Holger Levsen pushed to branch master at Debian Security Tracker / security-tracker
Commits: ad26ed01 by Holger Levsen at 2021-07-19T12:01:34+02:00 semi-automatic unclaim after 2 weeks of inactivity Signed-off-by: Holger Levsen <hol...@layer-acht.org> - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -36,7 +36,7 @@ condor (Markus Koschany) NOTE: 20200727: Waiting on maintainer feedback: https://lists.debian.org/debian-lts/2020/07/msg00108.html (roberto) NOTE: 20210205: Some patches seems to be available but not clear if it solves the whole issue or not. (ola) -- -ffmpeg (Anton Gladky) +ffmpeg NOTE: 20210607: stretch was following the 3.2.x release line, but 3.2.15 NOTE: 20210607: (released 2020-07-02) was the last on this branch. There are NOTE: 20210607: now 10+ ~new CVEs that nominally apply to the version in LTS, @@ -71,7 +71,7 @@ linux (Ben Hutchings) -- linux-4.19 (Ben Hutchings) -- -nettle (Emilio) +nettle NOTE: 20210628: difficult backport, wip (Emilio) -- nvidia-graphics-drivers @@ -86,14 +86,14 @@ python-babel roundcube NOTE: 20210706: Check with maintainer as they have handled previous uploads. (lamby) -- -ruby-actionpack-page-caching (Markus Koschany) +ruby-actionpack-page-caching NOTE: 20200819: Upstream's patch on does not apply due to subsequent NOTE: 20200819: refactoring. However, a quick look at the private NOTE: 20200819: page_cache_file method suggests that the issue exists, as it NOTE: 20200819: uses the path without normalising any "../" etc., simply NOTE: 20200819: URI.parser.unescap-ing it. Requires more investigation. (lamby) -- -ruby-kaminari (Markus Koschany) +ruby-kaminari NOTE: 20200819: The source in Debian (at least in LTS) appears to have a different lineage to NOTE: 20200819: the one upstream or in its many forks. For example, both dthe NOTE: 20200819: kaminari/kaminari and amatsuda/kaminari repositories does no have the @@ -104,7 +104,7 @@ ruby-kaminari (Markus Koschany) NOTE: 20201009: This (↑) is an app-level patch for a rails app. A library-level patch NOTE: 20201009: will needed to be written. Opened an issue at upstream, though somewhat inactive. (utkarsh) -- -runc (Abhijith PA) +runc NOTE: 20210612: Not sure if applies to this version. (lamby) -- salt @@ -113,7 +113,7 @@ salt NOTE: 20210510: will try to release ASAP; also preparing update for buster (DSA). (utkarsh) NOTE: 20210607: new CVE patch proposed by damien; donfede to provide a debdiff. (utkarsh) -- -shiro (Roberto C. Sánchez) +shiro NOTE: 20200920: WIP NOTE: 20200928: Still awaiting reponse to request for assistance sent to upstream dev list. (roberto) NOTE: 20201004: Sent additional request to upstream dev list; stil no response. (roberto) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad26ed0124bf70c44537df8f993d5496ff0041dd -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad26ed0124bf70c44537df8f993d5496ff0041dd You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
