[Secure-testing-commits] r22857 - in data: . CVE

Moritz Muehlenhoff jmm at alioth.debian.org
Fri Jul 5 15:55:29 UTC 2013 

Author: jmm
Date: 2013-07-05 15:55:28 +0000 (Fri, 05 Jul 2013)
New Revision: 22857

Modified:
   data/CVE/list
   data/dsa-needed.txt
Log:
add entries for oldstable to dsa-needed


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2013-07-05 14:45:58 UTC (rev 22856)
+++ data/CVE/list	2013-07-05 15:55:28 UTC (rev 22857)
@@ -1,5 +1,5 @@
 CVE-2013-4758 [Double Free Memory Corruption in ElasticSearch Plugin]
-	- rsyslog <unfixed> (low)
+	- rsyslog <unfixed> (low; bug #715009)
 	[squeeze] - rsyslog <not-affected> (omelasticsearch plugin not yet present)
 	[wheezy] - rsyslog <not-affected> (omelasticsearch plugin not yet present)
 	NOTE: http://bugzilla.adiscon.com/show_bug.cgi?id=461

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2013-07-05 14:45:58 UTC (rev 22856)
+++ data/dsa-needed.txt	2013-07-05 15:55:28 UTC (rev 22857)
@@ -11,44 +11,78 @@
 
 If needed, specify the release by adding a slash after the name of the source package.
 
+
 --
 clutter-1.0
   Not sure if this actually deserves a DSA, someone who uses Gnome should dig into it
 --
+drupal6 (oldstable only)
+--
+gimp (oldstable only)
+--
+gnutls26 (oldstable only)
+--
 hawtjni
 --
 iceape (jmm)
 --
 icedove (jmm)
 --
-libav
+jquery (oldstable only)
+  Maintainer prepared an update
 --
+libav (ffmpeg in oldstable)
+--
+libwpd (oldstable only)
+--
+librack-ruby (oldstable only)
+--
 libv8
 --
+mediawiki (oldstable only)
+--
 memcached
 --
+mysql-5.1 (oldstable only)
+--
 nginx
   maintainer uploaded an update
 --
-openjdk-6
+openjdk-6 (jmm)
 --
 openjdk-7/wheezy (jmm)
   Package from sid needs to be rebuild in stable-security
 --
 openswan
 --
+otrs2 (oldstable only)
+  Maintainer wanted to look into preparing an update
+--
 php-radius
 --
+pidgin (oldstable only)
+  The version in squeeze is likely too outdated anyway, so end-of-life might be the better option
+--
+poppler (oldstable only)
+--
 quagga
 --
+qt4-x11 (oldstable only)
+--
+ruby1.8 (oldstable only)
+--
 ruby1.9.1
   maintainer prepared updates, but only for wheezy, needs to be poked about oldstable
 --
 srtp
 --
+sssd (oldstable only)
+--
 tomcat6
 --
-tomcat7/wheezy
+tomcat7 (stable only)
 --
 vlc
   it probably makes sense to update to the 2.0.x point releases
+--
+xen
\ No newline at end of file

More information about the Secure-testing-commits mailing list