[Bug 2112062] Re: Merge raptor2 from Debian Unstable for questing

Simon Poirier Tue, 10 Jun 2025 17:40:38 -0700

** Description changed:

  Scheduled-For: ubuntu-25.06
  Ubuntu: 2.0.16-4ubuntu2
  Debian Unstable: 2.0.16-6
  
- A new release of raptor2 is available for merging from Debian Unstable.
+ A new release of raptor2 is available for sync from Debian Unstable.
  
- If it turns out this needs a sync rather than a merge, please change the
- tag 'dcr-merge' to 'dcr-sync', and (optionally) update the title as
- desired.
+ All current ubuntu patches have been adopted by debian with different
+ patch names and headers:
+ 
+ * rename debian/patches/{CVE-2024-57823.patch => 
Fix-Github-issue-70-A-Integer-Underflow-in-raptor_ur.patch}
+ * rename debian/patches/{CVE-2024-57822.patch => 
Fix-Github-issue-70-B-Heap-read-buffer-overflow-in-n.patch}
+ * rename debian/patches/{CVE-2024-5782x-tests.patch => 
Tests-for-Github-issue-70.patch}
  
  ### New Debian Changes ###
  
  raptor2 (2.0.16-6) unstable; urgency=medium
  
-   * QA upload.
-   * Integer Underflow in raptor_uri_normalize_path() (CVE-2024-57823)
-     (Closes: #1067896)
-   * Heap read buffer overflow in ntriples bnode (CVE-2024-57822)
-     (Closes: #1067896)
-   * Tests for Github issue 70
+   * QA upload.
+   * Integer Underflow in raptor_uri_normalize_path() (CVE-2024-57823)
+     (Closes: #1067896)
+   * Heap read buffer overflow in ntriples bnode (CVE-2024-57822)
+     (Closes: #1067896)
+   * Tests for Github issue 70
  
-  -- Salvatore Bonaccorso <[email protected]>  Sat, 29 Mar 2025 15:33:08
+  -- Salvatore Bonaccorso <[email protected]>  Sat, 29 Mar 2025 15:33:08
  +0100
  
  raptor2 (2.0.16-5) unstable; urgency=medium
  
-   * QA upload.
-   * Make OpenSSL the primary curl backend.
-   * Update Standards-Version to 4.7.1, no changes needed.
-   * Add upstream signing key and check the signature.
+   * QA upload.
+   * Make OpenSSL the primary curl backend.
+   * Update Standards-Version to 4.7.1, no changes needed.
+   * Add upstream signing key and check the signature.
  
-  -- Simon Quigley <[email protected]>  Sat, 22 Feb 2025 17:04:28 -0600
- 
+  -- Simon Quigley <[email protected]>  Sat, 22 Feb 2025 17:04:28 -0600
  
  ### Old Ubuntu Delta ###
  
  raptor2 (2.0.16-4ubuntu2) questing; urgency=medium
  
-   * No-change rebuild for libxml2 soname change.
+   * No-change rebuild for libxml2 soname change.
  
-  -- Matthias Klose <[email protected]>  Wed, 21 May 2025 08:16:01 +0200
+  -- Matthias Klose <[email protected]>  Wed, 21 May 2025 08:16:01 +0200
  
  raptor2 (2.0.16-4ubuntu1) plucky; urgency=medium
  
-   * SECURITY UPDATE: heap overread when parsing triples
-     - debian/patches/CVE-2024-57822.patch: only allow looking at the last
-       character of a bnode ID only if bnode length >0 in
-       src/raptor_ntriples.c.
-     - debian/patches/CVE-2024-5782x-tests.patch: added test in
-       configure.ac, tests/Makefile.am, tests/bugs/Makefile.am,
-       tests/bugs/issue70b.c.
-     - CVE-2024-57822
-   * SECURITY UPDATE: integer overflow when normalizing a URI
-     - debian/patches/CVE-2024-57823.patch: return empty buffer if path gets
-       to 0 length in src/raptor_rfc2396.c.
-     - debian/patches/CVE-2024-5782x-tests.patch: added test in
-       configure.ac, tests/Makefile.am, tests/bugs/Makefile.am,
-       tests/bugs/issue70a.c.
-     - CVE-2024-57823
+   * SECURITY UPDATE: heap overread when parsing triples
+     - debian/patches/CVE-2024-57822.patch: only allow looking at the last
+       character of a bnode ID only if bnode length >0 in
+       src/raptor_ntriples.c.
+     - debian/patches/CVE-2024-5782x-tests.patch: added test in
+       configure.ac, tests/Makefile.am, tests/bugs/Makefile.am,
+       tests/bugs/issue70b.c.
+     - CVE-2024-57822
+   * SECURITY UPDATE: integer overflow when normalizing a URI
+     - debian/patches/CVE-2024-57823.patch: return empty buffer if path gets
+       to 0 length in src/raptor_rfc2396.c.
+     - debian/patches/CVE-2024-5782x-tests.patch: added test in
+       configure.ac, tests/Makefile.am, tests/bugs/Makefile.am,
+       tests/bugs/issue70a.c.
+     - CVE-2024-57823
  
-  -- Marc Deslauriers <[email protected]>  Tue, 25 Feb 2025
+  -- Marc Deslauriers <[email protected]>  Tue, 25 Feb 2025
  07:53:56 -0500


** Summary changed:

- Merge raptor2 from Debian Unstable for questing
+ Sync raptor2 from Debian Unstable for questing

** Tags removed: dcr-merge
** Tags added: dcr-sync

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2112062

Title:
  Sync raptor2 from Debian Unstable for questing

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/raptor2/+bug/2112062/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2112062] Re: Merge raptor2 from Debian Unstable for questing

Reply via email to