Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: 5958df03 by Sylvain Beucler at 2022-05-02T18:04:07+02:00 dla: minor clarifications/formatting - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -33,7 +33,7 @@ ark NOTE: 20220424: programming language C -- cgal - NOTE: 20220421: many no-dsa issues, please check, whether it is possible to fix them without an uploading of a new upstream release (Anton) + NOTE: 20220421: many no-dsa issues, please check, whether it is possible to fix them without uploading a new upstream release (Anton) -- ckeditor NOTE: 20220402: multiple pendings vulnerabilities (Beuc) @@ -114,9 +114,9 @@ nvidia-cuda-toolkit NOTE: 20220331: package is in non-free but also in packages-to-support (Beuc) -- nvidia-graphics-drivers - NOTE: 20220203: package is in non-free but also in packages-to-support (Beuc) - NOTE: 20220209: monitor nvidia-graphics-drivers-legacy-390xx for a potential - NOTE: 20220209: backport (apo) + NOTE: 20220203: package is in non-free but also in packages-to-support (Beuc) + NOTE: 20220209: monitor nvidia-graphics-drivers-legacy-390xx for a potential + NOTE: 20220209: backport (apo) -- openjdk-8 (pochu) -- @@ -132,13 +132,13 @@ puppet-module-puppetlabs-firewall NOTE: 20220402: no Debian maintainers activity since 2018 (Beuc) -- ring (Abhijith PA) - NOTE: 20220314: https://people.debian.org/~abhijith/upload/vda/ring_20161221.2.7bd7d91~dfsg1-1+deb9u2.dsc - NOTE: 20220404: package in archive is faulty. New regs can't be done due (abhijith) - NOTE: 20220404: a network error (abhijith) + NOTE: 20220314: https://people.debian.org/~abhijith/upload/vda/ring_20161221.2.7bd7d91~dfsg1-1+deb9u2.dsc + NOTE: 20220404: package in archive is faulty. New regs can't be done due (abhijith) + NOTE: 20220404: a network error (abhijith) -- ruby-devise-two-factor - NOTE: 20220427: Patch does not apply cleanly to LTS version, may be due to this being the result - NOTE: 20220427: of an incomplete fix to CVE-2015-7225. Will require some investigation. (lamby) + NOTE: 20220427: Patch does not apply cleanly to LTS version, may be due to this being the result + NOTE: 20220427: of an incomplete fix to CVE-2015-7225. Will require some investigation. (lamby) -- salt -- @@ -156,9 +156,10 @@ snapd -- sox NOTE: 20220326: CVE-2019-13590 is fixed in git (Anton) + NOTE: 20220326: https://salsa.debian.org/lts-team/packages/sox NOTE: 20220326: fix for CVE-2021-40426 is not yet available (Anton) -- -subversion +subversion (Roberto C. Sánchez) NOTE: 20220422: Upstream's patch for CVE-2021-28544 does not cleanly apply (eg. "copyfrom_path = apr_pstrdup(...)" assignment) NOTE: 20220422: and, once applied manually, appears to break multiple and possibly unrelated parts of the testsuite. (lamby) NOTE: 20220501: Done some analysis, worked on a patch, cannot find a way to test it, mailed results to Roberto C. Sánchez (enrico) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5958df037181dbc5c6b0eb1a7243c919bdd75f2d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5958df037181dbc5c6b0eb1a7243c919bdd75f2d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits