Control: User -1 [email protected]
Control: Usertag -1 + upstream-trixie
Hello Thijs and LTS team,
El 01/12/24 a las 17:38, Thijs Kinkhorst escribi�:
Package: simplesamlphp
Severity: grave
Tags: trixie sid
The current package in testing and unstable is version 1.19. Upstream no longer supports this version. There's a 2.x series which should be packaged.
There are a number of changes required for packaging 2.x. Most notably
the list of shipped modules is much smaller, which needs some consideration.
In any case Debian should not ship a 1.19 package in trixie, hence
this bug which can be closed if a 2.x version is packaged at some
point.
This is just a heads-up about the status of simplesamlphp in trixie,
which is currently missing.
Thijs, could we interpret the above as you are OK with a "Team-upload"
(as the package is in salsa.d.o/debian), or an NMU to package
simplesamlphp 2.x?
Please, don't hesitate to tell me if that is wrong.
Someone from the LTS team, may be interested in contributing (CC'ing debian-lts).
Best regards,
-- Santiago, for the LTS Team.
Hi,
As you're probably aware, issue https://security-tracker.debian.org/tracker/CVE-2025-27773 has been open since
March 11, 2025. Is anybody working on fixing this? I could probably help out
with testing prereleases for Debian bullseye.
Thanks, Bye,
Joost
Hi,
As you're probably aware, issue https://security-tracker.debian.org/tracker/CVE-2025-27773 has been open since
March 11, 2025. Is anybody working on fixing this? I could probably help out with testing prereleases for Debian bullseye.
Thanks, Bye,
Joost
On Thu, Feb 06, 2025 at 11:56:41AM -0300, Santiago Ruano Rincón wrote:
Control: User -1 [email protected]
Control: Usertag -1 + upstream-trixie
Hello Thijs and LTS team,
El 01/12/24 a las 17:38, Thijs Kinkhorst escribió:
Package: simplesamlphp
Severity: grave
Tags: trixie sid
The current package in testing and unstable is version 1.19. Upstream no longer supports this version. There's a 2.x series which should be packaged.
There are a number of changes required for packaging 2.x. Most notably the list of shipped modules is much smaller, which needs some consideration.
In any case Debian should not ship a 1.19 package in trixie, hence
this bug which can be closed if a 2.x version is packaged at some
point.
This is just a heads-up about the status of simplesamlphp in trixie,
which is currently missing.
Thijs, could we interpret the above as you are OK with a "Team-upload"
(as the package is in salsa.d.o/debian), or an NMU to package
simplesamlphp 2.x?
Please, don't hesitate to tell me if that is wrong.
Someone from the LTS team, may be interested in contributing (CC'ing debian-lts).
Best regards,
-- Santiago, for the LTS Team.
Hi Joost,my backport of the patch for CVE-2025-27773 is in the lts team repo [1]
I've been woking on simplesmalphp yesterday, and the current status of
[1]https://salsa.debian.org/lts-team/packages/simplesamlphp/-/tree/debian/bullseye/
assist in testing the changes, this would be very appreciated.
Help in testing the changes would be very helpful, so if you can
open since
Cheers,
tobi
"Joost van Baal-Ilić" [email protected] – April 28, 2025 9:30 AM
Hi,
As you're probably aware, issue https://security-tracker.debian.org/tracker/CVE-2025-27773 has been
help outMarch 11, 2025. Is anybody working on fixing this? I could probably
wrote:with testing prereleases for Debian bullseye.
Thanks, Bye,
Joost
On Thu, Feb 06, 2025 at 11:56:41AM -0300, Santiago Ruano Rincón
Con
| Sysop: | Keyop |
|---|---|
| Location: | Huddersfield, West Yorkshire, UK |
| Users: | 715 |
| Nodes: | 16 (2 / 14) |
| Uptime: | 08:32:05 |
| Calls: | 12,100 |
| Files: | 15,003 |
| Messages: | 6,517,955 |