[Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity

Jeremiah C. Foster (@jeremiah) gitlab at salsa.debian.org
Tue May 17 03:34:46 BST 2022 


Jeremiah C. Foster pushed to branch master at Debian Security Tracker / security-tracker


Commits:
63d58345 by Jeremiah C. Foster at 2022-05-16T22:26:44-04:00
semi-automatic unclaim after 2 weeks of inactivity

Signed-off-by: Jeremiah C. Foster <jeremiah at jeremiahfoster.com>

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -33,7 +33,7 @@ asterisk (Abhijith PA)
 cgal
   NOTE: 20220421: many no-dsa issues, please check, whether it is possible to fix them without uploading a new upstream release (Anton)
 --
-ckeditor (Sylvain Beucler)
+ckeditor
   NOTE: 20220402: multiple pendings vulnerabilities (Beuc)
 --
 clamav (Emilio)
@@ -62,7 +62,7 @@ gerbv
 golang-go.crypto
   NOTE: 20220331: rebuild reverse-dependencies if needed, e.g. DLA-2402-1 -> DLA-2453-1/DLA-2454-1/DLA-2455-1; also check buster status (Beuc)
 --
-gpac (Roberto C. Sánchez)
+gpac
   NOTE: 20211101: coordinating with secteam for s-p-u since stretch/buster versions match (roberto)
   NOTE: 20211120: received OK from secteam for buster update, working on stretch/buster in parallel (roberto)
   NOTE: 20211228: Returning to active work on this now that llvm/rustc update is complete (roberto)
@@ -70,7 +70,7 @@ gpac (Roberto C. Sánchez)
   NOTE: 20220413: New CVEs continue flooding in (roberto)
   NOTE: 20220427: Preparing to work with security team to declare EOL (roberto)
 --
-icingaweb2 (Abhijith PA)
+icingaweb2
   NOTE: https://people.debian.org/~abhijith/upload/mruby/icingaweb2_2.4.1-1+deb9u2.dsc (abhijith)
 --
 intel-microcode (Stefano Rivera)
@@ -86,7 +86,7 @@ liblouis
   NOTE: 20220503: CVE-2022-26981 patch applied in salsa lts-team repo,
   NOTE: 20220503: Patch not applied upstream yet.
 --
-libpgjava (Markus Koschany)
+libpgjava
 --
 libvirt (Thorsten Alteholz)
   NOTE: 20220508: testing package
@@ -177,7 +177,7 @@ sox
   NOTE: 20220326: https://salsa.debian.org/lts-team/packages/sox
   NOTE: 20220326: fix for CVE-2021-40426 is not yet available (Anton)
 --
-subversion (Roberto C. Sánchez)
+subversion
   NOTE: 20220422: Upstream's patch for CVE-2021-28544 does not cleanly apply (eg. "copyfrom_path = apr_pstrdup(...)" assignment)
   NOTE: 20220422: and, once applied manually, appears to break multiple and possibly unrelated parts of the testsuite. (lamby)
   NOTE: 20220501: Done some analysis, worked on a patch, cannot find a way to test it, mailed results to Roberto C. Sánchez (enrico)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63d58345a20951f0419a2fbfa3617181eda0ae84

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63d58345a20951f0419a2fbfa3617181eda0ae84
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220517/74c90da0/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list