thrift 0.23.0-1
Package Information
| Description | Thrift C++ library Thrift is a software framework for the development of reliable and performant communication and data serialization. It combines a software stack with code generation to build services that operate seamlessly across a number of different development languages. This package contains the runtime libraries needed for C++ applications using Thrift. |
|---|---|
| Maintainer | Laszlo Boszormenyi (GCS) <gcs@debian.org> |
| Changed By | Laszlo Boszormenyi (GCS) <gcs@debian.org> |
| Sponsor | gcs@debian.org |
| Distribution | experimental |
| Architecture | any all |
| Closes | #1133038 |
| Popcon Installs | 5129 |
| Binary NEW | Yes (binary-only upload) |
| Tracker | https://tracker.debian.org/pkg/thrift |
| Uploaded | 3 hours ago |
New Package Report
.changes
| Source | thrift |
|---|---|
| Version | 0.23.0-1 |
| Changed-By | Laszlo Boszormenyi (GCS) |
| Architecture | source all amd64 |
| Distribution | experimental |
| Date | Fri, 01 May 2026 15:26:07 +0200 |
Changelog
thrift (0.23.0-1) experimental; urgency=medium
.
* New major upstream release (closes: #1135348):
- fixes CVE-2025-48431: mismatched memory management routines
vulnerability,
- fixes CVE-2026-41602: integer overflow or wraparound vulnerability,
- fixes CVE-2026-41603: improper validation of certificate with host
mismatch vulnerability,
- fixes CVE-2026-41606: uncontrolled recursion vulnerability,
- fixes CVE-2026-41607: out of bounds read vulnerability.
* Rename related packages to -0.23.0 suffix.
* Build without deprecated Qt5 (closes: #1133038).
* Update copyright file..dsc
| Priority | optional |
|---|---|
| Component | main |
| Package-List | golang-thrift-dev deb devel optional arch=all libthrift-0.23.0 deb libs optional arch=any libthrift-c-glib-dev deb libdevel optional arch=any libthrift-c-glib0t64 deb libs optional arch=any libthrift-dev deb libdevel optional arch=any libthrift-perl deb perl optional arch=all php-thrift deb php optional arch=any python3-thrift deb python optional arch=any thrift-compiler deb devel optional arch=any |
| Section | devel |
debian/copyright
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Upstream-Name: thrift
Source: https://www.apache.org/dist/thrift
Files: *
Copyright: Copyright 2006- Apache Software Foundation
License: Apache-2.0
Files: aclocal/ax_boost_base.m4 aclocal/ax_check_openssl.m4 aclocal/ax_compare_version.m4 aclocal/ax_cxx_compile_stdcxx_11.m4 aclocal/ax_cxx_compile_stdcxx.m4 aclocal/ax_dmd.m4 aclocal/ax_javac_and_java.m4 aclocal/ax_lib_event.m4 aclocal/ax_lib_zlib.m4 aclocal/ax_prog_dotnetcore_version.m4 aclocal/ax_prog_haxe_version.m4 aclocal/ax_prog_perl_modules.m4 aclocal/ax_signed_right_shift.m4 aclocal/ax_thrift_internal.m4 contrib/fb303/acinclude.m4 contrib/fb303/aclocal/ax_boost_base.m4 contrib/fb303/aclocal/ax_cxx_compile_stdcxx_11.m4 contrib/fb303/aclocal/ax_javac_and_java.m4 contrib/fb303/aclocal/ax_thrift_internal.m4
Copyright: 2008 Benjamin Kosnik <bkoz@redhat.com>,
2008 Tim Toolan <toolan@ele.uri.edu>,
2008 Thomas Porschberg <thomas@randspringer.de>,
2009 David Reiss,
2009 Facebook,
2009 Peter Adolphs,
2012 Zack Weinberg <zackw@panix.com>,
2013 Roy Stogner <roystgnr@ices.utexas.edu>,
2015 Jens Geyer <jensg@apache.org>
License: FSFAP
This file is free software; the Free Software Foundation gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.
Files: aclocal/lt~obsolete.m4 aclocal/ltoptions.m4 aclocal/ltsugar.m4 aclocal/ltversion.m4 aclocal/tar.m4
Copyright: 1992-1996, 1998-2017, 2020-2021 Free Software Foundation, Inc.
License: FSFULLR
This file is free software; the Free Software Foundation
gives unlimited permission to copy and/or distribute it,
with or without modifications, as long as this notice is preserved.
.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY, to the extent permitted by law; without
even the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
Files: aclocal/libtool.m4
Copyright: 1996-2001, 2003-2015 Free Software Foundation, Inc.
License: FSFULLR and/or GPL-2+ with Libtool exception
GNU Libtool is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
.
As a special exception to the GNU General Public License, if you
distribute this file as part of a program or library that is built
using GNU Libtool, you may include this file under the same
distribution terms that you use for the rest of that program.
.
GNU Libtool is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
.
You should have received a copy of the GNU General Public License version 2
along with this program. If not, see <http://www.gnu.org/licenses/>.
