[ubuntu/questing-proposed] ledgersmb 1.6.33+ds-2.2ubuntu1 (Accepted)

John Breton john.breton at canonical.com
Thu Jul 17 13:56:15 UTC 2025 

ledgersmb (1.6.33+ds-2.2ubuntu1) questing; urgency=medium

  - debian/patches/CVE-2021-3693-fix.patch: Fix regression of errors not
    creating pop-ups
  * SECURITY UPDATE: Missing secure attribute over HTTPS
    - debian/patches/CVE-2021-3882.patch: Use HTTPS environment setting
      to detect https connections
    - CVE-2021-3882
  * SECURITY UPDATE: Privilege escalation
    - debian/patches/CVE-2024-23831.patch: Fix missing CSRF mitigation
    - CVE-2024-23831

Date: Tue, 08 Jul 2025 15:29:17 -0400
Changed-By: John Breton <john.breton at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/ledgersmb/1.6.33+ds-2.2ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 08 Jul 2025 15:29:17 -0400
Source: ledgersmb
Built-For-Profiles: noudeb
Architecture: source
Version: 1.6.33+ds-2.2ubuntu1
Distribution: questing
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: John Breton <john.breton at canonical.com>
Changes:
 ledgersmb (1.6.33+ds-2.2ubuntu1) questing; urgency=medium
 .
   - debian/patches/CVE-2021-3693-fix.patch: Fix regression of errors not
     creating pop-ups
   * SECURITY UPDATE: Missing secure attribute over HTTPS
     - debian/patches/CVE-2021-3882.patch: Use HTTPS environment setting
       to detect https connections
     - CVE-2021-3882
   * SECURITY UPDATE: Privilege escalation
     - debian/patches/CVE-2024-23831.patch: Fix missing CSRF mitigation
     - CVE-2024-23831
Checksums-Sha1:
 adb25d16e10e5774130526258968b71184312d04 3382 ledgersmb_1.6.33+ds-2.2ubuntu1.dsc
 6728fc32caac86f2b1bf68377da6246847955af9 42448 ledgersmb_1.6.33+ds-2.2ubuntu1.debian.tar.xz
 2af082c11d2b1e05b4d548cab94c02c30114629b 8831 ledgersmb_1.6.33+ds-2.2ubuntu1_source.buildinfo
Checksums-Sha256:
 5fa8a87933c3bcc950eba17422a912e9de9b3b63ac51595c3f1a506a70bd14f9 3382 ledgersmb_1.6.33+ds-2.2ubuntu1.dsc
 4fc3b3ce77101f263fdb6a6cba985c8556b428b7c169387099097948d3b06033 42448 ledgersmb_1.6.33+ds-2.2ubuntu1.debian.tar.xz
 24aaae64f3ab089b438dccc5de7dbb6a307b9ee994355019a299e5bf6d360bfe 8831 ledgersmb_1.6.33+ds-2.2ubuntu1_source.buildinfo
Files:
 c9eace5c48ddbe762f8efc93a64df2bb 3382 web optional ledgersmb_1.6.33+ds-2.2ubuntu1.dsc
 189e3a5cfee5253b8a72f42ea960d165 42448 web optional ledgersmb_1.6.33+ds-2.2ubuntu1.debian.tar.xz
 339ff37efaba554f8b69eba5d69d6be3 8831 web optional ledgersmb_1.6.33+ds-2.2ubuntu1_source.buildinfo
Original-Maintainer: LedgerSMB Core Team <devel at lists.ledgersmb.org>

More information about the Questing-changes mailing list