jabberd2 - Debian Package Tracker

general

source: jabberd2 (main)
version: 2.7.0-8
maintainer: Debian XMPP Maintainers (archive) (DMD)
uploaders: Simon Josefsson [DMD]
arch: any
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.7.0-1
oldstable: 2.7.0-2
stable: 2.7.0-4
testing: 2.7.0-8
unstable: 2.7.0-8

versioned links

2.7.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.0-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.7.0-8: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

jabberd2 (3 bugs: 0, 2, 1, 0)

action needed

1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:

CVE-2017-18226: The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "kill -TERM `cat /var/run/jabber/filename.pid`" command.

Created: 2023-06-11 Last update: 2025-03-27 05:00

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2017-18226: The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "kill -TERM `cat /var/run/jabber/filename.pid`" command.

Created: 2022-07-04 Last update: 2025-03-27 05:00

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2025-01-06 Last update: 2025-04-19 18:30

Depends on packages which need a new maintainer normal

The packages that jabberd2 depends on which need a new maintainer are:

db5.3 (#1055356)
- Depends: libdb5.3t64
db-defaults (#1055344)
- Build-Depends: libdb-dev

Created: 2023-11-04 Last update: 2025-04-19 18:01

5 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit eb5b63e1549d5e3f56d9c58b901a2fdf129bcabf
Author: Simon Josefsson <simon@josefsson.org>
Date:   Sat Mar 22 00:20:41 2025 +0100

    Update changelog for 2.7.0-8 release

commit 4f1f24459459d98035612d36a3b831b8ebb57054
Author: Simon Josefsson <simon@josefsson.org>
Date:   Sat Mar 22 00:03:17 2025 +0100

    Run modern wrap-and-sort -satbk.

commit 31175a26f016500ce48946593903fabeaef6d4e0
Author: Simon Josefsson <simon@josefsson.org>
Date:   Fri Mar 21 23:22:13 2025 +0100

    Simplify user creation.  Closes: #1100030.

commit 43e4e09cd6762f38f778d4d6a822ae496b8d2a74
Author: Simon Josefsson <simon@josefsson.org>
Date:   Fri Mar 21 20:43:47 2025 +0100

    Standards-Version: 4.7.2.

commit 56d6d2ec4cbf3acc669bda7c813669198aceebd1
Author: Janitor <jelmer+janitor@jelmer.uk>
Date:   Fri Mar 21 22:19:20 2025 +0000

    Remove unnecessary constraints

Created: 2025-03-21 Last update: 2025-04-11 23:00

lintian reports 48 warnings normal

Lintian reports 48 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2025-03-22 Last update: 2025-04-10 09:30

debian/patches: 10 patches to forward upstream low

Among the 10 debian patches available in version 2.7.0-8 of the package, we noticed the following issues:

10 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2025-03-22 08:31

No known security issue in bookworm wishlist

There is 1 open security issue in bookworm.

1 ignored issue:

CVE-2017-18226: The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "kill -TERM `cat /var/run/jabber/filename.pid`" command.

Created: 2023-06-10 Last update: 2025-03-27 05:00

news

[rss feed]

[2025-03-27] jabberd2 2.7.0-8 MIGRATED to testing (Debian testing watch)
[2025-03-22] Accepted jabberd2 2.7.0-8 (source) into unstable (Simon Josefsson)
[2024-06-24] jabberd2 2.7.0-7 MIGRATED to testing (Debian testing watch)
[2024-06-18] Accepted jabberd2 2.7.0-7 (source) into unstable (Simon Josefsson)
[2024-05-18] Accepted jabberd2 2.7.0-6 (source) into experimental (Simon Josefsson)
[2024-05-03] jabberd2 2.7.0-5 MIGRATED to testing (Debian testing watch)
[2024-04-27] jabberd2 REMOVED from testing (Debian testing watch)
[2024-04-27] jabberd2 REMOVED from testing (Debian testing watch)
[2024-04-11] Accepted jabberd2 2.7.0-5 (source) into unstable (Simon Josefsson)
[2023-09-11] jabberd2 2.7.0-4.1 MIGRATED to testing (Debian testing watch)
[2023-09-05] Accepted jabberd2 2.7.0-4.1 (source) into unstable (Gianfranco Costamagna)
[2023-08-29] jabberd2 REMOVED from testing (Debian testing watch)
[2022-06-11] jabberd2 2.7.0-4 MIGRATED to testing (Debian testing watch)
[2022-06-06] Accepted jabberd2 2.7.0-4 (source) into unstable (Simon Josefsson)
[2021-08-11] Accepted jabberd2 2.7.0-3 (source) into experimental (Simon Josefsson)
[2020-11-07] jabberd2 2.7.0-2 MIGRATED to testing (Debian testing watch)
[2020-11-01] Accepted jabberd2 2.7.0-2 (source) into unstable (Simon Josefsson)
[2019-02-03] jabberd2 2.7.0-1 MIGRATED to testing (Debian testing watch)
[2019-01-28] Accepted jabberd2 2.7.0-1 (source amd64) into unstable (Simon Josefsson)
[2018-01-28] jabberd2 2.6.1-3 MIGRATED to testing (Debian testing watch)
[2018-01-22] Accepted jabberd2 2.6.1-3 (source amd64) into unstable (Simon Josefsson)
[2018-01-22] Accepted jabberd2 2.6.1-2 (source amd64) into unstable (Simon Josefsson)
[2017-11-30] jabberd2 REMOVED from testing (Debian testing watch)
[2017-07-14] jabberd2 2.6.1-1 MIGRATED to testing (Debian testing watch)
[2017-07-09] Accepted jabberd2 2.4.0-3+deb9u1 (source) into proposed-updates->stable-new, proposed-updates (Salvatore Bonaccorso)
[2017-07-09] Accepted jabberd2 2.6.1-1 (source amd64) into unstable (Simon Josefsson)
[2017-06-20] jabberd2 2.5.0-1 MIGRATED to testing (Debian testing watch)
[2017-03-16] Accepted jabberd2 2.5.0-1 (source amd64) into unstable (Simon Josefsson)
[2017-01-18] jabberd2 2.4.0-3 MIGRATED to testing (Debian testing watch)
[2016-12-27] Accepted jabberd2 2.4.0-3 (source amd64) into unstable (Simon Josefsson)

bugs [bug history graph]

all: 3
RC: 0
I&N: 2
M&W: 1
F&P: 0
patch: 1

links

homepage
lintian (0, 48)
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.7.0-8ubuntu2
2 bugs (1 patch)
patches for 2.7.0-8ubuntu2