[Git][security-tracker-team/security-tracker][master] Update remaining status in dla-needed.txt

Markus Koschany apo at debian.org
Sun Nov 29 23:30:45 GMT 2020 


Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
531c5f04 by Markus Koschany at 2020-11-30T00:29:52+01:00
Update remaining status in dla-needed.txt

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -23,6 +23,9 @@ ansible (Markus Koschany)
   NOTE: 20200508: bam: Upstream fix was to use 660 - https://github.com/ansible/ansible/pull/68970
   NOTE: 20200508: bam: Upstream fix was reverted - https://github.com/ansible/ansible/pull/68983
   NOTE: 20200508: bam: See https://github.com/ansible/ansible/issues/67794
+  NOTE: 20201130: apo: I believe a partial update makes sense at the moment.
+  NOTE: 20201130: Not everything is clear and obvious thus fixing some CVE is
+  NOTE: 20201130: better than continue to ignore all of them.
 --
 brotli (Roberto C. Sánchez)
   NOTE: 20201025: Requested patch review on debian-lts at l.d.o (roberto)
@@ -107,6 +110,8 @@ openldap (Utkarsh)
 --
 pacemaker (Markus Koschany)
   NOTE: 20201117: See #974563 for further information.
+  NOTE: 20201130: I will ask the other bug reporters for feedback and testing
+  NOTE: 20201130: in #974563. The update itself looks good to me.
 --
 pdfresurrect
 --
@@ -171,6 +176,8 @@ spip
 vips (Adrian Bunk)
 --
 webcit (Markus Koschany)
+  NOTE: 20201130: Requested more information from upstream. Currently patches
+  NOTE: or workarounds are not available.
 --
 wireshark
   NOTE: 20201007: during last triage, I marked some CVEs as no-dsa, it'd be great to include



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/531c5f045bc8087680907f525d76e2208f486d68

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/531c5f045bc8087680907f525d76e2208f486d68
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201129/2ffe4fab/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list