sympa - Debian Package Tracker

general

source: sympa (main)
version: 6.2.70~dfsg-1
maintainer: Debian Sympa team (DMD)
uploaders: Emmanuel Bouthenot [DMD] – Stefan Hornburg (Racke) [DMD]
arch: any
std-ver: 4.6.1.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 6.2.16~dfsg-3+deb9u2
o-o-sec: 6.2.16~dfsg-3+deb9u5
oldstable: 6.2.40~dfsg-1+deb10u1
old-sec: 6.2.40~dfsg-1+deb10u1
stable: 6.2.60~dfsg-4
testing: 6.2.70~dfsg-1
unstable: 6.2.70~dfsg-1

versioned links

6.2.16~dfsg-3+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.2.16~dfsg-3+deb9u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.2.40~dfsg-1+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.2.60~dfsg-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
6.2.70~dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

sympa (26 bugs: 0, 14, 12, 0)

action needed

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2020-26880: Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable.

Created: 2022-07-04 Last update: 2022-11-21 06:43

1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:

CVE-2020-26880: Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable.

Created: 2022-07-04 Last update: 2022-11-21 06:43

2 bugs tagged patch in the BTS normal

The BTS contains patches fixing 2 bugs, consider including or untagging them.

Created: 2022-07-27 Last update: 2022-11-26 14:33

15 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 82a84d1a9e52808926a1bdc035f47291369dc947
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Sun Nov 13 09:16:51 2022 +0000

    Update changelog

commit 4f2e8652ad9a96039af035fb6036ecf8b87a5f7e
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Sun Nov 13 09:14:40 2022 +0000

    Remove the 'use_fast_cgi' handling in postinst (parameter no longer used since version 6.2.25)

commit cc4f944d1eb22fed9fcf4f8d49dad61b873005b2
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Sun Nov 13 09:13:10 2022 +0000

    Add brackets around variables in maintainer scripts

commit ceae2190cad0b108ab68e5855f779f4bafb05d43
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Sun Nov 13 09:05:57 2022 +0000

    Add a patch to fix 'sympa config' command return code to be 0 when there are no changes

commit 6d6fe483395b40b7979b5165fa743b7b0d3b7ae1
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Sun Nov 13 07:11:13 2022 +0000

    Remove the 'cookie' handling in postinst (cookie parameter is no longer used since version 6.2.62)

commit c5d2f7354d6bea6a7cc7c7a18e6f86a12b46d13b
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Sat Nov 12 21:22:56 2022 +0000

    Update debian/postinst to use sympa commands instead of custom routines

commit 88ccea71c64e629bb5a4ff9812dfa826463a463a
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Sat Nov 12 21:11:57 2022 +0000

    Add a patch to fix SQLite schema upgrade (#1022943)

commit 2f40f1e54b1978ae84d7799429b9e2986fa2ca53
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Sat Nov 12 21:06:34 2022 +0000

    Refresh manpages typos patches (again)

commit 1861b0f65d95eef7fd7022027103a2bba8ee0206
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Sat Nov 12 06:23:02 2022 +0000

    Update changelog

commit 9de7f4ca774052e710b5dcc18f890ea47d80889c
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Sat Nov 12 06:21:15 2022 +0000

    sympa_wizard is now replaced by 'sympa config' command (packaging updated accordingly)

commit d71d2800204517f7b582e4e78aa55d08fc4a93b8
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Sat Nov 12 06:10:14 2022 +0000

    Remove mhonarc patch (no longer needed)

commit 34ac982df729c8b3999b54b15ccc27bc6b806da7
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Sat Nov 12 06:09:10 2022 +0000

    Refresh manpages typos patches

commit 6ff863f210dd5708a8916d6972bb51695bb4fd4d
Merge: 9a715ff0 38420850
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Fri Nov 11 18:22:08 2022 +0100

    Update upstream source from tag 'upstream/6.2.70'
    
    Update to upstream version '6.2.70'
    with Debian dir 5d1d2dada1c816ac74c0c04064c7e3b7ff7bb6c6

commit 3842085052ef2d6894c4dd9d353a80392637eff8
Author: Emmanuel Bouthenot <kolter@openics.org>
Date:   Fri Nov 11 18:22:08 2022 +0100

    New upstream version 6.2.70

Created: 2022-11-12 Last update: 2022-11-23 01:10

lintian reports 2 warnings normal

Lintian reports 2 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2022-11-16 Last update: 2022-11-16 05:10

1 low-priority security issue in bullseye low

There is 1 open security issue in bullseye.

1 issue left for the package maintainer to handle:

CVE-2020-26880: (postponed; to be fixed through a stable update) Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable.

