-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 21 Aug 2023 17:10:12 +0200 Source: tryton-server Binary: tryton-server tryton-server-all-in-one tryton-server-doc tryton-server-nginx tryton-server-postgresql tryton-server-uwsgi Architecture: source all Version: 6.0.29-2+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: Debian Tryton Maintainers <team+tryton-team@tracker.debian.org> Changed-By: Mathias Behrle <mathiasb@m9s.biz> Description: tryton-server - Tryton application platform - server tryton-server-all-in-one - Tryton application platform - full installation tryton-server-doc - Tryton application platform - server documentation tryton-server-nginx - Tryton application platform - Nginx integration tryton-server-postgresql - Tryton application platform - PostgreSQL integration tryton-server-uwsgi - Tryton application platform - uWSGI integration Changes: tryton-server (6.0.29-2+deb12u1) bookworm-security; urgency=high . * Add 02_enforce_record_rules.patch. This patch fixes the information disclosure leak when reading from function fields with record rules https://discuss.tryton.org/t/security-release-for-issue-12428/6397 Checksums-Sha1: 9005168c103d0241b22f675c9d298a72d19df23c 2985 tryton-server_6.0.29-2+deb12u1.dsc 577a4d51be8ea3797f5d62060d592bf71000c2e6 853049 tryton-server_6.0.29.orig.tar.gz 2a0f7c24a152f8f2e56eb341fbfd91026300700f 506 tryton-server_6.0.29.orig.tar.gz.asc 991ecfd83c26b8b28ed36f2e2acc93db981c2cec 57780 tryton-server_6.0.29-2+deb12u1.debian.tar.xz dba534ec6ed50a8a33ac855a148452cd32728f98 22432 tryton-server-all-in-one_6.0.29-2+deb12u1_all.deb 773ae9060315edeb49e379cf1996721c9df4dde5 165024 tryton-server-doc_6.0.29-2+deb12u1_all.deb 4d16ff1b5541ef93f577e8e191988abf9e7c2691 24296 tryton-server-nginx_6.0.29-2+deb12u1_all.deb 4ae223335d478e5574d75ba5f9e71ac954007414 22464 tryton-server-postgresql_6.0.29-2+deb12u1_all.deb 5afc6ccb7e50476835e50366f75f499e5b9e6440 23168 tryton-server-uwsgi_6.0.29-2+deb12u1_all.deb 304e857aaaaf4544ba00267c559c198828cc07f4 512564 tryton-server_6.0.29-2+deb12u1_all.deb 07c229da046ea0bc3c556116f514f54a098e1b68 10721 tryton-server_6.0.29-2+deb12u1_amd64.buildinfo Checksums-Sha256: 043d78e9d14bdf2ae34f2842f6b022f5a399148d98a7afed3a488db77b756ddb 2985 tryton-server_6.0.29-2+deb12u1.dsc 4295d061e0a9d973d072f06a42726b47fce214b76a4c0d9a60abf7325585d470 853049 tryton-server_6.0.29.orig.tar.gz 61749a8d281c85d163f64ec4738b5020a6c8c08dce03e183e31098699f4a43af 506 tryton-server_6.0.29.orig.tar.gz.asc 5ea20509a8ca32f193d8e5f380a36aed445597d08e4ac274f22e1a50a2031ba1 57780 tryton-server_6.0.29-2+deb12u1.debian.tar.xz 809a7d93a452154ea4211dcde6172f2fdddb3d261cb847a727462e3c7abd61a7 22432 