Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted prometheus-alertmanager 0.15.3+ds-3+deb10u1 (source) into oldoldstable
Date: Fri, 29 Sep 2023 20:50:21 +0000
Signed by: Bastien ROUCARIÈS <rouca@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 29 Sep 2023 19:40:00 +0000
Source: prometheus-alertmanager
Architecture: source
Version: 0.15.3+ds-3+deb10u1
Distribution: buster-security
Urgency: medium
Maintainer: Debian Go Packaging Team <pkg-go-maintainers@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Closes: 1050558
Changes:
 prometheus-alertmanager (0.15.3+ds-3+deb10u1) buster-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2023-40577: A vulnerability was found in the way prometheus handles
     alerts sent by client applications such as the Prometheus server.
     An attacker with the permission to perform POST requests on the
     /api/v1/alerts endpoint could be able to execute arbitrary
     JavaScript code on the users of Prometheus Alertmanager.
     (Closes: #1050558)
Checksums-Sha1:
 4a1f20914ce730b7aca205f2905664e212d1e6cf 3029 prometheus-alertmanager_0.15.3+ds-3+deb10u1.dsc
 fe874838d17584d69d4a03183eaf4cef53fb7dbc 220285 prometheus-alertmanager_0.15.3+ds.orig.tar.gz
 8715f606650f57a83be45c7d80ab8d614405bd39 15988 prometheus-alertmanager_0.15.3+ds-3+deb10u1.debian.tar.xz
 6d6ec6add4b404db02d052fe487ff76a9a7d69e8 10964 prometheus-alertmanager_0.15.3+ds-3+deb10u1_amd64.buildinfo
Checksums-Sha256:
 1e1cdf7375d35fe6694d35a1b133227e17a713f1e436c8b591daa7ea7b2cf1f1 3029 prometheus-alertmanager_0.15.3+ds-3+deb10u1.dsc
 aad478d06307f2f0203e3cd6d20709015721736d5fe446f4de655e40033fcbf6 220285 prometheus-alertmanager_0.15.3+ds.orig.tar.gz
 ad2b26abc6e846ff77170df4b44e1b0dae9c033d9f7efdd483b21555b9b086e9 15988 prometheus-alertmanager_0.15.3+ds-3+deb10u1.debian.tar.xz
 58a4e76e0d4ce8d03f0faf38d803481a402fcafdf12034cdd58244b9dcdb5cf4 10964 prometheus-alertmanager_0.15.3+ds-3+deb10u1_amd64.buildinfo
Files:
 14a03c9ba54ea55e717fd353843e3fa8 3029 net optional prometheus-alertmanager_0.15.3+ds-3+deb10u1.dsc
 f9ce174eefa4f0de231f5d9a23666ba1 220285 net optional prometheus-alertmanager_0.15.3+ds.orig.tar.gz
 0816a25f45434598d24a48f82814fecf 15988 net optional prometheus-alertmanager_0.15.3+ds-3+deb10u1.debian.tar.xz
 34ba1d0ca5519887d915c0086b33e352 10964 net optional prometheus-alertmanager_0.15.3+ds-3+deb10u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmUXNGkRHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF/DJw//UehRfBPrjLm+vSNZQWGhSYJDM7Y3ZGB7
W/aNLRIE1UQ1RNmVkB+Ly+tIWRoXGqyDBMTsflZAlUKlS3M179mrynt0SdtPlnQq
hMrQnMK3pyww+Jl/+YLgxFdegcN7LUA2Gsj7hyfQZbwPTrNr+d0K1B6BMIrnZTOB
NOw+FCV8gZzbVvpX/LuaIUw6Ls5VZGmGSFeBHENN9OEx/B/901iDT5E+h9Hr9RVZ
ym/PL1jkdZTWJOqe3Bd/dZi6E057fNtCvPfaW1sPvbEWTOr4RkNLuLTAaCDjInF0
m/od+xM82doh531uVJmzs4MiaW+udCGTFmxvVyvyt639p0CO8/y1oh5BccpjYIVx
EMlI3UWgOwwLX1VnUn7dLQgXezrfr7U1ZU/lx+SLNKtACEhF7t4HSRFmA5zXR7dL
is+6WjqBabjrC9OE6jS/AMq5ZAPzyNkO8Zl4FM2fb13tw55MGgH5RcnoODAYxIOa
vs7lsZIQHH0oc4OVZUrYJRuzu1XFXxivhfG/3YW7LFkucVYOD5LFuAN0dtxX5h4u
GQ3dntvW4A3Z7NcAdUbQQC9ZBOHjUXXPXREJ0C3znx74qUIT1eZu04/YdGYsCS50
JHisLJ3CjnScNEv8jx9bP+s1PF5vHbrjzh7UjcEYqcrfG24RqDEw4I7EEk9yMqk8
1wNJlX+qcMs=
=ipbM
-----END PGP SIGNATURE-----

News for package prometheus-alertmanager