[Bug 2095010] Re: Sync atftp 0.8.0-6 (universe) from Debian unstable (main)

Simon Quigley 2095010 at bugs.launchpad.net
Wed Jan 15 16:33:27 UTC 2025 

Thank you for your help! It's very much appreciated.

** Changed in: atftp (Ubuntu)
       Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Sponsors, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2095010

Title:
  Sync atftp 0.8.0-6 (universe) from Debian unstable (main)

Status in atftp package in Ubuntu:
  Fix Released

Bug description:
  Please sync atftp 0.8.0-6 (universe) from Debian unstable (main)

  Explanation of the Ubuntu delta and why it can be dropped:
    * No-change rebuild for CVE-2024-3094
    * No-change rebuild for CVE-2024-3094
    * No-change rebuild for CVE-2024-3094
    * No-change rebuild for readline time64 change.
    * Disable -flto flag in debian/rules file to fix LP: #1989816, LP: #1995854

  An alternative fix for #1989816 was added to the Debian
  package. Instead of disabling LTO I switched the broken Strncpy call
  to memcpy which deals with the fortification issue.

  Additionally this sync should fix #2065463.

  Changelog entries since current plucky version 0.8.0-3ubuntu3:

  atftp (0.8.0-6) unstable; urgency=medium

    * Update catalan translation (closes: #1091703). Thanks to
      Carles Pina i Estany <carles at pina.cat>.
    * Apply patch to fix fortify abort when LTO is enabled
      (closes: #1092552). Thanks to James Cowgill <jcowgill at debian.org>.

   -- Andreas B. Mundt <andi at debian.org>  Sat, 11 Jan 2025 20:03:30
  +0100

  atftp (0.8.0-5) unstable; urgency=medium

    * Fix uninitialized buffer data (closes: #1073806).  Thanks to
      Aurelien Jarno <aurel32 at debian.org> for the patch.

   -- Andreas B. Mundt <andi at debian.org>  Fri, 21 Jun 2024 18:19:57
  +0200

  atftp (0.8.0-4) unstable; urgency=medium

    * Bump Standards-Version to 4.7.0 (no changes needed).
    * Update Swedish debconf translations (closes: #1055745). Thanks
      to Martin Bagge <brother at persilja.net> and Anders Jonsson
      <anders.jonsson at norsjovallen.se>.
    * Listen on IPv6, even if not socket activated (closes: #1070683).
      Thanks to Kasparek Tomas <kasparek at fit.vutbr.cz>.

   -- Andreas B. Mundt <andi at debian.org>  Wed, 29 May 2024 14:52:44
  +0200

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/atftp/+bug/2095010/+subscriptions

More information about the Ubuntu-sponsors mailing list