Debian Package Tracker

From: Thomas Goirand <zigo@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted graphite-web 1.1.4-3+deb10u1 (source) into proposed-updates->stable-new, proposed-updates
Date: Tue, 29 Oct 2019 20:53:26 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Thu, 17 Oct 2019 05:47:35 +0530
Source: graphite-web
Architecture: source
Version: 1.1.4-3+deb10u1
Distribution: buster
Urgency: high
Maintainer: Debian Graphite Group <team+debian-graphite-team@tracker.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Closes: 940554
Changes:
 graphite-web (1.1.4-3+deb10u1) buster; urgency=high
 .
   [ Utkarsh Gupta ]
   * Add patch to remove the 'send_email' function to avoid SSRF attack.
     This was insecure, not used in the code, and was undocumented as well.
     (Fixes: CVE-2017-18638)
 .
   [ Thomas Goirand ]
   * Avoid hourly error in cron with no whisper db (Closes: #940554). Thanks to
     Alexandre Rossi <niol@zincube.net> for the patch.
Checksums-Sha1:
 b51819c3e28cfffea628a3e42e509dfb523004dd 2285 graphite-web_1.1.4-3+deb10u1.dsc
 d7890f0d38413a72b3994c0507ff3310dad65a2f 227276 graphite-web_1.1.4-3+deb10u1.debian.tar.xz
 c3615fc7a7ff114b27e923c90b1459797e7bb0f0 7204 graphite-web_1.1.4-3+deb10u1_amd64.buildinfo
Checksums-Sha256:
 d7ba6956e89f3055b5f3e472835c73241c645f8cb38ea51d3e80bd3e64e4e30a 2285 graphite-web_1.1.4-3+deb10u1.dsc
 f474d3123883a9fe4a67289b6e89b0a87b5c65a84a509ae63b540b1c6b0fbc93 227276 graphite-web_1.1.4-3+deb10u1.debian.tar.xz
 f07e8add0d672c6f5f318cc2f74e9c2cd246d827c43c998c60d01b1f1dae92f9 7204 graphite-web_1.1.4-3+deb10u1_amd64.buildinfo
Files:
 0e8f80be82af9cc257a5a5a39c4d4e07 2285 web extra graphite-web_1.1.4-3+deb10u1.dsc
 4d4ff9183b3def9f384a7ab3fe57e538 227276 web extra graphite-web_1.1.4-3+deb10u1.debian.tar.xz
 16c76d3925a6932ae6220a45ea5199fa 7204 web extra graphite-web_1.1.4-3+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEoLGp81CJVhMOekJc1BatFaxrQ/4FAl2pbXYACgkQ1BatFaxr
Q/5xDhAAo2LQnaMsNHVJNcZc42Q8Q36ka5RdYzj+nNvyZgxUH9FmkxUbZUS7pOi/
Dug52Gj75A8xzEdMfAylkBgz6jV7Dqg6Xu4X1WGejQiQ6Yzm+iDCfyTiqDtd1zfs
W4fXlfn59H+j71Yxz6j1tcwU3heL18XkSyodQiIVRdxCcDs9TNtfm7URqpwrpKsP
Xzep9Min0nJNilxOSC4+hnPh4q/SzC+Saop29nzi1Qoebypi3Ae6sjhSZqja5xhz
M4EmQXIlPEZzFNV+Z/TtoepOd1dqCaxhWaTCJ4Tbbb/9HyEseo8Pj2FhoJ/KfmaQ
fTv7bg+CF+n3zQbdbIIjkTPMsKDDVONwh0kzagYCoNHi/YhNgkooYjY+T6G20FrO
Wooibv9toFQpv4l8T+/uBg9WjvQMgRcdUHYkOQJgWZcsmP4NlapORKcxNI/g5UNJ
dhJMuOttUEIdzAHFsmzTf56ZCd7Qg9EYWBPKS2huXaH3/N3haB6gaY+poHT8q2kv
uhKws8fYD9FVUzNkIvsakT1z+6WTcenBSKs9P44M/jHv5IlO0ok5bVZC7dOTw5CI
XNlyULbUkbLZH6hbor+2ciKYRrKYc6gtdfH0Gghuh2McNjwUj1ypFi1/Rm8CvkfT
Rl2p65uzxX0YLNC9/2viV2vnGdZIZ5QMssIIRdbAeqOitz/YZUk=
=T6KF
-----END PGP SIGNATURE-----

News for package graphite-web