6d11f 3164 mail optional courier_1.3.13-1.dsc
59689b027624008149a91b0876e9a991 7903044 mail optional
courier_1.3.13.orig.tar.bz2
0c206fe6c9b01df0460b0722aa6b9688 260 mail optional
courier_1.3.13.orig.tar.bz2.asc
bff44cbc0317ab0bb4e5c6acc801c471 106636 mail optional
courier_1.3.13-1.debian.tar.xz
5cddf93fb36803dd0efae936561ed0b3 15990 mail optional
courier_1.3.13-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEJKVN2yNUZnlcqOI+wufLJ66wtgMFAmeIS+wACgkQwufLJ66w
tgOLcw/+LA1TaTdqKwmAxWG5VCooqEq5f1hYkEo6djZ9lJfx9MAwm60wUSxCDwJD
e+NCH2tfqKRgGeJgebL0Pn+OSWV+GI8nhd+Mn8c8UlgCRySvUQWSGvhI/PBoai8S
2jYuFVNeZGZuEGSL37Z/58JJ0csScRs03g2kB2ZyE2RS1Iw4ytkyomIEgyCZysQs
AW4xcQWZ2KtyTlTeGkpS8FkV5n+3XBDdR67b/jfsjFKuxhMzXf/f7icaraCenzJy
XPOB79f8kS2FY2knK4vXP3QlOk6tWLqCVTxXry6RBilXdP5lk49IuNPRm+LUDQ1Q
zrJi3bvN9z+ZwvCnT0zWv+W518HtVVoTWiRnygB9ixQlPR0V9F4h4WxGcTaCxx+v
yQe8zTSeC+MyiZfCgr1SwiOjDjrkrX7J4loi/UKh0BMosBZSZVQzPUg7t6TqGyzn
gzSmk+qWPt5ockHRp8aIzvsCleVBgJRTkAescB1JXWqNBkMM49J6XmZH9SxgOgNq
msQSOxlRtJpLQ7aem+dq5Bb5eYbFADMDZ+VLIEJVHCb2BP/wL32Ti7LV2I8/B9jz
r+HYdRAKjjTSrUTxMLfq/sWp/3JjWsOBg/z11NfaiLoE/18ISNidCZH6mkUngYmn
5K+ScFJC88i7Lz0r4/oRBeeX4s2M5MJZcOvaZjEXJ9U1dFnwkcU=
=Oxwt
-----END PGP SIGNATURE-----
pgpJaCMtA1vOB.pgp
Description: PGP signature
--- End Message ---
