[Git][security-tracker-team/security-tracker][master] 6 commits: data/config.json: Update mapping release -> codenames

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Aug 14 08:36:59 BST 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
48405548 by Salvatore Bonaccorso at 2021-08-12T10:30:52+02:00
data/config.json: Update mapping release -> codenames

Make stretch the oldoldoldstable distribution, buster the oldstable
distribution and bullseye the new stable distribution.

Mark bookworm as the new testing distribution and sync supported
architecture lists for now with the cut-off as given for buster.

Signed-off-by: Salvatore Bonaccorso <carnil at debian.org>

- - - - -
0e46a250 by Salvatore Bonaccorso at 2021-08-12T10:30:53+02:00
DSA.template: Add support for oldstable version information in DSA

Signed-off-by: Salvatore Bonaccorso <carnil at debian.org>

- - - - -
a2410e25 by Salvatore Bonaccorso at 2021-08-12T10:30:53+02:00
List packages from oldstable and stable for dsa-needed list

Include in listing the oldstable distribution by enabling the boolean
value "include_oldstable" to true and so enabling the including logic
later on in the script.

Signed-off-by: Salvatore Bonaccorso <carnil at debian.org>

- - - - -
a0962b9e by Salvatore Bonaccorso at 2021-08-12T10:30:53+02:00
distributions.json: Mark bullseye as supported by the Debian security team

Signed-off-by: Salvatore Bonaccorso <carnil at debian.org>

- - - - -
fd6b471f by Salvatore Bonaccorso at 2021-08-12T10:31:34+02:00
Move next-point-update.txt to next-oldstable-point-update.txt

All what is potentially pending for the next buster point release is not
to be considered for the next oldstable point update. Make an empty list
for bullseye (stable).

Signed-off-by: Salvatore Bonaccorso <carnil at debian.org>

- - - - -
f6f384c3 by Salvatore Bonaccorso at 2021-08-14T07:36:54+00:00
Merge branch 'bullseye-release' into 'master'

Preparations for the security-tracker for the bullseye release

See merge request security-tracker-team/security-tracker!75
- - - - -


6 changed files:

- bin/add-dsa-needed.sh
- data/config.json
- data/next-oldstable-point-update.txt
- data/next-point-update.txt
- doc/DSA.template
- static/distributions.json


Changes:

=====================================
bin/add-dsa-needed.sh
=====================================
@@ -20,7 +20,7 @@
 
 set -eu
 
-include_oldstable=false
+include_oldstable=true
 turl="https://security-tracker.debian.org/tracker/status/release"
 
 [ -f data/dsa-needed.txt ] || {


=====================================
data/config.json
=====================================
@@ -71,7 +71,7 @@
         ]
       },
       "architectures": [ "amd64", "arm64", "armel", "armhf", "i386" ],
-      "release": "oldstable"
+      "release": "oldoldstable"
     },
     "buster": {
       "members": {
@@ -84,7 +84,7 @@
         ]
       },
       "architectures": [ "amd64", "arm64", "armel", "armhf", "i386", "mips", "mips64el", "mipsel", "ppc64el", "s390x" ],
-      "release": "stable"
+      "release": "oldstable"
     },
     "bullseye": {
       "members": {
@@ -97,7 +97,7 @@
         ]
       },
       "architectures": [ "amd64", "arm64", "armel", "armhf", "i386", "mips64el", "mipsel", "ppc64el", "s390x" ],
-      "release": "testing"
+      "release": "stable"
     },
     "bookworm": {
       "members": {
@@ -108,7 +108,9 @@
         "optional": [
           "bookworm-proposed-updates"
         ]
-      }
+      },
+      "architectures": [ "amd64", "arm64", "armel", "armhf", "i386", "mips64el", "mipsel", "ppc64el", "s390x" ],
+      "release": "testing"
     },
     "trixie": {
       "members": {


=====================================
data/next-oldstable-point-update.txt
=====================================
@@ -0,0 +1,89 @@
+CVE-2019-20446
+	[buster] - librsvg 2.44.10-2.1+deb10u1
+CVE-2019-17134
+	[buster] - octavia 3.0.0-3+deb10u1
+CVE-2019-14433
+	[buster] - nova 2:18.1.0-6+deb10u1
+CVE-2019-14857
+	[buster] - libapache2-mod-auth-openidc 2.3.10.2-1+deb10u1
+CVE-2020-8492
+	[buster] - python2.7 2.7.16-2+deb10u2
+CVE-2019-20907
+	[buster] - python2.7 2.7.16-2+deb10u2
+CVE-2021-3177
+	[buster] - python2.7 2.7.16-2+deb10u2
+CVE-2020-24583
+	[buster] - python-django 1:1.11.29-1~deb10u2
+CVE-2020-24584
+	[buster] - python-django 1:1.11.29-1~deb10u2
+CVE-2021-3281
+	[buster] - python-django 1:1.11.29-1~deb10u2
+CVE-2021-23336
+	[buster] - python-django 1:1.11.29-1~deb10u2
+CVE-2020-4051
+	[buster] - dojo 1.14.2+dfsg1-1+deb10u3
+CVE-2020-36277
+	[buster] - leptonlib 1.76.0-1+deb10u1
+CVE-2020-36278
+	[buster] - leptonlib 1.76.0-1+deb10u1
+CVE-2020-36279
+	[buster] - leptonlib 1.76.0-1+deb10u1
+CVE-2020-36280
+	[buster] - leptonlib 1.76.0-1+deb10u1
+CVE-2020-36281
+	[buster] - leptonlib 1.76.0-1+deb10u1
+CVE-2021-32062
+	[buster] - mapserver 7.2.2-1+deb10u1
+CVE-2020-35572
+	[buster] - adminer 4.7.1-1+deb10u1
+CVE-2021-21311
+	[buster] - adminer 4.7.1-1+deb10u1
+CVE-2021-29625
+	[buster] - adminer 4.7.1-1+deb10u1
+CVE-2019-15605
+	[buster] - http-parser 2.8.1-1+deb10u1
+CVE-2021-21375
+	[buster] - ring 20190215.1.f152c98~ds1-1+deb10u1
+CVE-2021-35525
+	[buster] - postsrsd 1.5-2+deb10u2
+CVE-2021-1093
+	[buster] - nvidia-graphics-drivers-legacy-390xx 390.144-1~deb10u1
+	[buster] - nvidia-graphics-drivers 418.211.00-1
+CVE-2021-1094
+	[buster] - nvidia-graphics-drivers-legacy-390xx 390.144-1~deb10u1
+	[buster] - nvidia-graphics-drivers 418.211.00-1
+CVE-2021-1095
+	[buster] - nvidia-graphics-drivers-legacy-390xx 390.144-1~deb10u1
+	[buster] - nvidia-graphics-drivers 418.211.00-1
+CVE-2020-35653
+	[buster] - pillow 5.4.1-2+deb10u3
+CVE-2020-35655
+	[buster] - pillow 5.4.1-2+deb10u3
+CVE-2021-27921
+	[buster] - pillow 5.4.1-2+deb10u3
+CVE-2021-27922
+	[buster] - pillow 5.4.1-2+deb10u3
+CVE-2021-27923
+	[buster] - pillow 5.4.1-2+deb10u3
+CVE-2021-25290
+	[buster] - pillow 5.4.1-2+deb10u3
+CVE-2021-25292
+	[buster] - pillow 5.4.1-2+deb10u3
+CVE-2021-28677
+	[buster] - pillow 5.4.1-2+deb10u3
+CVE-2021-28678
+	[buster] - pillow 5.4.1-2+deb10u3
+CVE-2021-34552
+	[buster] - pillow 5.4.1-2+deb10u3
+CVE-2021-23413
+	[buster] - node-jszip 3.1.4+dfsg-1+deb10u1
+CVE-2019-13045
+	[buster] - irssi 1.2.0-2+deb10u1
+CVE-2020-11988
+	[buster] - xmlgraphics-commons 2.3-1+deb10u1
+CVE-2020-13881
+	[buster] - libpam-tacplus 1.3.8-2+deb10u1
+CVE-2021-32803
+	[buster] - node-tar 4.4.6+ds1-3+deb10u1
+CVE-2021-32804
+	[buster] - node-tar 4.4.6+ds1-3+deb10u1


