virtuoso-opensource - Debian Package Tracker

general

source: virtuoso-opensource (main)
version: 7.2.12+dfsg-2
maintainer: Debian Science Maintainers (archive) (DMD)
uploaders: Andreas Tille [DMD] – Will Daniels [DMD]
arch: all any
std-ver: 4.3.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 6.1.6+dfsg2-4
oldstable: 7.2.5.1+dfsg1-0.1
stable: 7.2.5.1+dfsg1-0.3
testing: 7.2.12+dfsg-2
unstable: 7.2.12+dfsg-2

versioned links

6.1.6+dfsg2-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7.2.5.1+dfsg1-0.1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7.2.5.1+dfsg1-0.3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
7.2.12+dfsg-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libvirtodbc0
virtuoso-minimal (1 bugs: 0, 1, 0, 0)
virtuoso-opensource (4 bugs: 0, 2, 2, 0)
virtuoso-opensource-7
virtuoso-opensource-7-bin
virtuoso-opensource-7-common
virtuoso-server (1 bugs: 0, 1, 0, 0)
virtuoso-vad-bpel
virtuoso-vad-conductor
virtuoso-vad-demo
virtuoso-vad-doc
virtuoso-vad-isparql
virtuoso-vad-rdfmappers
virtuoso-vad-sparqldemo
virtuoso-vad-syncml
virtuoso-vad-tutorial
virtuoso-vsp-startpage (1 bugs: 0, 1, 0, 0)

action needed

A new upstream version is available: 7.2.15 high

A new upstream version 7.2.15 is available, you should consider packaging it.

Created: 2024-06-12 Last update: 2025-05-25 05:01

lintian reports 1 error high

Lintian reports 1 error about this package. You should make the package lintian clean getting rid of them.

Created: 2025-04-10 Last update: 2025-04-10 00:32

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2024-09-05 Last update: 2025-05-25 10:33

3 bugs tagged patch in the BTS normal

The BTS contains patches fixing 3 bugs, consider including or untagging them.

Created: 2025-01-06 Last update: 2025-05-25 10:31

Depends on packages which need a new maintainer normal

The packages that virtuoso-opensource depends on which need a new maintainer are:

docbook-xml (#802368)
- Build-Depends: docbook-xml

Created: 2019-11-22 Last update: 2025-05-25 08:31

63 low-priority security issues in bookworm low

There are 63 open security issues in bookworm.

30 issues left for the package maintainer to handle:

CVE-2024-57635: (needs triaging) An issue in the chash_array component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57636: (needs triaging) An issue in the itc_sample_row_check component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57637: (needs triaging) An issue in the dfe_unit_gb_dependant component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57638: (needs triaging) An issue in the dfe_body_copy component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57639: (needs triaging) An issue in the dc_elt_size component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57640: (needs triaging) An issue in the dc_add_int component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57641: (needs triaging) An issue in the sqlexp component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57642: (needs triaging) An issue in the dfe_inx_op_col_def_table component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57643: (needs triaging) An issue in the box_deserialize_string component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57644: (needs triaging) An issue in the itc_hash_compare component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57645: (needs triaging) An issue in the qi_inst_state_free component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57646: (needs triaging) An issue in the psiginfo component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57647: (needs triaging) An issue in the row_insert_cast component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57648: (needs triaging) An issue in the itc_set_param_row component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57649: (needs triaging) An issue in the qst_vec_set component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57650: (needs triaging) An issue in the qi_inst_state_free component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57651: (needs triaging) An issue in the jp_add component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57652: (needs triaging) An issue in the numeric_to_dv component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57653: (needs triaging) An issue in the qst_vec_set_copy component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57654: (needs triaging) An issue in the qst_vec_get_int64 component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57655: (needs triaging) An issue in the dfe_n_in_order component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57656: (needs triaging) An issue in the sqlc_add_distinct_node component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57657: (needs triaging) An issue in the sqlg_vec_upd component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57658: (needs triaging) An issue in the sql_tree_hash_1 component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57659: (needs triaging) An issue in the sqlg_parallel_ts_seq component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57660: (needs triaging) An issue in the sqlo_expand_jts component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57661: (needs triaging) An issue in the sqlo_df component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57662: (needs triaging) An issue in the sqlg_hash_source component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57663: (needs triaging) An issue in the sqlg_place_dpipes component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2024-57664: (needs triaging) An issue in the sqlg_group_node component of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

You can find information about how to handle these issues in the security team's documentation.

33 ignored issues:

CVE-2023-31607: An issue in the __libc_malloc component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31608: An issue in the artm_div_int component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31609: An issue in the dfe_unit_col_loci component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31610: An issue in the _IO_default_xsputn component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31611: An issue in the __libc_longjmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31612: An issue in the dfe_qexp_list component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31613: An issue in the __nss_database_lookup component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31614: An issue in the mp_box_deserialize_string function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVE-2023-31615: An issue in the chash_array component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31616: An issue in the bif_mod component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31617: An issue in the dk_set_delete component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31618: An issue in the sqlc_union_dt_wrap component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31619: An issue in the sch_name_to_object component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31620: An issue in the dv_compare component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31621: An issue in the kc_var_col component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31622: An issue in the sqlc_make_policy_trig component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31623: An issue in the mp_box_copy component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31624: An issue in the sinv_check_exp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31625: An issue in the psiginfo component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31626: An issue in the gpf_notice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31627: An issue in the strhash component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31628: An issue in the stricmp component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31629: An issue in the sqlo_union_scope component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31630: An issue in the sqlo_query_spec component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-31631: An issue in the sqlo_preds_contradiction component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-48945: A stack overflow in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.
CVE-2023-48946: An issue in the box_mpy function of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVE-2023-48947: An issue in the cha_cmp function of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVE-2023-48948: An issue in the box_div function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVE-2023-48949: An issue in the box_add function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVE-2023-48950: An issue in the box_col_len function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVE-2023-48951: An issue in the box_equal function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVE-2023-48952: An issue in the box_deserialize_reusing function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.

