Debian Package Tracker

From: Holger Levsen <holger@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted koji 1.10.0-1+deb9u1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates
Date: Sun, 01 Sep 2019 10:32:28 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 31 Aug 2019 20:31:37 +0200
Source: koji
Binary: koji-common koji-client koji-servers
Architecture: source
Version: 1.10.0-1+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: Reproducible Builds Maintainers <reproducible-builds@lists.alioth.debian.org>
Changed-By: Holger Levsen <holger@debian.org>
Description:
 koji-client - RPM-based build system - client
 koji-common - RPM-based build system - common library
 koji-servers - RPM-based build system - server components
Closes: 877921 922922
Changes:
 koji (1.10.0-1+deb9u1) stretch; urgency=medium
 .
   * Team upload.
   * Add patch based on upstream commit bdec8c7399 to fix CVE-2018-1002161, an
     SQL injection issue in multiple remote calls. Closes: #922922.
   * Add patch based on upstream commit ba7b5a3cbe to fix CVE-2017-1002153, to
     properly validate SCM pathes. Closes: #877921.
Checksums-Sha1:
 40880f0ad1c16902d3aa123249d16016f52fdd8d 2318 koji_1.10.0-1+deb9u1.dsc
 a7851bba8b3ab06bcee19cf9fda8b52a872002bf 6028 koji_1.10.0-1+deb9u1.debian.tar.xz
 796e7a3b56cd4ff04a05adb33ab8c51d58d879a7 9184 koji_1.10.0-1+deb9u1_source.buildinfo
Checksums-Sha256:
 7e70c0ff74e38d3547ede452a14207d1867f3848755be61e83c6cefce5071eae 2318 koji_1.10.0-1+deb9u1.dsc
 9f0b7c35afe8bc3009225b018b8d9ba732b1aadb43a7d8dc1273ddc87894e190 6028 koji_1.10.0-1+deb9u1.debian.tar.xz
 e3257a8800b5ad4703e23e4ff75912c6bc4ea355331ada95edabad45d10175a1 9184 koji_1.10.0-1+deb9u1_source.buildinfo
Files:
 e0e8802de1db9c52b907c9ae3fd2680d 2318 devel extra koji_1.10.0-1+deb9u1.dsc
 4e54c680d2704abbd25fcac07cb46e5e 6028 devel extra koji_1.10.0-1+deb9u1.debian.tar.xz
 1c3a47ef383012c5600e3849a4f049dd 9184 devel extra koji_1.10.0-1+deb9u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEuL9UE3sJ01zwJv6dCRq4VgaaqhwFAl1qvvcACgkQCRq4Vgaa
qhxvpQ/9HhrTX+iIKIeJ8xi3jXh8FCr5Na5xM3NhreQk72rDoKYJQehGNYhzjqDC
BxHtKI7fbzyCJPIDA/sbBcqkSTEU3CQytJkB+eMkaz0aebnHKrWgQayDSCWVQnyc
9jFSIIbZZhpNuelM+yQfR5oEe905f1UOkyqFvehkpbv4ROd485NEVqQ5MPda0LBS
ECLZFRUEj6l07TwiKWFYbASjI7P9Q7rtYBEmcU6c+dxrY62ZZnFDUKiLvrqsfZTP
EoTQ2Eq6XFq5a6GV9/rUj9W+F2S9VVmMW+9mUfvT1mteloAKDp3YA4XyisSsKdzd
sGmYflcD34972Fe8chsXjOPPgdD1YK69HNvAOwRixgMRtVZORODk3pBHQhCSL/Ny
qHj5D8MWdWCWcg+qd1VpJcotaGT4I9gBoSSeMgJt9b3nhU6f32MsZ4lzDCpSdnXi
k1SRZu2HgPAOXAft/LP5OsoOibS2BZcQuPBfDYQmcREiObDQ57KeepRrFqdklyOh
xpY6l/jIlR4jpE23Hd/TT0wswFzUBwV+ap3Gu9AmANnYG52o5aH0pe8TjR9zmtRw
GwkzNVSUSg4fVTXVIMfeTyre0VORr2tdbzL9/9thIPOa1KZfuTXOSpCz/EXDHK+v
kJEPjlOIIcUJeo20YEAEdiH6Ug2bL9aJh6LP5OfuoAQGe/9Uxtw=
=xrJV
-----END PGP SIGNATURE-----

News for package koji