Bug#1085026: bookworm-pu: package docker.io/20.10.24+dfsg1+deb12u1

Discussion:

Add Reply

Bastien Roucariès

2024-10-13 11:50:01 UTC

Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: ***@packages.debian.org, ***@debian.org
Control: affects -1 + src:docker.io
User: ***@packages.debian.org
Usertags: pu
Control: tags -1 + security

[ Reason ]
CVE-2024-41110

[ Impact ]
Authentification bypass

[ Tests ]
Yes added to test suite

[ Risks ]
Low code is tested. Patch is official

[ Checklist ]
[X] *all* changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable

[ Changes ]
- Fix CVE-2024-41110
- Fix of salsaCI to bookworm

[ Other info ]
May be worth a DSA due to popcon

Jonathan Wiltshire

2024-10-17 12:10:01 UTC

Permalink

Control: tag -1 confirmed

Unless the security team want to handle it as a DSA, please go ahead (with
a fixed distribution in debian/changelog).

Thanks,

--
Jonathan Wiltshire ***@debian.org
Debian Developer http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1

Moritz Mühlenhoff

2024-10-17 21:10:01 UTC

Permalink

Post by Jonathan Wiltshire
Control: tag -1 confirmed
Unless the security team want to handle it as a DSA, please go ahead (with
a fixed distribution in debian/changelog).

spu is fine, thanks!

Cheers,
Moritz