Ubuntu
sql-ledger package

Sync sql-ledger 3.2.6-1 (main) from Debian sid (main)

Bug #1782956 reported by RJ Clay
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
sql-ledger (Ubuntu)
Expired
Undecided
Unassigned

Bug Description

Please sync sql-ledger 3.2.6-1 (main) from Debian sid (main)

Package backports to Cosmic and builds cleanly.
Reference: sql-ledger - 3.2.6-1~ubuntu18.10.1 at https://launchpad.net/~sql-ledger/+archive/ubuntu/ppa/+packages

The updated package closed three bugs in Debian and closes one bug in Ubuntu.

Changelog entries since most recent version in Ubuntu Xenial:

sql-ledger (3.2.6-1) unstable; urgency=medium

  * New upstream. (Closes: #862953)(LP: #1537461)
  * Bump the Debhelper version from '9' to '10'.
  * Use an HTTPS URL in the debian/watch file.
  * Add the following Lintian override files: debian/source/lintian-overrides
    and debian/sql-ledger.lintian-overrides.
  * Removed the debian/patches/latex-cmdline-option patch file as it does not
    apply to the new upstream.
  * Add a debian/patches/FixINCissue.patch file. (Closes: #869994)
  * Add a debian/patches/MitigateLintianError.patch file.
  * Redo 'templates' install info in the debian/sql-ledger.install file.
  * Rewrite debian/copyright, following copyright-format v1.0 guidelines.
  * Changes in debian/control:
    + Declare compliance with Debian Policy 4.1.4.
    + Add 'Rules-Requires-Root: binary-targets' to the source stanza.
    + Set 'Robert James Clay <email address hidden>' as the new Maintainer.
      (Closes: #862963)
    + Update Vcs-Git & Vcs-Browser entries to the new URLs at salsa.debian.org.

 -- Robert James Clay <email address hidden> Thu, 05 Jul 2018 20:56:47 -0400

Tags: cosmic
Revision history for this message
Jeremy Bícha (jbicha) wrote :

sql-ledger was removed from Ubuntu and added to the sync blacklist. See LP: #1598308 for more details.

I believe the way forward here is to first check whether the package still has unfixed security issues.

Issues that have been fixed need to be updated at https://security-tracker.debian.org/tracker/source-package/sql-ledger

That page is generated from the data/CVE/list file in https://salsa.debian.org/security-tracker-team/security-tracker so you may be able to submit a merge proposal to mark fixed versions. There is a #debian-security channel on IRC OFTC you can use if you need to ask someone about how that works.

I am marking this bug as Incomplete for now.

tags: added: cosmic
Changed in sql-ledger (Ubuntu):
status: New → Incomplete
Revision history for this message
RJ Clay (rjclay) wrote :

 Jeremy Bicha (jbicha) wrote:
> sql-ledger was removed from Ubuntu and added to the sync blacklist.
> See LP: #1598308 for more details.

  I reviewed that as well, as I was unaware of it because I was not the package maintainer in Debian back then.

 Jeremy Bicha (jbicha) wrote:
> I believe the way forward here is to first check whether the package still has
> unfixed security issues.

   Reviewing them, they all seem to be on old pre 3.x versions of the application and all of the Debian bugs associated with them were closed as resolved (which does not automatically update the tracker, it appears...). (And note further that the current Debian version of the package, 3.2.6-1, is in Debian Testing as well as in Debian Unstable).

 Jeremy Bicha (jbicha) wrote:
> Issues that have been fixed need to be updated at
> https://security-tracker.debian.org/tracker/source-package/sql-ledger

  I will investigate what I need to do to be able the get that tracker updated.

Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for sql-ledger (Ubuntu) because there has been no activity for 60 days.]

Changed in sql-ledger (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.