[Git][security-tracker-team/security-tracker][master] Reserve DLA-2726-1 for shiro

Roberto C. Sánchez (@roberto) roberto at debian.org
Mon Aug 2 23:00:19 BST 2021 


Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker


Commits:
122253c1 by Roberto C. Sánchez at 2021-08-02T17:59:58-04:00
Reserve DLA-2726-1 for shiro

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[02 Aug 2021] DLA-2726-1 shiro - security update
+	{CVE-2020-13933 CVE-2020-17510}
+	[stretch] - shiro 1.3.2-1+deb9u2
 [01 Aug 2021] DLA-2725-1 lrzip - security update
 	{CVE-2017-8844 CVE-2017-8846 CVE-2017-9928 CVE-2017-9929 CVE-2018-5650 CVE-2018-5747 CVE-2018-5786 CVE-2018-10685 CVE-2018-11496}
 	[stretch] - lrzip 0.631-1+deb9u1


=====================================
data/dla-needed.txt
=====================================
@@ -99,14 +99,6 @@ salt
   NOTE: 20210510: will try to release ASAP; also preparing update for buster (DSA). (utkarsh)
   NOTE: 20210607: new CVE patch proposed by damien; donfede to provide a debdiff. (utkarsh)
 --
-shiro (Roberto C. Sánchez)
-  NOTE: 20200920: WIP
-  NOTE: 20200928: Still awaiting reponse to request for assistance sent to upstream dev list. (roberto)
-  NOTE: 20201004: Sent additional request to upstream dev list; stil no response. (roberto)
-  NOTE: 20201220: Upstream has responded.  Working with them to backport fixes. (roberto)
-  NOTE: 20210511: Upstream provided suggestions/guidance on testing of backported fixes; testing/tweaking is in progress. (roberto)
-  NOTE: 20210728: Resume work to wrap everything up in the next few days (I hope); still need to work out some snags with Guice. (roberto)
---
 tomcat8 (Markus Koschany)
 --
 varnish (Adrian Bunk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/122253c1a6dead96e174a47227c95a95e5d7f258

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/122253c1a6dead96e174a47227c95a95e5d7f258
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210802/3039913c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list