Created: 2023-06-10 Last update: 2025-04-10 04:00

debian/patches: 9 patches to forward upstream low

Among the 18 debian patches available in version 7.2.12+dfsg-2 of the package, we noticed the following issues:

9 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2025-04-05 10:30

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2022-05-14 Last update: 2024-03-15 00:33

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.2 instead of 4.3.0).

Created: 2016-02-28 Last update: 2025-04-05 01:26

news

[rss feed]

[2025-04-10] virtuoso-opensource 7.2.12+dfsg-2 MIGRATED to testing (Debian testing watch)
[2025-04-04] Accepted virtuoso-opensource 7.2.12+dfsg-2 (source) into unstable (Bastian Germann) (signed by: bage@debian.org)
[2024-09-05] virtuoso-opensource 7.2.12+dfsg-1 MIGRATED to testing (Debian testing watch)
[2024-08-30] Accepted virtuoso-opensource 7.2.12+dfsg-1 (source) into unstable (Bastian Germann) (signed by: bage@debian.org)
[2024-08-10] virtuoso-opensource REMOVED from testing (Debian testing watch)
[2024-05-08] virtuoso-opensource 7.2.12+dfsg-0.2 MIGRATED to testing (Debian testing watch)
[2024-05-03] Accepted virtuoso-opensource 7.2.12+dfsg-0.2 (source) into unstable (Andreas Beckmann)
[2024-03-22] Accepted virtuoso-opensource 7.2.12+dfsg-0.1 (source) into experimental (Andreas Beckmann)
[2024-03-14] Accepted virtuoso-opensource 7.2.5.1+dfsg1-0.8 (source) into unstable (Andreas Beckmann)
[2024-03-06] Accepted virtuoso-opensource 7.2.5.1+dfsg1-0.7 (source) into unstable (Andreas Beckmann)
[2024-02-23] Accepted virtuoso-opensource 7.2.5.1+dfsg1-0.6 (source) into unstable (Andreas Beckmann)
[2023-11-21] Accepted virtuoso-opensource 7.2.5.1+dfsg1-0.5 (source) into unstable (Andreas Beckmann)
[2023-11-13] Accepted virtuoso-opensource 7.2.5.1+dfsg1-0.4 (source) into unstable (Andreas Beckmann)
[2023-06-27] virtuoso-opensource REMOVED from testing (Debian testing watch)
[2023-02-19] virtuoso-opensource 7.2.5.1+dfsg1-0.3 MIGRATED to testing (Debian testing watch)
[2023-02-08] Accepted virtuoso-opensource 7.2.5.1+dfsg1-0.3 (source) into unstable (Andreas Beckmann)
[2021-10-26] virtuoso-opensource 7.2.5.1+dfsg1-0.2 MIGRATED to testing (Debian testing watch)
[2021-10-20] Accepted virtuoso-opensource 7.2.5.1+dfsg1-0.2 (source) into unstable (Andreas Beckmann)
[2021-10-01] virtuoso-opensource REMOVED from testing (Debian testing watch)
[2021-08-02] virtuoso-opensource 7.2.5.1+dfsg1-0.1 MIGRATED to testing (Debian testing watch)
[2021-07-27] Accepted virtuoso-opensource 7.2.5.1+dfsg1-0.1 (source) into unstable (Andreas Beckmann)
[2021-06-29] Accepted virtuoso-opensource 7.2.5.1+dfsg-3.2 (source) into unstable (Andreas Beckmann)
[2021-05-23] Accepted virtuoso-opensource 7.2.5.1+dfsg-3.1 (source) into unstable (Adrian Bunk)
[2021-02-19] virtuoso-opensource 7.2.5.1+dfsg-3 MIGRATED to testing (Debian testing watch)
[2021-02-08] Accepted virtuoso-opensource 7.2.5.1+dfsg-3 (source) into unstable (Jelmer Vernooĳ) (signed by: Jelmer Vernooij)
[2019-02-13] Accepted virtuoso-opensource 7.2.5.1+dfsg-2 (source) into experimental (Andreas Tille)
[2018-08-27] Accepted virtuoso-opensource 7.2.5.1+dfsg-1 (source amd64 all) into experimental, experimental (Andreas Tille)
[2017-01-16] virtuoso-opensource 6.1.6+dfsg2-4 MIGRATED to testing (Debian testing watch)
[2017-01-10] Accepted virtuoso-opensource 6.1.6+dfsg2-4 (source) into unstable (Mattia Rizzolo)
[2016-03-04] virtuoso-opensource 6.1.6+dfsg2-3 MIGRATED to testing (Debian testing watch)

bugs [bug history graph]

all: 14
RC: 0
I&N: 11
M&W: 3
F&P: 0
patch: 3

links

homepage
lintian (1, 0)
buildd: logs, checks, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (93, -)
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 7.2.12+dfsg-2
21 bugs