Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-experimental-changes@lists.debian.org> , <debian-devel-changes@lists.debian.org>
Subject: Accepted etcd 3.3.25+dfsg-1 (source) into experimental
Date: Tue, 06 Oct 2020 18:33:30 +0000
Signed by: Shengjing Zhu <zhsj@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 06 Oct 2020 22:58:53 +0800
Source: etcd
Architecture: source
Version: 3.3.25+dfsg-1
Distribution: experimental
Urgency: medium
Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org>
Changed-By: Shengjing Zhu <zhsj@debian.org>
Closes: 968740 968752 971158
Changes:
 etcd (3.3.25+dfsg-1) experimental; urgency=medium
 .
   * Team upload.
   * New upstream release 3.3.25
     + CVE-2020-15136 (Closes: #968752)
       Gateway TLS authentication only applies to endpoints detected in DNS SRV
       records
       https://github.com/etcd-io/etcd/security/advisories/GHSA-wr2v-9rpq-c35q
     + CVE-2020-15115 (Closes: #968740)
       No minimum password length
       https://github.com/etcd-io/etcd/security/advisories/GHSA-4993-m7g5-r9hh
     + CVE-2020-15114
       Gateway can include itself as an endpoint resulting in resource
       exhaustion
       https://github.com/etcd-io/etcd/security/advisories/GHSA-2xhq-gv6c-p224
     + CVE-2020-15113
       Directories created via os.MkdirAll are not checked for permissions
       https://github.com/etcd-io/etcd/security/advisories/GHSA-chh6-ppwq-jh92
     + CVE-2020-15112
       An entry with large index causes panic in WAL ReadAll method
       https://github.com/etcd-io/etcd/security/advisories/GHSA-m332-53r6-2w93
     + CVE-2020-15106
       A large slice causes panic in decodeRecord method
       https://github.com/etcd-io/etcd/security/advisories/GHSA-p4g4-wgrh-qrg2
   * Disable some failed tests (Closes: #971158)
   * Bump debhelper compat to 13
   * Add Rules-Requires-Root
   * Bump Standards-Version to 4.5.0 (no changes)
Checksums-Sha1:
 32b71ee954d563c7836c16718d93fbe2efd3b718 3020 etcd_3.3.25+dfsg-1.dsc
 49b2bfa4e5f7f4da2fa7465f49ceb49ea4ccf680 3006896 etcd_3.3.25+dfsg.orig.tar.xz
 4bd79a660d4fcef2d76bbbb1d41de46c60fc92fc 31796 etcd_3.3.25+dfsg-1.debian.tar.xz
 b8bfb6c82ab45be2e97ae725ee3202db94efebbb 11665 etcd_3.3.25+dfsg-1_amd64.buildinfo
Checksums-Sha256:
 a658649a63e960b5e9f953bede6d656405b34c5cd459bb907085a498ffe7acaf 3020 etcd_3.3.25+dfsg-1.dsc
 93a92b3da90774d02bb8919a199eac7b0be0a271a4619566b7622112a9fe600f 3006896 etcd_3.3.25+dfsg.orig.tar.xz
 08b6447180d9b181c9c8b95484d72ccfeb9371f95ed6d8fbd204ac4adca50e71 31796 etcd_3.3.25+dfsg-1.debian.tar.xz
 44a05f436e87c45eac781311e5e5b283279e4e70ca8ce0678dbc7439ab693160 11665 etcd_3.3.25+dfsg-1_amd64.buildinfo
Files:
 96ea7002f81b4e654750d6f433d88a23 3020 net optional etcd_3.3.25+dfsg-1.dsc
 d960ecd0b7893c814cee88fa875e29d5 3006896 net optional etcd_3.3.25+dfsg.orig.tar.xz
 e7c1542d74c30276014332d43e877046 31796 net optional etcd_3.3.25+dfsg-1.debian.tar.xz
 e6d302ea6371820e345ecac5ed278c11 11665 net optional etcd_3.3.25+dfsg-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iIYEARYIAC4WIQTiXc95jUQrjt9HgU3EhUo4GOCwFgUCX3y2YxAcemhzakBkZWJp
YW4ub3JnAAoJEMSFSjgY4LAWFtcA/ivXQpQKSEJZXAS4vO4wFZR+ZzN1wRexktCT
ikC0vgTxAP95GroKdTYqftcyzgzYANGem0Ch50EP1JQ1zIwxlLf7AQ==
=MCU+
-----END PGP SIGNATURE-----

News for package etcd