liferea - Debian Package Tracker

general

source: liferea (main)
version: 1.14.1-1
maintainer: Paul Gevers (DMD) (LowNMU)
arch: all any
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.12~rc3-1
oldstable: 1.12.6-1+deb10u1
stable: 1.13.5-3
testing: 1.14.1-1
unstable: 1.14.1-1

versioned links

1.12~rc3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.12.6-1+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.13.5-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.14.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

liferea (43 bugs: 1, 25, 17, 0)
liferea-data

action needed

Problems while searching for a new upstream version high

uscan had problems while searching for a new upstream version:

In watchfile debian/watch, reading webpage
  https://api.github.com/repos/lwindolf/liferea/releases?per_page=100 failed: 403 rate limit exceeded

Created: 2023-03-17 Last update: 2023-03-20 19:31

1 security issue in buster high

There is 1 open security issue in buster.

1 important issue:

CVE-2023-1350: A vulnerability was found in liferea. It has been rated as critical. Affected by this issue is the function update_job_run of the file src/update.c of the component Feed Enrichment. The manipulation of the argument source with the input |date >/tmp/bad-item-link.txt leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 8d8b5b963fa64c7a2122d1bbfbb0bed46e813e59. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-222848.

Created: 2023-03-12 Last update: 2023-03-15 07:00

lintian reports 1 error and 2 warnings high

Lintian reports 1 error and 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2023-01-16 Last update: 2023-02-05 08:34

2 bugs tagged help in the BTS normal

The BTS contains 2 bugs tagged help, please consider helping the maintainer in dealing with them.

Created: 2019-03-21 Last update: 2023-03-20 22:02

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2022-07-27 Last update: 2023-03-20 22:02

AppStream hints: 7 warnings normal

AppStream found metadata issues for packages:

liferea: 7 warnings

You should get rid of them to provide more metadata about this software.

Created: 2023-01-16 Last update: 2023-01-16 09:01

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2023-1350: (needs triaging) A vulnerability was found in liferea. It has been rated as critical. Affected by this issue is the function update_job_run of the file src/update.c of the component Feed Enrichment. The manipulation of the argument source with the input |date >/tmp/bad-item-link.txt leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 8d8b5b963fa64c7a2122d1bbfbb0bed46e813e59. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-222848.

You can find information about how to handle this issue in the security team's documentation.

Created: 2023-03-12 Last update: 2023-03-15 07:00

debian/patches: 1 patch to forward upstream low

Among the 2 debian patches available in version 1.14.1-1 of the package, we noticed the following issues:

1 patch where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2023-03-13 07:41

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2022-10-20 Last update: 2022-10-20 18:00

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.2 instead of 4.5.0).

Created: 2020-11-17 Last update: 2023-03-13 07:43

news

[rss feed]

[2023-03-15] liferea 1.14.1-1 MIGRATED to testing (Debian testing watch)
[2023-03-12] Accepted liferea 1.14.1-1 (source) into unstable (Paul Gevers)
[2023-01-21] liferea 1.14.0-1 MIGRATED to testing (Debian testing watch)
[2023-01-15] Accepted liferea 1.14.0-1 (source) into unstable (Paul Gevers)
[2023-01-01] liferea 1.14~rc3-1 MIGRATED to testing (Debian testing watch)
[2022-12-26] Accepted liferea 1.14~rc3-1 (source) into unstable (Paul Gevers)
[2022-11-16] liferea 1.14~rc2-2 MIGRATED to testing (Debian testing watch)
[2022-11-10] Accepted liferea 1.14~rc2-2 (source) into unstable (Paul Gevers)
[2022-10-29] Accepted liferea 1.14~rc2-1 (source) into unstable (Paul Gevers)
[2022-10-26] liferea 1.14~rc1-1 MIGRATED to testing (Debian testing watch)
[2022-10-20] Accepted liferea 1.14~rc1-1 (source) into unstable (Paul Gevers)
[2022-08-02] liferea 1.13.9-1 MIGRATED to testing (Debian testing watch)
[2022-07-28] Accepted liferea 1.13.9-1 (source) into unstable (Paul Gevers)
[2022-04-12] liferea 1.13.8-1 MIGRATED to testing (Debian testing watch)
[2022-04-07] Accepted liferea 1.13.8-1 (source) into unstable (Paul Gevers)
[2021-12-23] liferea 1.13.7-2 MIGRATED to testing (Debian testing watch)
[2021-12-18] Accepted liferea 1.13.7-2 (source) into unstable (Paul Gevers)
[2021-12-08] Accepted liferea 1.13.7-1 (source) into unstable (Paul Gevers)
[2021-08-27] liferea 1.13.6-2 MIGRATED to testing (Debian testing watch)
[2021-08-27] liferea 1.13.6-2 MIGRATED to testing (Debian testing watch)
[2021-08-21] Accepted liferea 1.13.6-2 (source) into unstable (Paul Gevers)
[2021-07-17] liferea 1.13.5-3 MIGRATED to testing (Debian testing watch)
[2021-07-11] Accepted liferea 1.13.5-3 (source) into unstable (Paul Gevers)
[2021-06-11] Accepted liferea 1.12.6-1+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Paul Gevers)
[2021-06-10] Accepted liferea 1.13.6-1 (source) into experimental (Paul Gevers)
[2021-05-05] liferea 1.13.5-2 MIGRATED to testing (Debian testing watch)
[2021-04-27] Accepted liferea 1.13.5-2 (source) into unstable (Paul Gevers)
[2021-01-20] liferea 1.13.5-1 MIGRATED to testing (Debian testing watch)
[2021-01-14] Accepted liferea 1.13.5-1 (source) into unstable (Paul Gevers)
[2020-10-16] liferea 1.13.3-1 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 42 43
RC: 1
I&N: 24 25
M&W: 17
F&P: 0
patch: 1
help: 2

links

homepage
lintian (1, 2)
buildd: logs, checks, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (-, 69)
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.14.0-1
66 bugs