tryton-server-all-in-one_6.0.29-2+deb12u1_all.deb 8b6f75ebdf62a4b0bc9302f32e495c5aa201d107d3fcb9f6c8b6a67505e7ef8f 165024 tryton-server-doc_6.0.29-2+deb12u1_all.deb aab8d15be6424ea6106ab5b1ae43a816afdeec8e7ae0ff92bef6b86c4ca0d29e 24296 tryton-server-nginx_6.0.29-2+deb12u1_all.deb 3a5a3042264eb08c8e4c327bb8f6baa59ca9056cca8234bf7e0d7bee7a4e7d73 22464 tryton-server-postgresql_6.0.29-2+deb12u1_all.deb 35ac5e985ad058acb23bcab6f07af1341548e6a9475147d0782ad949f5311532 23168 tryton-server-uwsgi_6.0.29-2+deb12u1_all.deb dd4edde0788fffee46d4e5a1876361bc87feebe2f14f3df4947e5bbfb05552eb 512564 tryton-server_6.0.29-2+deb12u1_all.deb 9603f1a04d433b7c7949528be2fbe4859b3784e92f478e7dc6cd7421322b43d7 10721 tryton-server_6.0.29-2+deb12u1_amd64.buildinfo Files: e4f0c4d1d363ae94f168b9562bb4bdbb 2985 python optional tryton-server_6.0.29-2+deb12u1.dsc 52f5461871b330e48f8a35e1d9304597 853049 python optional tryton-server_6.0.29.orig.tar.gz dac01ea2ebd961ed47a3834b62683ecd 506 python optional tryton-server_6.0.29.orig.tar.gz.asc 29012b9488a15aec0b4ad655d36aa6ea 57780 python optional tryton-server_6.0.29-2+deb12u1.debian.tar.xz 82bfeea880e5aa1da5cf55243af991c0 22432 python optional tryton-server-all-in-one_6.0.29-2+deb12u1_all.deb 32ce1d4fb5780e8cb9ed52842a895733 165024 doc optional tryton-server-doc_6.0.29-2+deb12u1_all.deb 8f691bd783b8110c07164d2c4eab62f6 24296 python optional tryton-server-nginx_6.0.29-2+deb12u1_all.deb 462efc3ec3ef6463f850c3c5039f6bc5 22464 python optional tryton-server-postgresql_6.0.29-2+deb12u1_all.deb 4395f993e1cfac6109527cc0b263e7d8 23168 python optional tryton-server-uwsgi_6.0.29-2+deb12u1_all.deb c45a546baeac4278efe0cb3f3ac2aa7c 512564 python optional tryton-server_6.0.29-2+deb12u1_all.deb ac8f442399586f18a8107158623d2471 10721 python optional tryton-server_6.0.29-2+deb12u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- Comment: Signed by Mathias Behrle iQJFBAEBCgAvFiEErCl+XEa50LYccXaB1tCb5IQFu/YFAmTknW0RHG1hdGhpYXNi QG05cy5iaXoACgkQ1tCb5IQFu/Yf7g//etc5/zJvPAMOmwdQCRfoKifjEseloiBa PexcVBzWZ6gdh5G89KPJ8MIuQnPGnI0gbiUTYDZVh+N1tuAdmocKYpDt1oSzANfD Wl3i5gzg6S0v7LdZQDbHzMhwNkqLqdauHN/m3g8isUw+m4mb8RC44767ybSt813A lDOtAaSEDswYjH1l7CFYYgD6orOdbXlnp+fEUpIJ3WALozvbdEAirIC0Wzus97dH 7kA7VfyfCR0DxuB+9MeE6cQp2vwA+0Qye/kvuAiZQYAZdFb2QbJULbu070ve4zRY KMW5YE0509RMpijhl/Qqg8naKpJRFYDaJYp+XkGXkSAdXJSbeKubcjQNcQRoF+4j r0PsHGD31ytmgICsD48yW2t95dbkHFkCxtxGFxIzVOi4vYvtKmDCeCDsy9aWKXDn ZXAbC7nSChNy+IVwOjy+VsYT8l4C/vPPxqtHChy3roCuRXYqQRnUYEMeYcNi4uZr c4/IArmRYh+vt2y6eLedwJVnpHk5ISsnhIFaBAwBx5ck+0lNDMzmnTT8ZMTq2hI/ HHPmJyObgY+yBGZnQGojVYrsTOlRyVt2+RRezcxAxM54Gtb/Bm2G8m30KIFYm0Re vBhTl4psU4AmQ2t3dtw2oyoPATb2bomtu6DO6O2YeugUj2MEjq0GlcCErl8yI7qZ Ya0+h9OZ1XQ= =r11X -----END PGP SIGNATURE-----