[Git][security-tracker-team/security-tracker][master] 2 commits: Add notes for claimed packages

Sun Sep 27 20:45:37 BST 2020


Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b93f4c78 by Utkarsh Gupta at 2020-09-28T01:14:20+05:30
Add notes for claimed packages

- - - - -
926f2111 by Utkarsh Gupta at 2020-09-28T01:15:23+05:30
Take this week's frontdesk w/ premission

- - - - -


2 changed files:

- data/dla-needed.txt
- org/lts-frontdesk.2020.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -110,7 +110,7 @@ nss (Adrian Bunk)
   NOTE: 20200914: new CVE for racoon (bunk)
 --
 open-build-service (Utkarsh Gupta)
-  NOTE: 20200909: in touch with upstream. (utkarsh)
+  NOTE: 20200928: in touch with upstream - still figuring out the best way to backport. (utkarsh)
 --
 opendmarc
   NOTE: 20200719: no patches for remaining CVEs available, everything else is already done in Stretch (thorsten)
@@ -148,7 +148,9 @@ ruby-doorkeeper
   NOTE: 20200831: more investigation needed. (utkarsh)
 --
 ruby-json-jwt (Utkarsh)
-  NOTE: 20200914: testing against the new reproducer. (utkarsh)
+  NOTE: 20200928: when explicitly specifying the number of elements when splitting
+  NOTE: 20200928: JWE string, three are chances of regression. the demonstration doesn't
+  NOTE: 20200928: work as advertised. (utkarsh)
 --
 ruby-kaminari (Utkarsh)
   NOTE: 20200819: The source in Debian (at least in LTS) appears to have a different lineage to
@@ -156,14 +158,14 @@ ruby-kaminari (Utkarsh)
   NOTE: 20200819: kaminari/kaminari and amatsuda/kaminari repositories does no have the
   NOTE: 20200819: @params.except(:script_name) line in any part of their history (although the
   NOTE: 20200819: file has been refactored a few times). (lamby)
-  NOTE: 20200914: A new module should be written in config/initializers/kaminari.rb. (utkarsh)
-  NOTE: 20200914: It should prepend_features from Kaminari::Helpers::Tag. (utkarsh)
+  NOTE: 20200928: A new module should be written in config/initializers/kaminari.rb. (utkarsh)
+  NOTE: 20200928: It should prepend_features from Kaminari::Helpers::Tag. (utkarsh)
 --
 ruby-oauth
 --
 ruby-rack-cors (Utkarsh)
  NOTE: 20200817: Was fixed in DLA-2096-1 for jessie LTS but is now re-vulnerable again in stretch LTS AFAICT. (lamby)
- NOTE: 20200914: problems in reproducing. will investigate in sometime. (utkarsh)
+ NOTE: 20200928: last bits of testing + smoke test remains. (utkarsh)
 --
 samba
   NOTE: 20200703: Check with security team so that there's no clash for Stretch update. (utkarsh)


=====================================
org/lts-frontdesk.2020.txt
=====================================
@@ -49,7 +49,7 @@ From 31-08 to 06-09:Utkarsh Gupta <guptautkarsh2102 at gmail.com>
 From 07-09 to 13-09:Chris Lamb <chris at chris-lamb.co.uk>
 From 14-09 to 20-09:Mike Gabriel <mike.gabriel at das-netzwerkteam.de>
 From 21-09 to 27-09:Thorsten Alteholz <debian at alteholz.de>
-From 28-09 to 04-10:Abhijith PA <abhijith at debian.org>
+From 28-09 to 04-10:Utkarsh Gupta <guptautkarsh2102 at gmail.com>
 From 05-10 to 11-10:Abhijith PA <abhijith at debian.org>
 From 12-10 to 18-10:Chris Lamb <chris at chris-lamb.co.uk>
 From 19-10 to 25-10:Thorsten Alteholz <debian at alteholz.de>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c7a4c8b81a6306d1830122c7816b0926ab7bcf84...926f2111833150efb04897094efdededb8bdb27c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c7a4c8b81a6306d1830122c7816b0926ab7bcf84...926f2111833150efb04897094efdededb8bdb27c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200927/49261565/attachment-0001.html>
