haskell-aeson - Debian Package Tracker

general

source: haskell-aeson (main)
version: 1.4.7.1-2
maintainer: Debian Haskell Group (archive) (DMD)
uploaders: Clint Adams [DMD]
arch: all any
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.11.2.1-3
oldstable: 1.3.1.1-3
stable: 1.4.7.1-2
testing: 1.4.7.1-2
unstable: 1.4.7.1-2

versioned links

0.11.2.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.3.1.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.7.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libghc-aeson-dev
libghc-aeson-doc
libghc-aeson-prof

action needed

A new upstream version is available: 2.0.3.0 high

A new upstream version 2.0.3.0 is available, you should consider packaging it.

Created: 2020-06-29 Last update: 2022-05-28 22:07

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2021-41119: Wire-server is the system server for the wire back-end services. Releases prior to v2022-03-01 are subject to a denial of service attack via a crafted object causing a hash collision. This collision causes the server to spend at least quadratic time parsing it which can lead to a denial of service for a heavily used server. The issue has been fixed in wire-server 2022-03-01 and is already deployed on all Wire managed services. On premise instances of wire-server need to be updated to 2022-03-01, so that their backends are no longer affected. There are no known workarounds for this issue.

Created: 2022-04-14 Last update: 2022-04-26 20:00

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2021-41119: Wire-server is the system server for the wire back-end services. Releases prior to v2022-03-01 are subject to a denial of service attack via a crafted object causing a hash collision. This collision causes the server to spend at least quadratic time parsing it which can lead to a denial of service for a heavily used server. The issue has been fixed in wire-server 2022-03-01 and is already deployed on all Wire managed services. On premise instances of wire-server need to be updated to 2022-03-01, so that their backends are no longer affected. There are no known workarounds for this issue.

Created: 2022-04-14 Last update: 2022-04-26 20:00

lintian reports 42 warnings normal

Lintian reports 42 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2021-10-13 21:32

1 low-priority security issue in buster low

There is 1 open security issue in buster.

1 issue left for the package maintainer to handle:

CVE-2021-41119: (needs triaging) Wire-server is the system server for the wire back-end services. Releases prior to v2022-03-01 are subject to a denial of service attack via a crafted object causing a hash collision. This collision causes the server to spend at least quadratic time parsing it which can lead to a denial of service for a heavily used server. The issue has been fixed in wire-server 2022-03-01 and is already deployed on all Wire managed services. On premise instances of wire-server need to be updated to 2022-03-01, so that their backends are no longer affected. There are no known workarounds for this issue.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-04-14 Last update: 2022-04-26 20:00

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2021-41119: (needs triaging) Wire-server is the system server for the wire back-end services. Releases prior to v2022-03-01 are subject to a denial of service attack via a crafted object causing a hash collision. This collision causes the server to spend at least quadratic time parsing it which can lead to a denial of service for a heavily used server. The issue has been fixed in wire-server 2022-03-01 and is already deployed on all Wire managed services. On premise instances of wire-server need to be updated to 2022-03-01, so that their backends are no longer affected. There are no known workarounds for this issue.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-04-14 Last update: 2022-04-26 20:00

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2020-06-03 Last update: 2020-06-03 16:36

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.5.0).

Created: 2020-11-17 Last update: 2022-05-11 23:24

news

[rss feed]

[2020-08-12] haskell-aeson 1.4.7.1-2 MIGRATED to testing (Debian testing watch)
[2020-06-27] Accepted haskell-aeson 1.4.7.1-2 (source) into unstable (Ilias Tsitsimpis)
[2020-05-30] Accepted haskell-aeson 1.4.7.1-1 (source) into unstable (Sean Whitton) (signed by: Clint Adams)
[2019-11-03] haskell-aeson 1.4.2.0-5 MIGRATED to testing (Debian testing watch)
[2019-09-29] Accepted haskell-aeson 1.4.2.0-5 (source) into unstable (Gianfranco Costamagna)
[2019-09-01] Accepted haskell-aeson 1.4.2.0-4 (source) into unstable (Clint Adams)
[2019-08-30] Accepted haskell-aeson 1.4.2.0-3 (source) into unstable (Gianfranco Costamagna)
[2019-07-27] Accepted haskell-aeson 1.4.2.0-2 (source) into unstable (Clint Adams)
[2019-07-27] Accepted haskell-aeson 1.4.2.0-1 (source) into unstable (Clint Adams)
[2018-11-28] haskell-aeson 1.3.1.1-3 MIGRATED to testing (Debian testing watch)
[2018-10-23] Accepted haskell-aeson 1.3.1.1-3 (source) into unstable (Ilias Tsitsimpis)
[2018-10-01] Accepted haskell-aeson 1.3.1.1-2 (source) into unstable (Ilias Tsitsimpis)
[2018-09-29] Accepted haskell-aeson 1.3.1.1-1 (source) into unstable (Ilias Tsitsimpis)
[2018-07-03] haskell-aeson 1.2.4.0-2 MIGRATED to testing (Debian testing watch)
[2018-04-15] Accepted haskell-aeson 1.2.4.0-2 (source) into unstable (Clint Adams)
[2018-04-10] Accepted haskell-aeson 1.2.4.0-1 (source) into unstable (Clint Adams)
[2017-11-22] haskell-aeson 1.1.2.0-1 MIGRATED to testing (Debian testing watch)
[2017-09-10] Accepted haskell-aeson 1.1.2.0-1 (source) into unstable (Sean Whitton)
[2017-09-02] haskell-aeson 1.0.2.1-6 MIGRATED to testing (Debian testing watch)
[2017-07-18] Accepted haskell-aeson 1.0.2.1-6 (source) into unstable (Gianfranco Costamagna)
[2017-07-18] Accepted haskell-aeson 1.0.2.1-5 (source amd64 all) into unstable (Gianfranco Costamagna)
[2017-07-15] Accepted haskell-aeson 1.0.2.1-4 (source) into unstable (Clint Adams)
[2017-07-13] Accepted haskell-aeson 1.0.2.1-3 (source) into unstable (Clint Adams)
[2017-07-10] Accepted haskell-aeson 1.0.2.1-2 (source) into unstable (Clint Adams)
[2017-07-06] Accepted haskell-aeson 1.0.2.1-1 (source) into unstable (Clint Adams)
[2017-06-28] Accepted haskell-aeson 0.11.3.0-2 (source) into unstable (Clint Adams)
[2017-06-18] Accepted haskell-aeson 0.11.3.0-1 (source) into unstable (Clint Adams)
[2016-11-28] haskell-aeson 0.11.2.1-3 MIGRATED to testing (Debian testing watch)
[2016-10-28] Accepted haskell-aeson 0.11.2.1-3 (source) into unstable (Clint Adams)
[2016-10-16] Accepted haskell-aeson 0.11.2.1-2 (source) into experimental (Clint Adams)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 42)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.4.7.1-2build2