[Git][security-tracker-team/security-tracker][master] dla: update notes, reclaim clamav, freeimage and reportlab

[Hugo Lefeuvre]

Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker


Commits:
43581d33 by Hugo Lefeuvre at 2019-12-09T12:43:27Z
dla: update notes, reclaim clamav, freeimage and reportlab

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -15,15 +15,16 @@ ansible
   NOTE: CVE-2019-14846 should be an easy fix.
   NOTE: CVE-2019-14858's upstream patch is too big; fails to work properly. (utkarsh2102)
 --
-clamav
+clamav (Hugo Lefeuvre)
+  NOTE: waiting for 0.102.1 to enter stretch/buster.
 --
 davical (Roberto C. Sánchez)
 --
 firefox-esr (Emilio)
 --
-freeimage
+freeimage (Hugo Lefeuvre)
   NOTE: 20191028: submitted a patch for CVE-2019-12211, see Debian bug report
-  NOTE: 20191123: upstream appears to have merged a modified version of my patch
+  NOTE: 20191209: upload pending
 --
 ibus
   NOTE: 20191210: Requires glib2.0 to be patched also.
@@ -90,8 +91,8 @@ php-horde-trean (Roberto C. Sánchez)
 python-oslo.utils (Abhijith PA)
   NOTE: Affected code seems to be in oslo/utils/strutils.py. (utkarsh2102)
 --
-python-reportlab
-  NOTE: 20191123: still no upstream fix
+python-reportlab (Hugo Lefeuvre)
+  NOTE: 20191209: still no upstream fix
 --
 radare2
   NOTE: 20190816: Affected by CVE-2019-14745. Vulnerable code is in



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43581d33a4670734daa55274867993301c434804

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/43581d33a4670734daa55274867993301c434804
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191209/78f41493/attachment-0001.html>