Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: 65a38eda by Sylvain Beucler at 2022-05-23T16:31:18+02:00 dla: clarify comments made with front-desk hat - - - - - 501d40bc by Sylvain Beucler at 2022-05-23T16:37:02+02:00 dla: add horizon - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -36,6 +36,7 @@ ckeditor (Sylvain Beucler) NOTE: 20220510: no rdeps, no sponsors, most CVEs require following upstream stable 4.x, NOTE: 20220510: considering either ignoring, or mass-bumping all dists, NOTE: 20220510: waiting for ckeditor_3_ discussion to close up first (Beuc) + NOTE: 20220510: https://lists.debian.org/debian-lts/2022/05/msg00018.html -- clamav (Emilio) NOTE: 20220510: Programming language C. (apo) @@ -47,9 +48,9 @@ cyrus-imapd NOTE: 20220523: Harmonize with DSA-4590-1 and Debian 10.11 (2 CVEs) (Beuc/front-desk) -- debian-security-support (Utkarsh) - NOTE: 20220402: need to update the list of unsupported packages (Beuc) - NOTE: 20220402: check debian/README.source, sync with h01ger, and announce EOL'd packages (Beuc) - NOTE: 20220402: context: https://lists.debian.org/debian-lts/2022/04/msg00000.html (Beuc) + NOTE: 20220402: need to update the list of unsupported packages (Beuc/front-desk) + NOTE: 20220402: check debian/README.source, sync with h01ger, and announce EOL'd packages (Beuc/front-desk) + NOTE: 20220402: context: https://lists.debian.org/debian-lts/2022/04/msg00000.html (Beuc/front-desk) NOTE: 20220502: backport prepped, will contact Holger for more details. (utkarsh) NOTE: 20220516: in review, will also co-help Holger to maintain this. (utkarsh) -- @@ -80,11 +81,14 @@ glib2.0 NOTE: 20220523: Harmonize with Debian 10.10 (3 CVEs) (Beuc/front-desk) -- golang-go.crypto - NOTE: 20220331: rebuild reverse-dependencies if needed, e.g. DLA-2402-1 -> DLA-2453-1/DLA-2454-1/DLA-2455-1; also check buster status (Beuc) + NOTE: 20220331: rebuild reverse-dependencies if needed, e.g. DLA-2402-1 -> DLA-2453-1/DLA-2454-1/DLA-2455-1; also check buster status (Beuc/front-desk) -- haproxy NOTE: 20220523: Harmonize with Debian 10.0 and 10.6 (3 CVEs) (Beuc/front-desk) -- +horizon + NOTE: 20220523: Harmonize with DSA-4820-1 (1 CVE) (Beuc/front-desk) +-- icingaweb2 (Abhijith PA) NOTE: https://people.debian.org/~abhijith/upload/mruby/icingaweb2_2.4.1-1+deb9u2.dsc (abhijith) NOTE: 20220522: Pinged upstream for missing patches. Will write an detail @@ -94,8 +98,8 @@ intel-microcode (Stefano Rivera) NOTE: 20220213: please recheck -- kvmtool - NOTE: 20220402: stretch-specific, orphaned package (Beuc) - NOTE: 20220402: CVE-2021-45464 looks critical, check with upstream for acknowledgments/fixes (Beuc) + NOTE: 20220402: stretch-specific, orphaned package (Beuc/front-desk) + NOTE: 20220402: CVE-2021-45464 looks critical, check with upstream for acknowledgments/fixes (Beuc/front-desk) -- liblouis NOTE: 20220320: no patch available yet. Reproducible memory leaks with ASAN @@ -132,15 +136,15 @@ ntfs-3g NOTE: available. (apo) -- nvidia-cuda-toolkit - NOTE: 20220331: package is in non-free but also in packages-to-support (Beuc) + NOTE: 20220331: package is in non-free but also in packages-to-support (Beuc/front-desk) -- nvidia-graphics-drivers - NOTE: 20220203: package is in non-free but also in packages-to-support (Beuc) + NOTE: 20220203: package is in non-free but also in packages-to-support (Beuc/front-desk) NOTE: 20220209: monitor nvidia-graphics-drivers-legacy-390xx for a potential NOTE: 20220209: backport (apo) -- pdns - NOTE: 20220402: harmonize with buster/10.8 (Beuc) + NOTE: 20220402: harmonize with buster/10.8 (Beuc/front-desk) NOTE: 20220506: buster patches backported in https://salsa.debian.org/enrico/pdns/-/tree/stretch NOTE: 20220506: and #debian-dns notified (enrico) NOTE: 20220506: the patch for https://security-tracker.debian.org/tracker/CVE-2022-27227 @@ -157,7 +161,7 @@ postgresql-9.6 puma (Markus Koschany) -- puppet-module-puppetlabs-firewall - NOTE: 20220402: no Debian maintainers activity since 2018 (Beuc) + NOTE: 20220402: no Debian maintainers activity since 2018 (Beuc/front-desk) -- redis NOTE: 20220510: Chris Lamb is the maintainer. Programming language C. (apo) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/96fa9a9eb38765e58a241dd0e5090c1d3e1691d2...501d40bc5efb1821bd5c88011dbc79b170d74a67 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/96fa9a9eb38765e58a241dd0e5090c1d3e1691d2...501d40bc5efb1821bd5c88011dbc79b170d74a67 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
