Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: db5c0d5e by Markus Koschany at 2023-07-13T11:04:42+02:00 Remove flatpak from dla-needed.txt CVE-2023-28100 and CVE-2023-28101 are minor issues and most users will install their applications via GUIs and from trusted repositories anyway. An upgrade to the 1.10.x series would require backports of at least bubblewrap and ostree. This may or may not cause regressions in other applications. The risk to reward ratio is rather unfavorable in this case and since targeted fixes are also intrusive and sensible workarounds do exist, it is better to keep flatpak as is. - - - - - 75cd45ad by Markus Koschany at 2023-07-13T11:24:44+02:00 Claim sabnzbdplus in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -46,10 +46,6 @@ dogecoin NOTE: 20230619: also I just referenced 3 older bitcoin-related CVEs to fix; NOTE: 20230619: dogecoin not present in bullseye/bookworm, so we lead the initiatives. (Beuc/front-desk) -- -flatpak (Markus Koschany) - NOTE: 20230620: Added by Front-Desk (Beuc) - NOTE: 20230620: Follow fixes from bullseye 11.7 (2 CVEs) (Beuc/front-desk) --- glib2.0 (santiago) NOTE: 20230612: Added by Front-Desk (apo) NOTE: 20230710: WIP (santiago) @@ -184,7 +180,7 @@ ruby-rails-html-sanitizer NOTE: 20221231: Added by Front-Desk (ola) NOTE: 20230303: this cannot be fixed unless ruby-loofah is fixed with appropriate methods. (utkarsh) -- -sabnzbdplus +sabnzbdplus (Markus Koschany) NOTE: 20230618: Added by Front-Desk (opal) -- salt View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ccec2a3c867b87227850127a62ac56c9d1b27359...75cd45adf1f2f872f2cf77151e66df7bf8a663ce -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ccec2a3c867b87227850127a62ac56c9d1b27359...75cd45adf1f2f872f2cf77151e66df7bf8a663ce You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
