Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker
Commits: bc6470c0 by Anton Gladky at 2023-01-11T06:50:53+01:00 LTS: Add missing VCS information in packages - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -24,6 +24,7 @@ apache2 -- asterisk NOTE: 20221211: Programming language: C. + NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/asterisk.git -- ceph (Stefano Rivera) NOTE: 20221031: Programming language: C++. @@ -32,6 +33,7 @@ ceph (Stefano Rivera) NOTE: 20221130: CVE-2022-3650: The patch is kind of trivial Python stuff backporting work. NOTE: 20221130: Can someone take care of it in Buster? I'm currently building the Bullseye backport of the fix... NOTE: 20221130: https://lists.debian.org/debian-lts/2022/11/msg00025.html (zigo/maintainer) + NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/ceph.git -- consul NOTE: 20221031: Programming language: Go. @@ -52,6 +54,7 @@ dojo erlang NOTE: 20221119: Programming language: Erlang. NOTE: 20221119: at least CVE-2022-37026 needs to be fixed (original request has been for Stretch) + NOTE: 20230111: VCS: https://salsa.debian.org/erlang-team/packages/erlang -- fig2dev NOTE: 20230105: Programming language: C. @@ -107,6 +110,7 @@ kopanocore -- lava NOTE: 20221127: Programming language: Python. + NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/lava.git -- lemonldap-ng NOTE: 20230105: Programming language: Perl. @@ -124,12 +128,15 @@ libde265 NOTE: 20221107: Most vulnerabilities unfixed upstream, but a handful are fixed, and v1.0.9 (2022-10) is a security release (Beuc/front-desk) NOTE: 20221107: No prior DSA/DLA/ELA afaics (Beuc/front-desk) NOTE: 20221215: CVE-2020-21599 CVE-2021-35452 CVE-2021-36408 CVE-2021-36409 CVE-2021-36410 CVE-2021-36411 adressed, remaining CVEs are unfixed upstream. (I've proposed a patch upstream, waiting for feeback) (tobi) + NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/libde265.git -- libitext5-java (Markus Koschany) NOTE: 20221225: Programming language: Java. + NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/libitext5-java.git -- libreoffice NOTE: 20221012: Programming language: C++. + NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/libreoffice.git -- libsdl2 NOTE: 20221111: Programming language: C. @@ -153,9 +160,11 @@ man2html modsecurity-crs NOTE: 20221006: Programming language: Other. NOTE: 20221006: Maintainer notes: Please contact maintainer. Consider uploading of newer version. + NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/modsecurity-crs.git -- net-snmp (guilhem) NOTE: 20221120: Programming language: C. + NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/net-snmp.git -- netatalk NOTE: 20220816: Programming language: C. @@ -225,6 +234,7 @@ nvidia-graphics-drivers-legacy-390xx NOTE: 20221225: Programming language: binary blob. NOTE: 20230103: Cf. on-going discussion on nvidia support (Beuc/front-desk) NOTE: 20230103: https://lists.debian.org/debian-lts/2023/01/msg00005.html + NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/nvidia-graphics-drivers-legacy-390xx.git -- openimageio NOTE: 20221225: Programming language: C. @@ -288,6 +298,7 @@ rainloop -- ring NOTE: 20221120: Programming language: C. + NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/ring.git -- ruby-loofah NOTE: 20221231: Programming language: Ruby. @@ -322,11 +333,13 @@ snakeyaml -- snort NOTE: 20220905: Requires further triaging to conclude exactly which CVEs to be fixed or ignored. + NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/snort.git -- sox NOTE: 20220818: Programming language: C. NOTE: 20220818: Requires some investigation; see #1012138 etc. NOTE: 20221003: https://sourceforge.net/p/sox/bugs/362/ Re-pinged upstream committer (abhijith) + NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/sox.git -- tiff (Sylvain Beucler) NOTE: 20221031: Programming language: C. @@ -345,6 +358,7 @@ trafficserver -- viewvc (Chris Lamb) NOTE: 20230104: Programming language: Python. + NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/viewvc.git -- webkit2gtk NOTE: 20221229: Programming language: C++. @@ -355,6 +369,7 @@ webkit2gtk xdg-utils NOTE: 20221120: Programming language: C. NOTE: 20221120: no real fix yet + NOTE: 20230111: VCS: https://salsa.debian.org/freedesktop-team/xdg-utils -- xfig NOTE: 20230105: Programming language: C. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc6470c03cb018260a123a874d9df531919cd674 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc6470c03cb018260a123a874d9df531919cd674 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits