Finding fresh policy
Processing upload git_2.43.0-ok4_source.changes
Beginning processing.
Verifying signature on git_2.43.0-ok4_source.changes
Verifying signature on git_2.43.0-ok4.dsc
Performing DSC verification.
git_2.43.0-ok4_source.buildinfo can be unsigned.
Verifying the changes file.
Verifying files in upload.
Verifying source file git_2.43.0-ok4.dsc
git_2.43.0.orig.tar.gz found in Primary Archive for openKylin
Verifying uploaded source package by unpacking it.
Copying copyright contents.
Found changelog
Cleaning up source tree.
Done
Verifying source file git_2.43.0.orig.tar.gz
Verifying source file git_2.43.0-ok4.debian.tar.xz
Verifying buildinfo file git_2.43.0-ok4_source.buildinfo
Finding and applying overrides.
Checking for git/1:2.43.0-ok4 source ancestry
Finished checking upload.
Creating queue entry
git diff from 1:2.43.0-ok3 to 1:2.43.0-ok4 requested
Setting it to UNAPPROVED
Building recipients list.
Adding recipient: 'Cibot <cibot@openkylin.top>'
Sent a mail:
  Subject: [openkylin/nile-proposed] git 1:2.43.0-ok4 (Waiting for approval)
  Sender: OKBS notice <okbs@platform-notice.openkylin.top>
  Recipients: Cibot <cibot@openkylin.top>
  Bcc: Local Root <root@localhost>
  Body:
git (1:2.43.0-ok4) nile; urgency=medium

  * SECURITY UPDATE: Facilitation of arbitrary code execution     -
    debian/patches/CVE-2024-32002.patch: submodule paths       must not
    contains symlinks in builtin/submodule--helper.c.     - CVE-2024-
    32002   * SECURITY UPDATE: Arbitrary code execution     -
    debian/patches/CVE-2024-32004.patch: detect dubious ownership of
    local repositories in path.c, setup.c, setup.h.     - CVE-2024-32004
    * SECURITY UPDATE: Overwrite of possible malicious hardlink     -
    debian/patches/CVE-2024-32020.patch: refuse clones of unsafe
    repositories in builtin/clonse.c, t0033-safe-directory.sh.     - CVE-
    2024-32020   * SECURITY UPDATE: Unauthenticated attacker to place a
    repository     on their target's local system that contains symlinks
    - debian/patches/CVE-2024-32021.patch: abort when hardlinked source
    and       target file differ in builtin/clone.c     - CVE-2024-32021
    * SECURITY UPDATE: Arbitrary code execution     - debian/patches/CVE-
    2024-32465.patch: disable lazy-fetching by default       in
    builtin/upload-pack.c, promisor-remote.c     - CVE-2024-32465

Date: Mon, 04 Nov 2024 16:27:31 +0800
Changed-By: liubo01 <liubo01@kylinos.cn>
Maintainer: openKylin Developers <packaging@lists.openkylin.top>
Signed-By: Cibot <cibot@openkylin.top>
https://build.openkylin.top/openkylin/+source/git/1:2.43.0-ok4

==

 OK: git_2.43.0.orig.tar.gz
 OK: git_2.43.0-ok4.debian.tar.xz
 OK: git_2.43.0-ok4.dsc
     -> Component: main Section: vcs
This upload awaits approval by a distro manager


No announcement sent

Thank you for your contribution to openKylin.

-- 
You are receiving this email because you made this upload.
Committing the transaction and any mails associated with this upload.