-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 13 May 2023 23:21:12 +0800 Source: docker-registry Architecture: source Version: 2.8.2+ds1-1 Distribution: unstable Urgency: medium Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org> Changed-By: Shengjing Zhu <zhsj@debian.org> Closes: 1035956 Changes: docker-registry (2.8.2+ds1-1) unstable; urgency=medium . * Team upload * New upstream version 2.8.2+ds1 + CVE-2023-2253: Catalog API endpoint can lead to OOM via malicious user input (Closes: #1035956) * Drop patch merged by upstream + 0009-Fix-panic-in-inmemory-driver.patch Checksums-Sha1: 6226a49f7db08e666cd28799dabc918e30cea2c0 2425 docker-registry_2.8.2+ds1-1.dsc 74ee725d53c8a6781637efab261622ed131017c0 368092 docker-registry_2.8.2+ds1.orig.tar.xz 0edc25b20163eda8d53c7f084b7c9a32579bf455 9496 docker-registry_2.8.2+ds1-1.debian.tar.xz 09ecab73e0033bf25ab95b101a3816ed829db480 10107 docker-registry_2.8.2+ds1-1_amd64.buildinfo Checksums-Sha256: b4d27a631d62d8fd7212ba8721203332b340d0ef9e3c62878b7ae29a629f81d2 2425 docker-registry_2.8.2+ds1-1.dsc 65137484d75412af7a13104a31eed8ed69e97c616bb60cb9f4ed2a9a7cc1f8fb 368092 docker-registry_2.8.2+ds1.orig.tar.xz 101a4794e4f33f88683c2d8c33accd14653eb928ddb39d33d9de39d944516af0 9496 docker-registry_2.8.2+ds1-1.debian.tar.xz 1ef7bd91d0399819e27eaecbe22e3680f13149d1bf48f21609ff72522bc29c97 10107 docker-registry_2.8.2+ds1-1_amd64.buildinfo Files: 5f787da0251146ba99995f757763f6dc 2425 utils optional docker-registry_2.8.2+ds1-1.dsc 60407802bc26919a89c402b6dc27dda1 368092 utils optional docker-registry_2.8.2+ds1.orig.tar.xz 73696bbcc034eee9632a2fbf909bc245 9496 utils optional docker-registry_2.8.2+ds1-1.debian.tar.xz 9034e71c627d510f3c5f247168382546 10107 utils optional docker-registry_2.8.2+ds1-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQSRhdT1d2eu7mxV1B5/RPol6lUUywUCZF+sOwAKCRB/RPol6lUU y8OiAQDvXNj07n+RwtBgx0JWKwnLP/6SbrcP6AKBdKiZ1ExT+AEAurSMIbmEJjn9 tBTNLAHvG7GQHooCPUQPRpCQaJOxqwI= =rn7b -----END PGP SIGNATURE-----