=====================================
data/next-point-update.txt
=====================================
@@ -1,89 +0,0 @@
-CVE-2019-20446
-	[buster] - librsvg 2.44.10-2.1+deb10u1
-CVE-2019-17134
-	[buster] - octavia 3.0.0-3+deb10u1
-CVE-2019-14433
-	[buster] - nova 2:18.1.0-6+deb10u1
-CVE-2019-14857
-	[buster] - libapache2-mod-auth-openidc 2.3.10.2-1+deb10u1
-CVE-2020-8492
-	[buster] - python2.7 2.7.16-2+deb10u2
-CVE-2019-20907
-	[buster] - python2.7 2.7.16-2+deb10u2
-CVE-2021-3177
-	[buster] - python2.7 2.7.16-2+deb10u2
-CVE-2020-24583
-	[buster] - python-django 1:1.11.29-1~deb10u2
-CVE-2020-24584
-	[buster] - python-django 1:1.11.29-1~deb10u2
-CVE-2021-3281
-	[buster] - python-django 1:1.11.29-1~deb10u2
-CVE-2021-23336
-	[buster] - python-django 1:1.11.29-1~deb10u2
-CVE-2020-4051
-	[buster] - dojo 1.14.2+dfsg1-1+deb10u3
-CVE-2020-36277
-	[buster] - leptonlib 1.76.0-1+deb10u1
-CVE-2020-36278
-	[buster] - leptonlib 1.76.0-1+deb10u1
-CVE-2020-36279
-	[buster] - leptonlib 1.76.0-1+deb10u1
-CVE-2020-36280
-	[buster] - leptonlib 1.76.0-1+deb10u1
-CVE-2020-36281
-	[buster] - leptonlib 1.76.0-1+deb10u1
-CVE-2021-32062
-	[buster] - mapserver 7.2.2-1+deb10u1
-CVE-2020-35572
-	[buster] - adminer 4.7.1-1+deb10u1
-CVE-2021-21311
-	[buster] - adminer 4.7.1-1+deb10u1
-CVE-2021-29625
-	[buster] - adminer 4.7.1-1+deb10u1
-CVE-2019-15605
-	[buster] - http-parser 2.8.1-1+deb10u1
-CVE-2021-21375
-	[buster] - ring 20190215.1.f152c98~ds1-1+deb10u1
-CVE-2021-35525
-	[buster] - postsrsd 1.5-2+deb10u2
-CVE-2021-1093
-	[buster] - nvidia-graphics-drivers-legacy-390xx 390.144-1~deb10u1
-	[buster] - nvidia-graphics-drivers 418.211.00-1
-CVE-2021-1094
-	[buster] - nvidia-graphics-drivers-legacy-390xx 390.144-1~deb10u1
-	[buster] - nvidia-graphics-drivers 418.211.00-1
-CVE-2021-1095
-	[buster] - nvidia-graphics-drivers-legacy-390xx 390.144-1~deb10u1
-	[buster] - nvidia-graphics-drivers 418.211.00-1
-CVE-2020-35653
-	[buster] - pillow 5.4.1-2+deb10u3
-CVE-2020-35655
-	[buster] - pillow 5.4.1-2+deb10u3
-CVE-2021-27921
-	[buster] - pillow 5.4.1-2+deb10u3
-CVE-2021-27922
-	[buster] - pillow 5.4.1-2+deb10u3
-CVE-2021-27923
-	[buster] - pillow 5.4.1-2+deb10u3
-CVE-2021-25290
-	[buster] - pillow 5.4.1-2+deb10u3
-CVE-2021-25292
-	[buster] - pillow 5.4.1-2+deb10u3
-CVE-2021-28677
-	[buster] - pillow 5.4.1-2+deb10u3
-CVE-2021-28678
-	[buster] - pillow 5.4.1-2+deb10u3
-CVE-2021-34552
-	[buster] - pillow 5.4.1-2+deb10u3
-CVE-2021-23413
-	[buster] - node-jszip 3.1.4+dfsg-1+deb10u1
-CVE-2019-13045
-	[buster] - irssi 1.2.0-2+deb10u1
-CVE-2020-11988
-	[buster] - xmlgraphics-commons 2.3-1+deb10u1
-CVE-2020-13881
-	[buster] - libpam-tacplus 1.3.8-2+deb10u1
-CVE-2021-32803
-	[buster] - node-tar 4.4.6+ds1-3+deb10u1
-CVE-2021-32804
-	[buster] - node-tar 4.4.6+ds1-3+deb10u1


=====================================
doc/DSA.template
=====================================
@@ -14,6 +14,9 @@ Debian Bug     : $BUGNUM
 
 $TEXT
 
+For the oldstable distribution ($OLDSTABLE), this problem has been fixed
+in version $$OLDSTABLE_VERSION.
+
 For the stable distribution ($STABLE), this problem has been fixed in
 version $$STABLE_VERSION.
 


=====================================
static/distributions.json
=====================================
@@ -21,8 +21,8 @@
   },
   "bullseye": {
     "major-version": "11",
-    "support": "none",
-    "contact": ""
+    "support": "security",
+    "contact": "team at security.debian.org"
   },
   "bookworm": {
     "major-version": "12",



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a5f341c630e89339606d8587ecee89e5913d00a1...f6f384c3c2d9b356f78ef0be5c327a914b40691e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/a5f341c630e89339606d8587ecee89e5913d00a1...f6f384c3c2d9b356f78ef0be5c327a914b40691e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210814/697ba642/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list