Accepted docker-registry 2.6.2~ds1-2+deb10u1 (source) into oldoldstable
- To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
- Subject: Accepted docker-registry 2.6.2~ds1-2+deb10u1 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 28 Jun 2023 22:00:21 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: docker-registry_2.6.2~ds1-2+deb10u1_source.changes
- Debian-source: docker-registry
- Debian-suite: oldoldstable
- Debian-version: 2.6.2~ds1-2+deb10u1
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=azhiqOGC3mEprzophOa8+C/13UWqWwmNUG9y5aQGA2g=; b=JnR0JMUbhnOOyucoY2UsrP/sv9 3cEOWEojdJg3X45YtCzR7X5ycnBq3Lq8u3ZLNY1yifg1FVOMBWpvcvHyrkq2+M49z7B6mQNxWt80y +v2J/1MWAmgN+XJz1MaaLcalmsFHlwE89RzC+VBKmJm3CFK9693qYXTFg6FcJCku9w8ltOqHEIrZU 41mJc0WPaX6GSBBpSzGRYwFMlxTH9WxA70zLdgcsOL2t0isMAciZIEztw2NTWzNLLAaZ+Uy6kolEZ HIsg70/n5/m4ac7fwy57v/3B0OqFg2k7aZ3xBqJLTVKt/UmTE/rT2mzxpMH/xGk5KrEGtXEb36dCF DyFPyOOA==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1qEdD3-004M94-J8@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 07 Jun 2023 19:44:21 +0000
Source: docker-registry
Architecture: source
Version: 2.6.2~ds1-2+deb10u1
Distribution: buster-security
Urgency: medium
Maintainer: pkg-go <pkg-go-maintainers@lists.alioth.debian.org>
Changed-By: Bastien Roucariès <rouca@debian.org>
Closes: 1035956
Changes:
docker-registry (2.6.2~ds1-2+deb10u1) buster-security; urgency=medium
.
* Non-maintainer upload by the LTS Security Team.
* CVE-2023-2253: A malicious user can submit an unreasonably
large value for `n` in '/v2/_catalog' causing the allocation
of a massive string array, possibly causing a denial of
service through excessive use of memory (Closes: #1035956)
Checksums-Sha1:
2685bb0e042c7b51bd3b1d2f6697ab9b7f66a69f 3097 docker-registry_2.6.2~ds1-2+deb10u1.dsc
91b089dce68831ebf437b9cfe112570059fd6844 790081 docker-registry_2.6.2~ds1.orig.tar.gz
d24b6687a2ac4a066ba305f0cea7d612f3c95ab4 14008 docker-registry_2.6.2~ds1-2+deb10u1.debian.tar.xz
b227c6cac04a8ee1e8368615896ea98cd38f9bb9 14003 docker-registry_2.6.2~ds1-2+deb10u1_amd64.buildinfo
Checksums-Sha256:
8b7390f8ab3244244cd22c8eee80fe4defbca5b0545b72a4bec48faa1103964b 3097 docker-registry_2.6.2~ds1-2+deb10u1.dsc
b537385de23b2415e771cb7cce05e2cdd4a156f4c55e89f89517ffac97d4c290 790081 docker-registry_2.6.2~ds1.orig.tar.gz
06738040d53987d60bb68fec388f8d48b8896d5031d1e1744aea6a092627dc6a 14008 docker-registry_2.6.2~ds1-2+deb10u1.debian.tar.xz
c3d5b95b1513385e541654d44db908427eb9d56f7d144fedf3297a0ce9cf3c37 14003 docker-registry_2.6.2~ds1-2+deb10u1_amd64.buildinfo
Files:
2d97076cf27adaa3b14c850017328fb2 3097 utils optional docker-registry_2.6.2~ds1-2+deb10u1.dsc
5c66820011fd960db828d51ae1461e97 790081 utils optional docker-registry_2.6.2~ds1.orig.tar.gz
623ca2eef912cb0fbe4916b5eeae2276 14008 utils optional docker-registry_2.6.2~ds1-2+deb10u1.debian.tar.xz
156d922ebbc7d3fff2b40e529fa6b4ea 14003 utils optional docker-registry_2.6.2~ds1-2+deb10u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmScqMwRHHJvdWNhQGRl
Ymlhbi5vcmcACgkQADoaLapBCF/UZhAAlEeWP1nmr9a2BibAwXQlK22sLPo8jJRG
G6q6smJ8wIqElxupT0j9LigHfo/DgoV48Hm9jonTAv0XcWD9LDD7TFJSogjZyhcT
NDe/qcbNaKYwQvf5SmwOPdL283bQv+OVjOaxZKWsW3aqKsWMVU5WxKRVsFi/m2tf
BoWabWx4r6EC5f1DhmQFg2s3WoimF62/BFo9THTtDq80xPPojDkbqzq9mFgRyso7
yGicSNZN3Tpr0ShPA3Q3ewkVINf+hEVg6GnIQTGpC6h89gLmq6fr1uC+jYMO44Wh
dSAXEhiJEPV8wwjvNZ8JzQQI0jApPHAWYK0SX0Ll7Ok/jKHj8VYotmWEf9NjwtMK
WUxdD8aivC02FsfP6JVclfNwP/7aLl75egS8cjA9pgolB12dJQkK9O2MNbPWy6V6
Uta61mhYMMXtaQQZnFDW0sXygocMAPcKxDoHvIObYnPs6/q7XyvoS0Rp33mXkem7
todq+l1aTNgv4rnc+lUJ2RfZupAlA/zWGnZ+1mN738fP+4EmEYFpRMKGVudwkrcU
LQ6MhFnBNMapiln5GOKl946KxZzdt5sKrcBbnI50C/1Y4C7mBf+z2qvOHLG6MCGw
NmEobLEJ4NSv2Lcq8KwVStfoltJ5bgqqR2hxQg0KmfnDV8//RLLHPq1MDxsG6HEl
t94hEojWYHk=
=9PFg
-----END PGP SIGNATURE-----