Debian Package Tracker

general

source: jabberd2 (main)
version: 2.7.0-1
maintainer: Debian XMPP Maintainers (archive) (DMD)
uploaders: Simon Josefsson [DMD]
arch: any
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 2.4.0-3+deb9u1
old-sec: 2.4.0-3+deb9u1
stable: 2.7.0-1
testing: 2.7.0-1
unstable: 2.7.0-1

versioned links

2.4.0-3+deb9u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

jabberd2 (2 bugs: 0, 1, 1, 0)

action needed

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2017-18226: The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "kill -TERM `cat /var/run/jabber/filename.pid`" command.

Please fix it.

Created: 2019-07-07 Last update: 2020-01-21 18:34

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2017-18226: The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "kill -TERM `cat /var/run/jabber/filename.pid`" command.

Please fix it.

Created: 2018-07-01 Last update: 2020-01-21 18:34

2 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 54a3044b7529d463c9f1fdad1f0a2aed52dc7f6c
Merge: a4bc798 c2d181c
Author: Simon Josefsson <simon@josefsson.org>
Date:   Mon Jan 28 23:01:13 2019 +0100

    Incorporate Sergei's work done (we worked in parallel on this).

commit c2d181c5eed5b2d83de99eb87626253fe512f019
Author: Sergei Golovan <sgolovan@gmail.com>
Date:   Tue Jan 29 00:22:06 2019 +0300

    Fix FTBFS with libmariadb 10.3.

Created: 2019-01-28 Last update: 2020-01-14 12:42

lintian reports 11 warnings normal

Lintian reports 11 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2019-08-26 Last update: 2019-08-26 03:33

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2017-18226: The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "kill -TERM `cat /var/run/jabber/filename.pid`" command.

Please fix it.

Created: 2018-07-01 Last update: 2020-01-21 18:34

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2017-18226: The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "kill -TERM `cat /var/run/jabber/filename.pid`" command.

Please fix it.

Created: 2018-07-01 Last update: 2020-01-21 18:34

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 4.3.0).

Created: 2019-07-08 Last update: 2020-01-21 05:05

news

[rss feed]

[2019-02-03] jabberd2 2.7.0-1 MIGRATED to testing (Debian testing watch)
[2019-01-28] Accepted jabberd2 2.7.0-1 (source amd64) into unstable (Simon Josefsson)
[2018-01-28] jabberd2 2.6.1-3 MIGRATED to testing (Debian testing watch)
[2018-01-22] Accepted jabberd2 2.6.1-3 (source amd64) into unstable (Simon Josefsson)
[2018-01-22] Accepted jabberd2 2.6.1-2 (source amd64) into unstable (Simon Josefsson)
[2017-11-30] jabberd2 REMOVED from testing (Debian testing watch)
[2017-07-14] jabberd2 2.6.1-1 MIGRATED to testing (Debian testing watch)
[2017-07-09] Accepted jabberd2 2.4.0-3+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2017-07-09] Accepted jabberd2 2.6.1-1 (source amd64) into unstable (Simon Josefsson)
[2017-06-20] jabberd2 2.5.0-1 MIGRATED to testing (Debian testing watch)
[2017-03-16] Accepted jabberd2 2.5.0-1 (source amd64) into unstable (Simon Josefsson)
[2017-01-18] jabberd2 2.4.0-3 MIGRATED to testing (Debian testing watch)
[2016-12-27] Accepted jabberd2 2.4.0-3 (source amd64) into unstable (Simon Josefsson)
[2016-11-11] jabberd2 REMOVED from testing (Debian testing watch)
[2016-10-01] jabberd2 2.4.0-2 MIGRATED to testing (Debian testing watch)
[2016-09-25] Accepted jabberd2 2.4.0-2 (source amd64) into unstable (Simon Josefsson)
[2016-07-24] jabberd2 2.4.0-1 MIGRATED to testing (Debian testing watch)
[2016-07-18] Accepted jabberd2 2.4.0-1~bpo8+1 (source amd64) into jessie-backports (Simon Josefsson)
[2016-07-18] Accepted jabberd2 2.4.0-1 (source) into unstable (Simon Josefsson)
[2015-11-11] jabberd2 2.3.4-1 MIGRATED to testing (Britney)
[2015-11-01] Accepted jabberd2 2.3.4-1 (source) into unstable (Simon Josefsson)
[2015-08-06] jabberd2 2.3.3-3 MIGRATED to testing (Britney)
[2015-07-31] Accepted jabberd2 2.3.3-3 (source) into unstable (Simon Josefsson)
[2015-07-29] jabberd2 REMOVED from testing (Britney)
[2015-05-10] jabberd2 2.3.3-2 MIGRATED to testing (Britney)
[2015-04-29] Accepted jabberd2 2.3.3-2 (source amd64) into unstable (Simon Josefsson)
[2015-04-28] jabberd2 2.3.3-1 MIGRATED to testing (Britney)
[2015-04-22] Accepted jabberd2 2.3.3-1 (source amd64) into unstable (Willem van den Akker) (signed by: Simon Josefsson)
[2015-04-22] Accepted jabberd2 2.2.17+dfsg1-2 (source amd64) into unstable (Simon Josefsson)
[2015-04-21] Accepted jabberd2 2.2.17+dfsg1-1 (source amd64) into experimental (Willem van den Akker) (signed by: Simon Josefsson)

bugs [bug history graph]

all: 2
RC: 0
I&N: 1
M&W: 1
F&P: 0
patch: 0

links

homepage
lintian (0, 11)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.7.0-1build2
2 bugs (1 patch)