Debian Package Tracker

general

source: m2crypto (main)
version: 0.37.1-1
maintainer: Sandro Tosi (DMD)
uploaders: Debian Python Team [DMD]
arch: all any
std-ver: 4.5.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.21.1-3
oldstable: 0.24.0-1.1
stable: 0.31.0-4
stable-bpo: 0.31.0-6~bpo10+1
testing: 0.36.0-1
unstable: 0.37.1-1

versioned links

0.21.1-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.24.0-1.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.31.0-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.31.0-6~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.36.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.37.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

python-m2crypto-doc
python3-m2crypto

action needed

Debci reports failed tests high

unstable: pass (log)
The tests ran in 0:01:49
Last run: 2020-08-14 07:26:26 UTC
Previous status: pass

testing: fail (log)
The tests ran in 0:01:55
Last run: 2021-01-21 00:04:26 UTC
Previous status: fail

Created: 2021-01-06 Last update: 2021-01-27 08:05

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2020-25657: A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.

Please fix it.

Created: 2020-11-14 Last update: 2021-01-14 06:30

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2021-01-25 Last update: 2021-01-27 08:36

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 2-day delay is over. Check why.

Created: 2021-01-17 Last update: 2021-01-27 08:03

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2021-01-27 Last update: 2021-01-27 03:03

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

python-m2crypto-doc could be marked Multi-Arch: foreign

Created: 2018-05-07 Last update: 2021-01-27 06:37

1 ignored security issue in stretch low

There is 1 open security issue in stretch.

1 issue skipped by the security teams:

CVE-2020-25657: A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.

Please fix it.

Created: 2020-11-14 Last update: 2021-01-14 06:30

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2020-25657: A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.

Please fix it.

Created: 2020-11-14 Last update: 2021-01-14 06:30

1 ignored security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue skipped by the security teams:

CVE-2020-25657: A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. The highest threat from this vulnerability is to confidentiality.

Please fix it.

Created: 2020-11-14 Last update: 2021-01-14 06:30

testing migrations

This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
excuses:
- Migration status for m2crypto (0.36.0-1 to 0.37.1-1): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- Updating m2crypto introduces new bugs: #979865
- Additional info:
- Updating m2crypto fixes old bugs: #954402
- Piuparts tested OK - https://piuparts.debian.org/sid/source/m/m2crypto.html
- Required age reduced by 3 days because of autopkgtest
- 15 days old (needed 2 days)
- Not considered

news

[rss feed]

[2021-01-12] Accepted m2crypto 0.37.1-1 (source) into unstable (Sandro Tosi)
[2020-07-18] m2crypto 0.36.0-1 MIGRATED to testing (Debian testing watch)
[2020-07-16] Accepted m2crypto 0.36.0-1 (source) into unstable (Sandro Tosi)
[2020-05-06] Accepted m2crypto 0.35.2-2 (source all amd64) into unstable, unstable (Debian FTP Masters) (signed by: Sandro Tosi)
[2020-04-24] Accepted m2crypto 0.35.2-1 (source) into unstable (Sandro Tosi)
[2020-02-02] m2crypto 0.31.0-9 MIGRATED to testing (Debian testing watch)
[2020-01-31] Accepted m2crypto 0.31.0-9 (source) into unstable (Sandro Tosi)
[2019-11-24] m2crypto 0.31.0-8 MIGRATED to testing (Debian testing watch)
[2019-11-22] Accepted m2crypto 0.31.0-8 (source) into unstable (Sandro Tosi)
[2019-11-20] Accepted m2crypto 0.31.0-7 (source all amd64) into unstable (Daniel Stender)
[2019-10-01] Accepted m2crypto 0.31.0-6~bpo10+1 (source all amd64) into buster-backports, buster-backports (Daniel Stender)
[2019-08-21] m2crypto 0.31.0-6 MIGRATED to testing (Debian testing watch)
[2019-08-19] Accepted m2crypto 0.31.0-6 (source) into unstable (Daniel Stender)
[2019-08-12] Accepted m2crypto 0.31.0-5 (all source) into unstable, unstable (Daniel Stender)
[2019-06-16] m2crypto 0.31.0-4 MIGRATED to testing (Debian testing watch)
[2019-06-09] Accepted m2crypto 0.31.0-4 (all source) into unstable (Daniel Stender)
[2019-03-18] m2crypto 0.31.0-3 MIGRATED to testing (Debian testing watch)
[2019-03-11] Accepted m2crypto 0.31.0-3 (source all amd64) into unstable (Daniel Stender)
[2018-12-21] m2crypto 0.31.0-2 MIGRATED to testing (Debian testing watch)
[2018-12-19] Accepted m2crypto 0.31.0-2 (all source) into unstable (Daniel Stender)
[2018-11-13] m2crypto 0.31.0-1 MIGRATED to testing (Debian testing watch)
[2018-11-10] Accepted m2crypto 0.31.0-1 (source all amd64) into unstable (Daniel Stender)
[2018-11-02] Accepted m2crypto 0.30.1+git20181013.1576f1e-1 (source all amd64) into experimental (Daniel Stender)
[2018-05-09] m2crypto 0.27.0-6 MIGRATED to testing (Debian testing watch)
[2018-05-07] Accepted m2crypto 0.27.0-6 (source all amd64) into unstable, unstable (Daniel Stender)
[2018-02-24] m2crypto 0.27.0-5 MIGRATED to testing (Debian testing watch)
[2018-02-18] Accepted m2crypto 0.27.0-5 (source amd64) into unstable (Daniel Stender)
[2017-11-20] m2crypto 0.27.0-4 MIGRATED to testing (Debian testing watch)
[2017-11-14] Accepted m2crypto 0.27.0-4 (source) into unstable (Daniel Stender)
[2017-11-13] Accepted m2crypto 0.27.0-3 (source) into unstable (Daniel Stender)

bugs [bug history graph]

all: 3
RC: 1
I&N: 2
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 1)
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.36.0-1ubuntu2
5 bugs
patches for 0.36.0-1ubuntu2