Files: configure
Copyright: 1992-1996, 1998-2017, 2020-2021 Free Software Foundation, Inc.
License: FSFUL
This configure script is free software; the Free Software Foundation
gives unlimited permission to copy, distribute and modify it.
Files: install-sh
Copyright: 1994 X Consortium
License: X11
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
.
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE X
CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
.
Except as contained in this notice, the name of the X Consortium shall not be
used in advertising or otherwise to promote the sale, use or other dealings in
this Software without prior written authorization from the X Consortium.
Files: ltmain.sh
Copyright: 1996-2015 Free Software Foundation, Inc.
License: GPL-2+ with Libtool exception
GNU Libtool is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
.
As a special exception to the GNU General Public License, if you
distribute this file as part of a program or library that is built
using GNU Libtool, you may include this file under the same
distribution terms that you use for the rest of that program.
.
GNU Libtool is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
.
You should have received a copy of the GNU General Public License version 2
along with this program. If not, see <http://www.gnu.org/licenses/>.
Files: compiler/cpp/tests/catch/catch.hpp
Copyright: 2012 Two Blue Cubes Ltd.
License: BSL-1.0
Boost Software License - Version 1.0 - August 17th, 2003
.
Permission is hereby granted, free of charge, to any person or organization
obtaining a copy of the software and accompanying documentation covered by
this license (the "Software") to use, reproduce, display, distribute,
execute, and transmit the Software, and to prepare derivative works of the
Software, and to permit third-parties to whom the Software is furnished to
do so, all subject to the following:
.
The copyright notices in the Software and this entire statement, including
the above license grant, this restriction and the following disclaimer,
must be included in all copies of the Software, in whole or in part, and
all derivative works of the Software, unless such copies or derivative
works are solely in the form of machine-executable object code generated by
a source language processor.
.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT
SHALL THE COPYRIGHT HOLDERS OR ANYONE DISTRIBUTING THE SOFTWARE BE LIABLE
FOR ANY DAMAGES OR OTHER LIABILITY, WHETHER IN CONTRACT, TORT OR OTHERWISE,
ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
DEALINGS IN THE SOFTWARE.
Files: build/cmake/FindGLIB.cmake
Copyright: Copyright (C) 2012 Raphael Kubo da Costa <rakuco@webkit.org>
License: BSD-2-clause
All rights reserved.
.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are
met:
.
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Files: compiler/cpp/src/thrift/thrifty.cc compiler/cpp/src/thrift/thrifty.hh
Copyright: Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2021 Free Software Foundation, Inc.
License: GPL-3+ with Bison-2.2 exception
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
.
You should have received a copy of the GNU General Public License version 3
along with this program. If not, see <https://www.gnu.org/licenses/>.
.
As a special exception, you may create a larger work that contains
part or all of the Bison parser skeleton and distribute that work
under terms of your choice, so long as that work isn't itself a
parser generator using the skeleton or a modified version thereof
as a parser skeleton. Alternatively, if you modify or redistribute
the parser skeleton itself, you may (at your option) remove this
special exception, which will cause the skeleton and the resulting
Bison output files to be licensed under the GNU General Public
License without this special exception.
Files: doc/licenses/otp-base-license.txt
Copyright: 2006 Martin J. Logan, Erlware
License: Expat
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
.
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Files: lib/php/src/ext/thrift_protocol/config.m4
Copyright: 2009 Facebook
License: Apache-2.0 and/or FSFAP
Copying and distribution of this file, with or without modification, are
permitted in any medium without royalty provided the copyright notice
and this notice are preserved. This file is offered as-is, without any
warranty.
Files: debian/*
Copyright: Copyright 2012-2014 Eric Evans <eevans@debian.org>,
Copyright 2014- Laszlo Boszormenyi (GCS) <gcs@debian.org>
License: GPL-2+
License: GPL-2+
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the Free
Software Foundation; either version 2 of the License, or (at your option)
any later version.
.
This program is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
for more details.
.
You should have received a copy of the GNU General Public License version 2
along with this program. If not, see <https://www.gnu.org/licenses/>.
.
On Debian systems, the full text of the GNU General Public License version
2 can be found in the file `/usr/share/common-licenses/GPL-2'.
License: GPL-3+
This program is free software: you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the Free
Software Foundation, either version 3 of the License, or (at your option)
any later version.
.
This package is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
.
You should have received a copy of the GNU General Public License version 3
along with this program. If not, see <https://www.gnu.org/licenses/>.
.
On Debian systems, the full text of the GNU General Public License
version 3 can be found in the file `/usr/share/common-licenses/GPL-3'.
License: Apache-2.0
Licensed to the Apache Software Foundation (ASF) under one or more contributor
license agreements. The ASF licenses this work to You under the Apache License,
Version 2.0 (the "License"); you may not use this work except in compliance
with the License. You may obtain a copy of the License at
.
https://www.apache.org/licenses/LICENSE-2.0
.
On Debian systems, the complete text of the Apache License Version 2.0
can be found in the file '/usr/share/common-licenses/Apache-2.0'.