[Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity

Holger Levsen gitlab at salsa.debian.org
Mon Feb 17 07:40:17 GMT 2020 


Holger Levsen pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f64dc2b2 by Holger Levsen at 2020-02-17T08:35:49+01:00
semi-automatic unclaim after 2 weeks of inactivity

Signed-off-by: Holger Levsen <holger at layer-acht.org>

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -10,7 +10,7 @@ this list is updated have a look at
 https://wiki.debian.org/LTS/Development#Triage_new_security_issues
 
 --
-clamav (Hugo Lefeuvre)
+clamav
   NOTE: 20200127: waiting for 0.102.1 to enter stretch/buster.
   NOTE: 0.102.* introduces a fair amount of ABI changes, and the migration
   NOTE: does not seem very smooth from the perspective of users. The release
@@ -68,7 +68,7 @@ php5 (Thorsten Alteholz)
 python-pysaml2 (Abhijith PA)
   NOTE: 2020203: test fails already for the one in archive (abhijith)
 --
-python-reportlab (Hugo Lefeuvre)
+python-reportlab
   NOTE: 20200127: upstream fix was published, but potentially unsuitable. currently investigating.
 --
 qemu (Utkarsh Gupta)
@@ -89,7 +89,7 @@ ruby-rack
   NOTE: slight possibility of this patch inducing a backdoor on its own. (utkarsh2102)
   NOTE: 20200216: Discussion ongoing on -lts list. (lamby)
 --
-salt (Mike Gabriel)
+salt
   NOTE: 20200118: about CVE-2019-17361... Compared to the upstream fix, there is a
   NOTE: 20200118: very similar code passage in salt/jessie's salt/client/api.py file.
   NOTE: 20200118: Needs to be checked, if that code is vulnerable or not.
@@ -100,7 +100,7 @@ slurm-llnl
   NOTE: 20191125: up for testing https://people.debian.org/~abhijith/upload/slurm-llnl_14.03.9-5+deb8u5.dsc
   NOTE: Regression found. (abhijith)
 --
-spamassassin (Mike Gabriel)
+spamassassin
   NOTE: 20200131: Code not checked whether it is actually vulnerable since it likely is. (ola)
   NOTE: 20200131: Contacted SA maintainer: https://lists.debian.org/debian-lts/2020/01/msg00076.html (sunweaver)
 --
@@ -128,7 +128,7 @@ wordpress
   NOTE: 20200118: Maybe affected, needs deeper triaging, no obvious commits
   NOTE: 20200118: referenced upstream. (sunweaver)
 --
-xcftools (Hugo Lefeuvre)
+xcftools
   NOTE: 20200111: wrote a patch + reproducer for CVE-2019-5086, waiting for review.
   NOTE: but I might just not receive any review any time soon, so I will now attempt to
   NOTE: fix the second issue and move on with the update.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f64dc2b2022bd15b223ebc2ac4291969884f66d4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/f64dc2b2022bd15b223ebc2ac4291969884f66d4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200217/d001e6b0/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list