[Git][security-tracker-team/security-tracker][master] dla: minor clarifications/formatting

Sylvain Beucler (@beuc) beuc at debian.org
Mon May 2 17:04:39 BST 2022



Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5958df03 by Sylvain Beucler at 2022-05-02T18:04:07+02:00
dla: minor clarifications/formatting

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -33,7 +33,7 @@ ark
   NOTE: 20220424: programming language C
 --
 cgal
-  NOTE: 20220421: many no-dsa issues, please check, whether it is possible to fix them without an uploading of a new upstream release (Anton)
+  NOTE: 20220421: many no-dsa issues, please check, whether it is possible to fix them without uploading a new upstream release (Anton)
 --
 ckeditor
   NOTE: 20220402: multiple pendings vulnerabilities (Beuc)
@@ -114,9 +114,9 @@ nvidia-cuda-toolkit
    NOTE: 20220331: package is in non-free but also in packages-to-support (Beuc)
 --
 nvidia-graphics-drivers
-   NOTE: 20220203: package is in non-free but also in packages-to-support (Beuc)
-   NOTE: 20220209: monitor nvidia-graphics-drivers-legacy-390xx for a potential
-   NOTE: 20220209: backport (apo)
+  NOTE: 20220203: package is in non-free but also in packages-to-support (Beuc)
+  NOTE: 20220209: monitor nvidia-graphics-drivers-legacy-390xx for a potential
+  NOTE: 20220209: backport (apo)
 --
 openjdk-8 (pochu)
 --
@@ -132,13 +132,13 @@ puppet-module-puppetlabs-firewall
   NOTE: 20220402: no Debian maintainers activity since 2018 (Beuc)
 --
 ring (Abhijith PA)
- NOTE: 20220314: https://people.debian.org/~abhijith/upload/vda/ring_20161221.2.7bd7d91~dfsg1-1+deb9u2.dsc
- NOTE: 20220404: package in archive is faulty. New regs can't be done due (abhijith)
- NOTE: 20220404: a network error (abhijith)
+  NOTE: 20220314: https://people.debian.org/~abhijith/upload/vda/ring_20161221.2.7bd7d91~dfsg1-1+deb9u2.dsc
+  NOTE: 20220404: package in archive is faulty. New regs can't be done due (abhijith)
+  NOTE: 20220404: a network error (abhijith)
 --
 ruby-devise-two-factor
- NOTE: 20220427: Patch does not apply cleanly to LTS version, may be due to this being the result
- NOTE: 20220427: of an incomplete fix to CVE-2015-7225. Will require some investigation. (lamby)
+  NOTE: 20220427: Patch does not apply cleanly to LTS version, may be due to this being the result
+  NOTE: 20220427: of an incomplete fix to CVE-2015-7225. Will require some investigation. (lamby)
 --
 salt
 --
@@ -156,9 +156,10 @@ snapd
 --
 sox
   NOTE: 20220326: CVE-2019-13590 is fixed in git (Anton)
+  NOTE: 20220326: https://salsa.debian.org/lts-team/packages/sox
   NOTE: 20220326: fix for CVE-2021-40426 is not yet available (Anton)
 --
-subversion
+subversion (Roberto C. Sánchez)
   NOTE: 20220422: Upstream's patch for CVE-2021-28544 does not cleanly apply (eg. "copyfrom_path = apr_pstrdup(...)" assignment)
   NOTE: 20220422: and, once applied manually, appears to break multiple and possibly unrelated parts of the testsuite. (lamby)
   NOTE: 20220501: Done some analysis, worked on a patch, cannot find a way to test it, mailed results to Roberto C. Sánchez (enrico)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5958df037181dbc5c6b0eb1a7243c919bdd75f2d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5958df037181dbc5c6b0eb1a7243c919bdd75f2d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220502/29ae2a60/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list