Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker
Commits: bec54dd9 by Utkarsh Gupta at 2021-03-01T02:24:54+05:30 Triage spip for stretch - - - - - 60ffd294 by Utkarsh Gupta at 2021-03-01T02:24:54+05:30 Triage python-aiohttp for stretch - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -81,6 +81,8 @@ php-pear (Ola Lundqvist) python3.5 NOTE: 20210217: Fairly invasive change, changing/augmenting API of standard library. (lamby) -- +python-aiohttp (Utkarsh) +-- ruby-actionpack-page-caching NOTE: 20200819: Upstream's patch on does not apply due to subsequent NOTE: 20200819: refactoring. However, a quick look at the private @@ -113,6 +115,10 @@ shiro NOTE: 20201004: Sent additional request to upstream dev list; stil no response. (roberto) NOTE: 20201220: Upstream has responded. Working with them to backport fixes. (roberto) -- +spip + NOTE: 20210228: maintainer doesn't want to work on this update. (utkarsh) + NOTE: 20210228: a DSA is already out; check against the patch uploaded. (utkarsh) +-- spotweb NOTE: 20201220: The affected code uses string concatenation to construct a SQL query. NOTE: 20201220: Upstream's "fix" is to blacklist all the "bad" SQL commands. (roberto) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0845da06e2129bbdff94c6f0cbf0233dfc31aaf9...60ffd294e190689e1a8f063816e40e25a2c78bf2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0845da06e2129bbdff94c6f0cbf0233dfc31aaf9...60ffd294e190689e1a8f063816e40e25a2c78bf2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits