Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted tryton-server 5.0.33-2+deb11u4 (source) into oldoldstable-security
Date: Fri, 28 Nov 2025 18:20:22 +0000
Signed by: Santiago Ruano Rincón <santiago@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 28 Nov 2025 11:27:04 -0300
Source: tryton-server
Architecture: source
Version: 5.0.33-2+deb11u4
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Tryton Maintainers <team+tryton-team@tracker.debian.org>
Changed-By: Santiago Ruano Rincón <santiagorr@riseup.net>
Changes:
 tryton-server (5.0.33-2+deb11u4) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Debian LTS Team.
   * Re-adjust d/gbp.conf to match tryton-team's
   * Add 07_traceback_in_RPC.patch and 08_enforce_access_check_export_data.patch.
     Fixes for security issues:
      Include the traceback only in RPC responses in development mode
      https://bugs.debian.org/1121242 (s.a. #1121242)
      -> https://foss.heptapod.net/tryton/tryton/-/issues/14354
      Enforce access check in export_data
      https://bugs.debian.org/1121243 (s.a. #1121243)
      -> https://foss.heptapod.net/tryton/tryton/-/issues/14366
     Thanks to: Mathias Behrle <mathiasb@m9s.biz>
   * Add d/salsa-ci.yml using the LTS Team's bullseye recipe.
   * Adjust zipbomb-fix.patch name to keep consistency with maintainers'
     appraoch
Checksums-Sha1:
 eff50e31ba88f50939333798714a24e1fb97d47b 1793 tryton-server_5.0.33-2+deb11u4.dsc
 fa5b7516a478ab88000580c75f4d531d3b409d41 35316 tryton-server_5.0.33-2+deb11u4.debian.tar.xz
 375b574ca0cfe356f41bf77c1f81073e233d1910 7404 tryton-server_5.0.33-2+deb11u4_source.buildinfo
Checksums-Sha256:
 6b7c6f16ff85e0fc0fe25a96bdabf04933923e13afd13dc15aea872696372d24 1793 tryton-server_5.0.33-2+deb11u4.dsc
 8d659d531ca5e3505f48a4ef6bbeb4a70947a0223a526f9c59bc1c37b38ce83c 35316 tryton-server_5.0.33-2+deb11u4.debian.tar.xz
 66244ff7baf54a44be9605a73b5317b06682baab62d2cdb4f8ea1d33aabc65ae 7404 tryton-server_5.0.33-2+deb11u4_source.buildinfo
Files:
 700c539ae8d1419a5c27cc9fd4f07ff5 1793 python optional tryton-server_5.0.33-2+deb11u4.dsc
 89856df9cd17053accd37c98c88f0556 35316 python optional tryton-server_5.0.33-2+deb11u4.debian.tar.xz
 31991fda6055fffeb1e47cb4465a7b61 7404 python optional tryton-server_5.0.33-2+deb11u4_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iIwEARYIADQWIQR+lHTq7mkJOyB6t2Un3j1FEEiG7wUCaSnlChYcc2FudGlhZ29y
ckByaXNldXAubmV0AAoJECfePUUQSIbvdWEBAI7tkcQIw4Ph4xWl/tBNHTD4Bpmb
iWxbg8nwNhI3zBSbAP0YBZaHUnx16Ywp75KQHyL9oR61NAh0ZFAZZQnpGwHfAQ==
=fqGr
-----END PGP SIGNATURE-----

News for package tryton-server