Hi again
Today I looked at the freeimage package that we have in dla-needed.
My conclusion is that we have 19 CVEs postponed with motivation "revisit
when fixed upstream" and 23 CVEs that are in bullseye declared as no-dsa
with the same motivation.
Since we have this postpone decision for the 19
Hi fellow LTS contributors
I was about to assign runc to myself but realized that it should not be in
dla-needed.
There is just one CVE to be fixed and that one is marked as no-dsa with
note minor issue.
I will therefore do the following.
Change the no-dsa to postponed and remove runc from
Hi Roberto
After first some thinking on what "constitutes a minor issue?" I did some
research and realized that there is in fact a good classification in the
Debian Security team list here:
https://security-team.debian.org/security_tracker.html#severity-levels
We have "unimportant", "low",
-
Debian LTS Advisory DLA-3782-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Guilhem Moulin
April 07, 2024https://wiki.debian.org/LTS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3784-1debian-...@lists.debian.org
https://www.debian.org/lts/security/Thorsten Alteholz
April 07, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 26 Mar 2024 19:03:02 +0100
Source: libcaca
Architecture: source
Version: 0.99.beta19-2.1+deb10u1
Distribution: buster-security
Urgency: medium
Maintainer: Sam Hocevar
Changed-By: Thorsten Alteholz
Changes:
libcaca