-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 20 Sep 2024 09:20:49 +0200
Source: tryton-server
Binary: tryton-server tryton-server-all-in-one tryton-server-doc tryton-server-nginx tryton-server-postgresql tryton-server-uwsgi
Architecture: all
Version: 6.0.29-2+deb12u3
Distribution: bookworm-security
Urgency: high
Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) <buildd_amd64-x86-grnet-03@buildd.debian.org>
Changed-By: Mathias Behrle <mathiasb@m9s.biz>
Description:
 tryton-server - Tryton application platform - server
 tryton-server-all-in-one - Tryton application platform - full installation
 tryton-server-doc - Tryton application platform - server documentation
 tryton-server-nginx - Tryton application platform - Nginx integration
 tryton-server-postgresql - Tryton application platform - PostgreSQL integration
 tryton-server-uwsgi - Tryton application platform - uWSGI integration
Changes:
 tryton-server (6.0.29-2+deb12u3) bookworm-security; urgency=high
 .
   * Add patches for security release
     https://discuss.tryton.org/t/security-release-for-
     issues-13505-and-13506.
     - Add 04_check_read_access_of_reports_records_13505.patch:
      Check read access of report records.
      Since 982a131026e7 the access rights are no more checked on instances.
      So anyone who has access to the report action, can execute the report
      for any records.
 .
     - Add 05_retrieve_groups_actions_wo_check_access_13506.patch:
      Check read access of report records.
      get_groups does not always returns the group of the action.
      When the method is called with access checked as there is a record rule
      on ir.action, the method returns an empty set of group ids. This is
      because no actions were found if the user does not share a group.
      This makes that check access of Report and Wizard never raise an error.
Checksums-Sha1:
 9399ea69858085f6d19a4bdbdf731ee54a547f26 22956 tryton-server-all-in-one_6.0.29-2+deb12u3_all.deb
 bc72913653e869ff2892fe32d5e8ffe7306d64ca 165532 tryton-server-doc_6.0.29-2+deb12u3_all.deb
 8787f254336564810b3cfe870362c64dd3bde468 24780 tryton-server-nginx_6.0.29-2+deb12u3_all.deb
 167723dc0347c79db74a0190cf023291e521e318 22960 tryton-server-postgresql_6.0.29-2+deb12u3_all.deb
 a32647e34b8abdd9f8f2ce142ce83e55de1ca16c 23668 tryton-server-uwsgi_6.0.29-2+deb12u3_all.deb
 1652a434bab724b2ad1ab5d9661a90446b98d723 10271 tryton-server_6.0.29-2+deb12u3_all-buildd.buildinfo
 57f2b222bee6edd221431734463d436da55c869c 512772 tryton-server_6.0.29-2+deb12u3_all.deb
Checksums-Sha256:
 535228ac15e4b29fd7d745f815aaee5684ca744d6de88b7f5019e906f670d430 22956 tryton-server-all-in-one_6.0.29-2+deb12u3_all.deb
 eeaf2c04a9615f9fddfab9fb4c189b4c0727047388c7da34d6da6a036068124d 165532 tryton-server-doc_6.0.29-2+deb12u3_all.deb
 3e2d3cd59b7b6519803ccbaecbf22fb61dfc751fdcd8a76c0563b341aee969e1 24780 tryton-server-nginx_6.0.29-2+deb12u3_all.deb
 80eadc9449e62a75bb0077891fd1f7d6b312bde908353bc53ea481bbde130a97 22960 tryton-server-postgresql_6.0.29-2+deb12u3_all.deb
 ec62f30d5a33d4d502cd178743051c322fb7580e8b8852a949253e1ccd170138 23668 tryton-server-uwsgi_6.0.29-2+deb12u3_all.deb
 0690aff714a061b564b6deafb25970f59e76126b8d4d5aae6d28ce40dd52ff0c 10271 tryton-server_6.0.29-2+deb12u3_all-buildd.buildinfo
 6c01d1aa91c4007f049bfda92f5f579eb3db807f3e742fbfb16706285fffd6ac 512772 tryton-server_6.0.29-2+deb12u3_all.deb
Files:
 fd7b6638b5993daf308507f62b038d76 22956 python optional tryton-server-all-in-one_6.0.29-2+deb12u3_all.deb
 48c7fb4c1a6afd29c8c30ae54227e9d0 165532 doc optional tryton-server-doc_6.0.29-2+deb12u3_all.deb
 0d60dadfa1fe025cb0c7d3254f737dfa 24780 python optional tryton-server-nginx_6.0.29-2+deb12u3_all.deb
 ed90cc2cf5e11f1f3e7a3e2abf061c3b 22960 python optional tryton-server-postgresql_6.0.29-2+deb12u3_all.deb
 2576deaaf392b9256a0812fa1973a3e7 23668 python optional tryton-server-uwsgi_6.0.29-2+deb12u3_all.deb
 992201bd2fc074c2e781775f3397f5d2 10271 python optional tryton-server_6.0.29-2+deb12u3_all-buildd.buildinfo
 7c5efbc9b3cf1ca87f054a36aad50ff8 512772 python optional tryton-server_6.0.29-2+deb12u3_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEe8x49oT2k+seQstpgDm7h4zfCpIFAmb0M2sACgkQgDm7h4zf
CpLyWQ//fgZt9QPuBW0jUd5Z86hKqPcH8aSE71jEFH8qpLn7v9aqEjiNItPrwYt3
4yFJRy4SsVFQjof3VWbhjTt9KqMpTXPAUiLjCHy/XWpM93JrCaz++4KSzIMnjKWZ
nYAi4YefITjbq3LY4HQoh6cxt4m022OSPGpdv24gOSQ0/IE0YhoaAvIGfTHx1gAC
UUU1FVamp92LfQYdJ5YM3YcjAsgVLD5Roie/k1X0rChJd5+DIAoaZve/+NubQKY/
jxu5wN3BTTNm9rgrZmSburVZ1lnwn0OHPLH+eB8HN1jBjKUp2dxjI4ExzF5VtOnW
td3S5zMPxqjgJRJBiwPSvWScOiSUx3YIrORg8guhvKF3DVuWURJRN81pPzvZZ4+U
zb0A+KO+BmI0piRCuKGXsHkWIUMGg3/gWo4p0/CY8fEc5uX9VGqyncudhya0j9Ym
soJhxrcL/wOKK16hBCLoi8kHwgk0b0sy7yI7P/QZh962GXGj388CWdBlYzDcYx+M
3bKklx37d+QF+Rg5x3QoVPL/wYEjLqKB9ibmY/IMH/R970c73NLfZfjeggvXgThp
0OC6yYQOGmTQ8AbNCiZR0xlFbTBZYXy6YrVUnO7SOhwcl1/RTDZHyMp20lZcRLJh
GTevqZcrG1Tm/WniIybFy5Fqto3g4lY2J86xmK64XJGbBylpIMM=
=k0eY
-----END PGP SIGNATURE-----