Hi Francois, On Fri, Jul 31, 2020 at 10:18:23AM +0200, Salvatore Bonaccorso wrote: > Hi Francois, > > On Mon, Feb 10, 2020 at 03:59:22PM -0800, Francois Marier wrote: > > On 2020-02-07 at 10:14:24, Salvatore Bonaccorso wrote: > > > > It looks OK to me. Tagging moreinfo until there's a final diff. > > > > > > Friendly ping, any news? (It's too late now for the upcoming point > > > release though). > > > > It's still on my list, but not a very high priority. Definitely won't happen > > until at least after the Ubuntu 20.04 Debian merge deadline. > > It would now be too late for the 10.5 buster point release, but do you > found time to finalize the debdiff for review for SRM? Then we might > target for 10.6.
There are in meanwhile one more CVE which might be included. They are at this time CVE-2019-14267, CVE-2020-9549, CVE-2019-14934 and CVE-2020-20740 which are all marked no-dsa or unimportant (with negligible security impact), but maybe if you still would like to fix those for buster, we can close this report and then open a new one with a revisited debdiff? What do you think? Regards, Salvatore