Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: df339ba3 by Sylvain Beucler at 2022-05-23T10:23:59+02:00 dla: add mailman - - - - - 916c912b by Sylvain Beucler at 2022-05-23T10:23:59+02:00 dla: add atftp - - - - - 63c04e9c by Sylvain Beucler at 2022-05-23T10:23:59+02:00 dla: add avahi - - - - - 8c681fb5 by Sylvain Beucler at 2022-05-23T10:23:59+02:00 dla: unassign postgresql-9.6 following e-mail exchange - - - - - 2 changed files: - data/dla-needed.txt - data/packages/lts-do-call-me Changes: ===================================== data/dla-needed.txt ===================================== @@ -22,6 +22,12 @@ amd64-microcode asterisk (Abhijith PA) NOTE: 20220424: programming language C -- +atftp + NOTE: 20220523: Harmonize with Debian 10.12 (1 CVE) (Beuc/front-desk) +-- +avahi + NOTE: 20220523: Harmonize with Debian 10.9 (1 Debian-specific CVE) (Beuc/front-desk) +-- cgal (Andreas Rönnquist) NOTE: 20220421: many no-dsa issues, please check, whether it is possible to fix them without uploading a new upstream release (Anton) -- @@ -89,6 +95,9 @@ linux (Ben Hutchings) -- linux-4.19 (Ben Hutchings) -- +mailman + NOTE: 20220523: Harmonize with Debian 10.12 (3 CVEs, regression fixes) (Beuc/front-desk) +-- mariadb-10.1 NOTE: 20220222: Can be risky. Please consider backporting mariadb-10.3. See discussion https://lists.debian.org/debian-lts/2022/02/msg00005.html and coordinate with maintainer (Anton) -- @@ -124,8 +133,11 @@ pdns NOTE: 20220506: package builds but does not run a test suite, and I lack the NOTE: 20220506: know-how for testing manually (enrico) -- -postgresql-9.6 (Christoph Berg) +postgresql-9.6 NOTE: 20220523: cf. DSA-5135-1/DSA-5136-1 (Beuc/front-desk) + NOTE: 20220523: 9.6 is EOL'd upstream (Beuc/front-desk) + NOTE: 20220523: Christoph Berg won't handle this update (Beuc/front-desk) + NOTE: 20220523: https://lists.debian.org/debian-lts/2022/05/msg00054.html -- puma (Markus Koschany) -- ===================================== data/packages/lts-do-call-me ===================================== @@ -10,6 +10,8 @@ busybox DebConf19 conversation with apo # Christoph Berg (credativ) postgresql* (Christoph will always take care of updates, no need to contact him) +# However Christoph won't update EOL'd 9.6 for stretch +# https://lists.debian.org/debian-lts/2022/05/msg00054.html # Peter Palfrader tor View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/475f3a04a115f43b6e13f8473362e900a8800888...8c681fb59f3eb12f47ead7d053767ff9d530d663 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/475f3a04a115f43b6e13f8473362e900a8800888...8c681fb59f3eb12f47ead7d053767ff9d530d663 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
