Your message dated Thu, 08 May 2025 20:32:09 +0000
with message-id <e1ud7ub-004s3g...@fasolo.debian.org>
and subject line Bug#1070069: fixed in fossil 1:2.21-1+deb12u1
has caused the Debian Bug report #1070069,
regarding fossil: CVE-2024-24795 unreleated breakage
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1070069: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070069
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: fossil
Severity: serious
Justification: break unreleated package
affects: apache2
Dear Maintainer,
CVE-2024-24795 is fixed in apache2. However it break fossil
You need to apply https://fossil-scm.org/home/info/f4ffefe708793b03
See bug here:
https://bz.apache.org/bugzilla/show_bug.cgi?id=68905
I can help here and do proposed update
We also need to use breaks relationship in apache2, in order to allow smooth
upgrade
Bastien
signature.asc
Description: This is a digitally signed message part.
--- End Message ---
--- Begin Message ---
Source: fossil
Source-Version: 1:2.21-1+deb12u1
Done: Sylvain Beucler <b...@debian.org>
We believe that the bug you reported is fixed in the latest version of
fossil, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1070...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sylvain Beucler <b...@debian.org> (supplier of updated fossil package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 04 May 2025 11:12:18 +0200
Source: fossil
Architecture: source
Version: 1:2.21-1+deb12u1
Distribution: bookworm
Urgency: medium
Maintainer: Barak A. Pearlmutter <b...@debian.org>
Changed-By: Sylvain Beucler <b...@debian.org>
Closes: 1070069
Changes:
fossil (1:2.21-1+deb12u1) bookworm; urgency=medium
.
* Non-maintainer upload by the LTS Security Team.
* Fix issue in the fossil HTTP client, related to the fix for
CVE-2024-24795/apache2, preventing it from cloning from a fixed
Apache2 server (which now strips the Content-Length response header
issued by the fossil CGI server). (Closes: #1070069)
Checksums-Sha1:
74b9317874ca1d41b95fb11146fbfcd209a1a1f3 1910 fossil_2.21-1+deb12u1.dsc
a4aea243a6f69f0521f11881539805ddb6bd05f6 15724
fossil_2.21-1+deb12u1.debian.tar.xz
9650ed327cd386261903ce4daf1042cf050ee166 6571
fossil_2.21-1+deb12u1_source.buildinfo
Checksums-Sha256:
ef4992e85238929bc07b71a9e3028d828cd49a7ecfd7f1093f907902c1ebee11 1910
fossil_2.21-1+deb12u1.dsc
34e1f5a837bc63b3989e3402ad73704e5cf986d2508d784e13725df7cf488965 15724
fossil_2.21-1+deb12u1.debian.tar.xz
236841f0525c17833630c37e327f002b469b90a034713b16c310339a0f028495 6571
fossil_2.21-1+deb12u1_source.buildinfo
Files:
3b0df7e2f5309f476c57cc9ec0d725fc 1910 vcs optional fossil_2.21-1+deb12u1.dsc
bcb42ab8e0189ab92bfe8a3b5d662510 15724 vcs optional
fossil_2.21-1+deb12u1.debian.tar.xz
e357ecabf20cac24c2d2dab5aa79faee 6571 vcs optional
fossil_2.21-1+deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmgbmn4ACgkQDTl9HeUl
XjAfbg/8CLQHloIX554YVXeHZ2HnAqJXykcZC/Z9dVPkmL2h1rGSSLmiKNuJcYMt
LaNYsSUYONTUZ2GF/Wwa84kgOhovlOqi+ulltXmkKOU45fUCJEhjAwwXTWCvn1HJ
EukM7y4PGZq3rHW0uuYWloMRghTLqNOr37ISyPHKXwpg6VBDA2bjaD2wnB2oTuL5
bak3b2zNoVAa9Yy9TUl/Io64Pc8Sh1wpbxzll96Sc2xEGK6XRGcHrBibXoxReuEi
SK/qOUfr3cGR8zSTQC7mhVt3idnE1lw2aT9J4HYubLB6CZAIq9OQEQ8fVkObaWqH
v8YDoDUq8sNKgQHJTrPIk0Ihpy0aVEf/yKN4by0ugKKQu7JqHiUUGKnxQQPSkEZ9
0ncHyrsf23f1RsQmdoqe6y44sJ2HKHSv0/gBM9/s1YN/5RkH8RklSCnNOHoAACbP
3NPoXdrdDk9YlrrZAB4vGzk6/gE3ihYKUMxTTnpRWu/Ggo1pkwyNUFUXpIM9cJEm
AqvxPBqtR8sz+UDSLL42t1ItI3Fd8ISRYhff6t0Q4qa9s3Q0JszhhOPBybCgJNUu
B2b12Bbnrp/vRVxU0e1a71d5HhfMftcH1nLzKGCIRMbIxth5YWpe9Y8FPUctd+ts
+9Ord70bMAArBVe3xx7cj39rSw8LZ/Edxu+z5n664DY4zE5/00I=
=6URW
-----END PGP SIGNATURE-----
pgp7c70BQ6S4M.pgp
Description: PGP signature
--- End Message ---
