[Git][security-tracker-team/security-tracker][master] dla-needed: update imagemagick

Hugo Lefeuvre hle at debian.org
Fri Aug 9 13:23:48 BST 2019



Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f4f766ae by Hugo Lefeuvre at 2019-08-09T12:21:59Z
dla-needed: update imagemagick

Reclaim faad2, libsdl (finishing it right now), take a look at tika.

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -12,7 +12,7 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues
 --
 dnsmasq (Mike Gabriel)
 --
-faad2
+faad2 (Hugo Lefeuvre)
   NOTE: 20190519: I have a few patches pending for open issues. Will be PR-ed soon.
   NOTE: 20190525: see https://github.com/knik0/faad2/pull/36
   NOTE: 20190610: still waiting for review, currently discussing with Fabian
@@ -42,7 +42,9 @@ hdf5 (Hugo Lefeuvre)
   NOTE: time anymore, given the release pace until now).
 --
 imagemagick (Hugo Lefeuvre)
-  NOTE: triage work first, large number of open issues
+  NOTE: 20190809: almost done with triage. one issue really deserves a DLA, a few others
+  NOTE: can be shiped along (good patches, low regression risk). triaged the rest no-dsa.
+  NOTE: waiting for upstream to answer my questions before proceeding further.
 --
 jackson-databind
 --
@@ -74,10 +76,10 @@ libqb
 libreoffice
   NOTE: probably Jessie is affected as well
 --
-libsdl1.2
+libsdl1.2 (Hugo Lefeuvre)
   NOTE: see libsdl2 entry.
 --
-libsdl2
+libsdl2 (Hugo Lefeuvre)
   NOTE: checking the two last open issues.
 --
 linux (Ben Hutchings)
@@ -132,7 +134,7 @@ sqlite3
 subversion
   NOTE: 20190804: For (at least) CVE-2018-11782 the svn_err_trace that is in the diff has not been added yet. (lamby)
 --
-tika
+tika (Hugo Lefeuvre)
 --
 tomcat8 (Sylvain Beucler)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f4f766ae93a1365dae99614c551607bea9e1a506

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f4f766ae93a1365dae99614c551607bea9e1a506
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190809/869b34da/attachment-0001.html>


More information about the debian-security-tracker-commits mailing list