[Git][security-tracker-team/security-tracker][master] Reserve DLA-2937-1 for gif2apng

Anton Gladky (@gladk) gladk at debian.org
Mon Mar 7 21:12:54 GMT 2022 


Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ee9d1fd9 by Anton Gladky at 2022-03-07T22:12:43+01:00
Reserve DLA-2937-1 for gif2apng

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[07 Mar 2022] DLA-2937-1 gif2apng - security update
+	{CVE-2021-45909 CVE-2021-45910 CVE-2021-45911}
+	[stretch] - gif2apng 1.9+srconly-2+deb9u2
 [07 Mar 2022] DLA-2936-1 libgit2 - security update
 	{CVE-2018-8098 CVE-2018-8099 CVE-2018-10887 CVE-2018-10888 CVE-2018-15501}
 	[stretch] - libgit2 0.25.1+really0.24.6-1+deb9u1


=====================================
data/dla-needed.txt
=====================================
@@ -34,12 +34,6 @@ firmware-nonfree (Markus Koschany)
   NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding possible "ignore" tag
   NOTE: 20211207: Intend to release this week.
 --
-gif2apng (Anton)
-  NOTE: 20220114: orphaned package with inactive upstream, maybe coordinate with Debian QA to write our own patches (Beuc)
-  NOTE: 20220114: CVEs unrelated to apng2gif's (Beuc)
-  NOTE: 20220221: WIP (Anton)
-  NOTE: 20220221: CVE-2021-45909 is fixed. (Anton)
---
 gpac (Roberto C. Sánchez)
   NOTE: 20211101: coordinating with secteam for s-p-u since stretch/buster versions match (roberto)
   NOTE: 20211120: received OK from secteam for buster update, working on stretch/buster in parallel (roberto)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee9d1fd9f9d31ffaaba8053c2f87581b33c24618

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ee9d1fd9f9d31ffaaba8053c2f87581b33c24618
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220307/a0f30373/attachment.htm>

More information about the debian-security-tracker-commits mailing list