You can find information about how to handle this issue in the security team's documentation.

Created: 2022-07-04 Last update: 2022-11-21 06:43

news

[rss feed]

[2022-11-21] sympa 6.2.70~dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-11-15] Accepted sympa 6.2.70~dfsg-1 (source) into unstable (Emmanuel Bouthenot)
[2022-11-15] sympa 6.2.68~dfsg-1 MIGRATED to testing (Debian testing watch)
[2022-11-09] Accepted sympa 6.2.68~dfsg-1 (source) into unstable (Emmanuel Bouthenot)
[2021-12-17] sympa 6.2.66~dfsg-2 MIGRATED to testing (Debian testing watch)
[2021-12-11] Accepted sympa 6.2.66~dfsg-2 (source amd64) into unstable (Stefan Hornburg (Racke)) (signed by: Stefan Hornburg)
[2021-12-07] Accepted sympa 6.2.66~dfsg-1 (source amd64) into unstable (Stefan Hornburg (Racke)) (signed by: Stefan Hornburg)
[2021-02-18] sympa 6.2.60~dfsg-4 MIGRATED to testing (Debian testing watch)
[2021-02-07] Accepted sympa 6.2.60~dfsg-4 (source) into unstable (Stefan Hornburg (Racke)) (signed by: Stefan Hornburg)
[2021-02-03] sympa 6.2.60~dfsg-3 MIGRATED to testing (Debian testing watch)
[2021-01-31] Accepted sympa 6.2.60~dfsg-3 (source) into unstable (Stefan Hornburg (Racke)) (signed by: Stefan Hornburg)
[2021-01-25] sympa 6.2.60~dfsg-2 MIGRATED to testing (Debian testing watch)
[2021-01-20] Accepted sympa 6.2.60~dfsg-2 (source) into unstable (Stefan Hornburg (Racke)) (signed by: Stefan Hornburg)
[2021-01-10] sympa 6.2.60~dfsg-1 MIGRATED to testing (Debian testing watch)
[2021-01-05] Accepted sympa 6.2.60~dfsg-1 (source) into unstable (Stefan Hornburg (Racke)) (signed by: Stefan Hornburg)
[2021-01-05] sympa 6.2.58~dfsg-6 MIGRATED to testing (Debian testing watch)
[2020-12-30] Accepted sympa 6.2.58~dfsg-6 (source) into unstable (Stefan Hornburg (Racke)) (signed by: Stefan Hornburg)
[2020-12-30] Accepted sympa 6.2.58~dfsg-5 (source) into experimental (Stefan Hornburg (Racke)) (signed by: Stefan Hornburg)
[2020-12-29] Accepted sympa 6.2.58~dfsg-4 (source) into experimental (Stefan Hornburg (Racke)) (signed by: Stefan Hornburg)
[2020-12-28] Accepted sympa 6.2.40~dfsg-1+deb10u1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Sylvain Beucler)
[2020-12-23] Accepted sympa 6.2.40~dfsg-1+deb10u1 (source) into stable->embargoed, stable (Debian FTP Masters) (signed by: Sylvain Beucler)
[2020-12-17] Accepted sympa 6.2.16~dfsg-3+deb9u5 (source) into oldstable (Sylvain Beucler)
[2020-12-13] Accepted sympa 6.2.58~dfsg-3 (source) into unstable (Stefan Hornburg (Racke)) (signed by: Stefan Hornburg)
[2020-11-28] Accepted sympa 6.2.58~dfsg-2 (source) into unstable (Stefan Hornburg (Racke)) (signed by: Stefan Hornburg)
[2020-11-09] Accepted sympa 6.2.16~dfsg-3+deb9u4 (source) into oldstable (Sylvain Beucler)
[2020-10-25] Accepted sympa 6.2.58~dfsg-1 (source) into unstable (Stefan Hornburg (Racke)) (signed by: Stefan Hornburg)
[2020-10-15] sympa 6.2.40~dfsg-7 MIGRATED to testing (Debian testing watch)
[2020-10-10] Accepted sympa 6.2.40~dfsg-7 (source) into unstable (Stefan Hornburg (Racke)) (signed by: Stefan Hornburg)
[2020-10-07] Accepted sympa 6.2.16~dfsg-3+deb9u3 (source) into oldstable (Sylvain Beucler)
[2020-10-07] sympa 6.2.40~dfsg-6 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 27
RC: 0
I&N: 15
M&W: 12
F&P: 0
patch: 2

links

homepage
lintian (0, 2)
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (89, 41)

ubuntu

[Information about Ubuntu for Debian Developers]

version: 6.2.66~dfsg-2
30 bugs (2 patches)