[Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
gitlab at salsa.debian.org
Mon Jun 17 14:13:38 BST 2019
Holger Levsen pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bab29cd5 by Holger Levsen at 2019-06-17T13:04:53Z
semi-automatic unclaim after 2 weeks of inactivity
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
@@ -31,7 +31,7 @@ freeimage
--
gfvs (Markus Koschany)
--
-glib2.0 (Mike Gabriel)
+glib2.0
--
golang-go.crypto (Adrian Bunk)
NOTE: 20190609: Might need rebuild of reverse dependency.
@@ -63,10 +63,10 @@ libmatio (Adrian Bunk)
NOTE: 20190428: older changes seem to also be required for them
NOTE: 20190609: work is ongoing
--
-libsdl1.2 (Hugo Lefeuvre)
+libsdl1.2
NOTE: see libsdl2 entry.
--
-libsdl2 (Hugo Lefeuvre)
+libsdl2
NOTE: recent issues received very few investigation. Some of them have already been
NOTE: triaged no-dsa, but I think we should at least process the TODOs to determine
NOTE: which product exactly is affected.
@@ -75,7 +75,7 @@ libsdl2 (Hugo Lefeuvre)
NOTE: crasher" since I suspect it to allow for unlimited oob write on the heap. Hard
NOTE: to exploit, but not impossible I believe.
--
-libsdl2-image (Hugo Lefeuvre)
+libsdl2-image
NOTE: see libsdl2 entry.
--
libspring-java (Roberto C. Sánchez)
@@ -92,23 +92,23 @@ linux (Ben Hutchings)
--
linux-4.9 (Ben Hutchings)
--
-mupdf (Mike Gabriel)
+mupdf
NOTE: 20190529: Upload candidate: http://packages.sunweavers.net/debian/pool/main/m/mupdf/mupdf_1.5-1+deb8u5.dsc
NOTE: 20190529: Not yet fully tested.
--
polarssl
NOTE: 20181207: Not 100% sure if vulnerable. Upstream would prefer us to move to latest version, etc. (!). (lamby)
--
-python-urllib3 (Roberto C. Sánchez)
+python-urllib3
NOTE: 20190601: Packages built. (roberto)
--
-python2.7 (Roberto C. Sánchez)
+python2.7
NOTE: 20190601: Packages built. (roberto)
--
-python3.4 (Roberto C. Sánchez)
+python3.4
NOTE: 20190601: Packages built. (roberto)
--
-qemu (Mike Gabriel)
+qemu
NOTE: 20190528: An upload candidate is waiting for being tested on real hardware.
NOTE: 20190528: Still need to set up a notebook with jessie installed for testing.
NOTE: 20190528: Will also mail a request for testing to the mailing list later
@@ -116,14 +116,14 @@ qemu (Mike Gabriel)
NOTE: 20190529: Upload candidate: http://packages.sunweavers.net/debian/pool/main/q/qemu/qemu_2.1+dfsg-12+deb8u12.dsc
NOTE: 20190529: More testing needed.
--
-ruby-omniauth (Abhijith PA)
+ruby-omniauth
NOTE: CVE-2015-9284: The vulnerability is rathar bad, especially in combination with other
NOTE: CVE-2015-9284: known vulnerabilities. However the issue is rather old and the impact
NOTE: CVE-2015-9284: may be rather large. When fixing this needs to be further investigated.
NOTE: CVE-2015-9284: This issue fixed in rails community by introducing a new gem called omniauth-
NOTE: CVE-2015-9284: rails.
--
-sdl-image1.2 (Hugo Lefeuvre)
+sdl-image1.2
NOTE: see libsdl2 entry.
--
sqlite3 (Jonas Meurer)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bab29cd5a2810ac2c1f44c67db94ccb4db102dc3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bab29cd5a2810ac2c1f44c67db94ccb4db102dc3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190617/b8a11a67/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list