[Git][security-tracker-team/security-tracker][master] 2 commits: dla: clarify comments made with front-desk hat

Mon May 23 15:37:19 BST 2022


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
65a38eda by Sylvain Beucler at 2022-05-23T16:31:18+02:00
dla: clarify comments made with front-desk hat

- - - - -
501d40bc by Sylvain Beucler at 2022-05-23T16:37:02+02:00
dla: add horizon

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -36,6 +36,7 @@ ckeditor (Sylvain Beucler)
   NOTE: 20220510: no rdeps, no sponsors, most CVEs require following upstream stable 4.x,
   NOTE: 20220510: considering either ignoring, or mass-bumping all dists,
   NOTE: 20220510: waiting for ckeditor_3_ discussion to close up first (Beuc)
+  NOTE: 20220510: https://lists.debian.org/debian-lts/2022/05/msg00018.html
 --
 clamav (Emilio)
   NOTE: 20220510: Programming language C. (apo)
@@ -47,9 +48,9 @@ cyrus-imapd
   NOTE: 20220523: Harmonize with DSA-4590-1 and Debian 10.11 (2 CVEs) (Beuc/front-desk)
 --
 debian-security-support (Utkarsh)
-  NOTE: 20220402: need to update the list of unsupported packages (Beuc)
-  NOTE: 20220402: check debian/README.source, sync with h01ger, and announce EOL'd packages (Beuc)
-  NOTE: 20220402: context: https://lists.debian.org/debian-lts/2022/04/msg00000.html (Beuc)
+  NOTE: 20220402: need to update the list of unsupported packages (Beuc/front-desk)
+  NOTE: 20220402: check debian/README.source, sync with h01ger, and announce EOL'd packages (Beuc/front-desk)
+  NOTE: 20220402: context: https://lists.debian.org/debian-lts/2022/04/msg00000.html (Beuc/front-desk)
   NOTE: 20220502: backport prepped, will contact Holger for more details. (utkarsh)
   NOTE: 20220516: in review, will also co-help Holger to maintain this. (utkarsh)
 --
@@ -80,11 +81,14 @@ glib2.0
   NOTE: 20220523: Harmonize with Debian 10.10 (3 CVEs) (Beuc/front-desk)
 --
 golang-go.crypto
-  NOTE: 20220331: rebuild reverse-dependencies if needed, e.g. DLA-2402-1 -> DLA-2453-1/DLA-2454-1/DLA-2455-1; also check buster status (Beuc)
+  NOTE: 20220331: rebuild reverse-dependencies if needed, e.g. DLA-2402-1 -> DLA-2453-1/DLA-2454-1/DLA-2455-1; also check buster status (Beuc/front-desk)
 --
 haproxy
   NOTE: 20220523: Harmonize with Debian 10.0 and 10.6 (3 CVEs) (Beuc/front-desk)
 --
+horizon
+  NOTE: 20220523: Harmonize with DSA-4820-1 (1 CVE) (Beuc/front-desk)
+--
 icingaweb2 (Abhijith PA)
   NOTE: https://people.debian.org/~abhijith/upload/mruby/icingaweb2_2.4.1-1+deb9u2.dsc (abhijith)
   NOTE: 20220522: Pinged upstream for missing patches. Will write an detail
@@ -94,8 +98,8 @@ intel-microcode (Stefano Rivera)
   NOTE: 20220213: please recheck
 --
 kvmtool
-  NOTE: 20220402: stretch-specific, orphaned package (Beuc)
-  NOTE: 20220402: CVE-2021-45464 looks critical, check with upstream for acknowledgments/fixes (Beuc)
+  NOTE: 20220402: stretch-specific, orphaned package (Beuc/front-desk)
+  NOTE: 20220402: CVE-2021-45464 looks critical, check with upstream for acknowledgments/fixes (Beuc/front-desk)
 --
 liblouis
   NOTE: 20220320: no patch available yet. Reproducible memory leaks with ASAN
@@ -132,15 +136,15 @@ ntfs-3g
   NOTE: available. (apo)
 --
 nvidia-cuda-toolkit
-   NOTE: 20220331: package is in non-free but also in packages-to-support (Beuc)
+   NOTE: 20220331: package is in non-free but also in packages-to-support (Beuc/front-desk)
 --
 nvidia-graphics-drivers
-  NOTE: 20220203: package is in non-free but also in packages-to-support (Beuc)
+  NOTE: 20220203: package is in non-free but also in packages-to-support (Beuc/front-desk)
   NOTE: 20220209: monitor nvidia-graphics-drivers-legacy-390xx for a potential
   NOTE: 20220209: backport (apo)
 --
 pdns
-  NOTE: 20220402: harmonize with buster/10.8 (Beuc)
+  NOTE: 20220402: harmonize with buster/10.8 (Beuc/front-desk)
   NOTE: 20220506: buster patches backported in https://salsa.debian.org/enrico/pdns/-/tree/stretch
   NOTE: 20220506: and #debian-dns notified (enrico)
   NOTE: 20220506: the patch for https://security-tracker.debian.org/tracker/CVE-2022-27227
@@ -157,7 +161,7 @@ postgresql-9.6
 puma (Markus Koschany)
 --
 puppet-module-puppetlabs-firewall
-  NOTE: 20220402: no Debian maintainers activity since 2018 (Beuc)
+  NOTE: 20220402: no Debian maintainers activity since 2018 (Beuc/front-desk)
 --
 redis
   NOTE: 20220510: Chris Lamb is the maintainer. Programming language C. (apo)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/96fa9a9eb38765e58a241dd0e5090c1d3e1691d2...501d40bc5efb1821bd5c88011dbc79b170d74a67

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/96fa9a9eb38765e58a241dd0e5090c1d3e1691d2...501d40bc5efb1821bd5c88011dbc79b170d74a67
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220523/c1c8ca0f/attachment-0001.htm>
