Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted erlang 1:22.2.7+dfsg-1+deb10u1 (source) into oldoldstable
Date: Tue, 11 Jul 2023 09:10:24 +0000
Signed by: Markus Koschany <apo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 11 Jul 2023 10:49:48 CEST
Source: erlang
Architecture: source
Version: 1:22.2.7+dfsg-1+deb10u1
Distribution: buster-security
Urgency: high
Maintainer: Debian Erlang Packagers <pkg-erlang-devel@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
 a30c634f728a30d1013c5d444b05f98b83ae28e4 5283 erlang_22.2.7+dfsg-1+deb10u1.dsc
 a255d682363b12fdb0bc49e4dfd4421e7d00a9d2 44730312 erlang_22.2.7+dfsg.orig.tar.xz
 ee19d4cee5f8a27b7294e6c8927603362fa80868 66668 erlang_22.2.7+dfsg-1+deb10u1.debian.tar.xz
 3a204b10c4269564bc1102c287d9b055e39bda48 29453 erlang_22.2.7+dfsg-1+deb10u1_amd64.buildinfo
Checksums-Sha256:
 7496731ed883b53b41e524eeca1889afe6c48ce79c68bb91c0eaa867bd85bd93 5283 erlang_22.2.7+dfsg-1+deb10u1.dsc
 ec6aafac17189386ecb526a1d3b1a94f089a0c59674a39c2a01aad3446028622 44730312 erlang_22.2.7+dfsg.orig.tar.xz
 5812ef80060a50a61ff4ab7e333efd0a75d0378b23dddaaec6ef52b68382fd5a 66668 erlang_22.2.7+dfsg-1+deb10u1.debian.tar.xz
 245b174522fab5864bb761111f5f87d9ffcf9d53ffaee5767f29d11752876f4c 29453 erlang_22.2.7+dfsg-1+deb10u1_amd64.buildinfo
Changes:
 erlang (1:22.2.7+dfsg-1+deb10u1) buster-security; urgency=high
 .
   * Non-maintainer upload by the LTS team.
   * New upstream release.
   * Backport version 22.2.7 with patches for CVE-2022-37026 applied.
   * Fix CVE-2022-37026:
     A Client Authentication Bypass vulnerability has been discovered in the
     concurrent, real-time, distributed functional language Erlang. Impacted are
     those who are running an ssl/tls/dtls server using the ssl application
     either directly or indirectly via other applications. Note that the
     vulnerability only affects servers that request client certification, that
     is sets the option {verify, verify_peer}.
Files:
 dff13fdbc336d5556a5e226710967af1 5283 interpreters optional erlang_22.2.7+dfsg-1+deb10u1.dsc
 7aa9b1fdb7c2af586708ee9e359c4e17 44730312 interpreters optional erlang_22.2.7+dfsg.orig.tar.xz
 997e790a38b707edc12c007666db2718 66668 interpreters optional erlang_22.2.7+dfsg-1+deb10u1.debian.tar.xz
 aac6713fec959fecc954c43091e656fe 29453 interpreters optional erlang_22.2.7+dfsg-1+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmStGTJfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkU3MP/jA3UU2TTzy/jfcuThvqH4polg+W39Vumq0e
o2V5GhxxhX6xgGjgQwGK3+tzxIS1btHAiRqg5jPTWbm0CSCu6ymPgyyPkOYYxaS8
pebMPCG4tH7amE/paKgxUu7nC3H+35hX+qe7lc2aApSMBqNaMT/hnDzz15+LAHlg
T51BeofrWsen5hQsMrhpRF6yYgrZ9PzECh4CfQItPKOzREiPAf7dreI5HUbtg8Nc
a+UNd44RfHDZuxjCoCR8BwdZftz0J/WG4YN1C9Y16hQua0nZuRkfpWYceteDzAzZ
kveG2z8p5FiFtL0QccjkOCC5FzzZ7M42KihCOEnZozHAhF3R4vRuLnzkx5NlqiQH
/9YMOWrTEYdb2YtAdHc/JYvvGFtrKZWKNg1ZGIErq1odCkjUPc4ngsBqsmm7eA64
35Kp/LjSU7XLdK5VaQ6aIv3zYsGHDCwIh0r69eWrOfcJeaY3Vr7aRSxgl4r/dt9U
oGAlVulz0RPD/haf7LMBV8dP5pM8XNRpbvuRUhxuztuyaaU2HUrc9Gk5Up/wpcoU
pdBBj2eh/jRH16BxCRz1loFS5az9406GvMr4BM9Uo0itA3h/pt3rTw+AoCIskEZy
ccLJsOBSvfRf/fa/E2lTR4qvFOWmRVPaoUbJcVN8wtvkOUEYTgSxvlqDFdowIN0w
r0bU1E9R
=Pj6G
-----END PGP SIGNATURE-----
News for package erlang
