[Git][security-tracker-team/security-tracker][master] 4 commits: dla: add mailman

Sylvain Beucler (@beuc) beuc at debian.org
Mon May 23 09:24:09 BST 2022 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
df339ba3 by Sylvain Beucler at 2022-05-23T10:23:59+02:00
dla: add mailman

- - - - -
916c912b by Sylvain Beucler at 2022-05-23T10:23:59+02:00
dla: add atftp

- - - - -
63c04e9c by Sylvain Beucler at 2022-05-23T10:23:59+02:00
dla: add avahi

- - - - -
8c681fb5 by Sylvain Beucler at 2022-05-23T10:23:59+02:00
dla: unassign postgresql-9.6 following e-mail exchange

- - - - -


2 changed files:

- data/dla-needed.txt
- data/packages/lts-do-call-me


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -22,6 +22,12 @@ amd64-microcode
 asterisk (Abhijith PA)
   NOTE: 20220424: programming language C
 --
+atftp
+  NOTE: 20220523: Harmonize with Debian 10.12 (1 CVE) (Beuc/front-desk)
+--
+avahi
+  NOTE: 20220523: Harmonize with Debian 10.9 (1 Debian-specific CVE) (Beuc/front-desk)
+--
 cgal (Andreas Rönnquist)
   NOTE: 20220421: many no-dsa issues, please check, whether it is possible to fix them without uploading a new upstream release (Anton)
 --
@@ -89,6 +95,9 @@ linux (Ben Hutchings)
 --
 linux-4.19 (Ben Hutchings)
 --
+mailman
+  NOTE: 20220523: Harmonize with Debian 10.12 (3 CVEs, regression fixes) (Beuc/front-desk)
+--
 mariadb-10.1
   NOTE: 20220222: Can be risky. Please consider backporting mariadb-10.3. See discussion https://lists.debian.org/debian-lts/2022/02/msg00005.html and coordinate with maintainer (Anton)
 --
@@ -124,8 +133,11 @@ pdns
   NOTE: 20220506: package builds but does not run a test suite, and I lack the
   NOTE: 20220506: know-how for testing manually (enrico)
 --
-postgresql-9.6 (Christoph Berg)
+postgresql-9.6
   NOTE: 20220523: cf. DSA-5135-1/DSA-5136-1 (Beuc/front-desk)
+  NOTE: 20220523: 9.6 is EOL'd upstream (Beuc/front-desk)
+  NOTE: 20220523: Christoph Berg won't handle this update (Beuc/front-desk)
+  NOTE: 20220523: https://lists.debian.org/debian-lts/2022/05/msg00054.html
 --
 puma (Markus Koschany)
 --


=====================================
data/packages/lts-do-call-me
=====================================
@@ -10,6 +10,8 @@ busybox     DebConf19 conversation with apo
 
 # Christoph Berg (credativ)
 postgresql* (Christoph will always take care of updates, no need to contact him)
+# However Christoph won't update EOL'd 9.6 for stretch
+# https://lists.debian.org/debian-lts/2022/05/msg00054.html
 
 # Peter Palfrader
 tor



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/475f3a04a115f43b6e13f8473362e900a8800888...8c681fb59f3eb12f47ead7d053767ff9d530d663

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/475f3a04a115f43b6e13f8473362e900a8800888...8c681fb59f3eb12f47ead7d053767ff9d530d663
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220523/28510239/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list