[Bug 2019532] Re: Sync docker-registry 2.8.2+ds1-1 (universe) from Debian unstable (main)

[Benjamin Drung]

This bug was fixed in the package docker-registry - 2.8.2+ds1-1
Sponsored for Shengjing Zhu (zhsj)

---------------
docker-registry (2.8.2+ds1-1) unstable; urgency=medium

  * Team upload
  * New upstream version 2.8.2+ds1
    + CVE-2023-2253: Catalog API endpoint can lead to OOM via malicious user
      input (Closes: #1035956)
  * Drop patch merged by upstream
    + 0009-Fix-panic-in-inmemory-driver.patch

 -- Shengjing Zhu <zhsj at debian.org>  Sat, 13 May 2023 23:21:12 +0800

** Changed in: docker-registry (Ubuntu)
       Status: New => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-2253

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2019532

Title:
  Sync docker-registry 2.8.2+ds1-1 (universe) from Debian unstable
  (main)

Status in docker-registry package in Ubuntu:
  Fix Released

Bug description:
  Please sync docker-registry 2.8.2+ds1-1 (universe) from Debian
  unstable (main)

  2.8.1+ds1-2ubuntu1 is no change rebuild. There is no delta with
  Debian.

  Changelog entries since current mantic version 2.8.1+ds1-2ubuntu1:

  docker-registry (2.8.2+ds1-1) unstable; urgency=medium

    * Team upload
    * New upstream version 2.8.2+ds1
      + CVE-2023-2253: Catalog API endpoint can lead to OOM via malicious user
        input (Closes: #1035956)
    * Drop patch merged by upstream
      + 0009-Fix-panic-in-inmemory-driver.patch

   -- Shengjing Zhu <zhsj at debian.org>  Sat, 13 May 2023 23:21:12 +0800

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/docker-registry/+bug/2019532/+subscriptions