[Git][security-tracker-team/security-tracker][master] 4 commits: LTS: add libarchive to dla-needed.txt
Anton Gladky (@gladk)
gladk at debian.org
Mon Nov 28 23:14:45 GMT 2022
Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0b9472f0 by Anton Gladky at 2022-11-28T23:14:05+01:00
LTS: add libarchive to dla-needed.txt
- - - - -
9ec5d38c by Anton Gladky at 2022-11-28T23:14:05+01:00
LTS: add libpgjava to dla-needed.txt
- - - - -
d6fdd7de by Anton Gladky at 2022-11-28T23:14:05+01:00
LTS: add nextcloud-desktop to dla-needed.txt
- - - - -
a24776ed by Anton Gladky at 2022-11-28T23:14:05+01:00
LTS: add vim to dla-needed.txt
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
@@ -105,6 +105,10 @@ lava
libapreq2
NOTE: 20221031: Programming language: C.
--
+libarchive
+ NOTE: 20221128: Programming language: C.
+ NOTE: 20221128: VCS: https://salsa.debian.org/lts-team/packages/libarchive.git
+--
libcommons-jxpath-java
NOTE: 20221027: Programming language: Java.
NOTE: 20221027: Maintainer notes: Wait for the outcome of upstream discussion. See CVE-2022-41852 for pull requests.
@@ -114,6 +118,12 @@ libde265
NOTE: 20221107: Most vulnerabilities unfixed upstream, but a handful are fixed, and v1.0.9 (2022-10) is a security release (Beuc/front-desk)
NOTE: 20221107: No prior DSA/DLA/ELA afaics (Beuc/front-desk)
--
+libpgjava
+ NOTE: 20221128: Programming language: Java.
+ NOTE: 20221128: VCS: https://salsa.debian.org/lts-team/packages/libpgjava.git
+ NOTE: 20221128: Please check, whether CVE-2022-41946 affects modern systems (gladk).
+ NOTE: 20221128: If not - please mark it as <ignored> (gladk).
+--
libreoffice
NOTE: 20221012: Programming language: C++.
--
@@ -153,6 +163,11 @@ netatalk (gladk)
NOTE: 20220816: Programming language: C.
NOTE: 20220912: We get errors in the log, not present on bookworm. Needs more investigation. (stefanor)
--
+nextcloud-desktop
+ NOTE: 20221128: Programming language: C++.
+ NOTE: 20221128: VCS: https://salsa.debian.org/owncloud-team/nextcloud-desktop
+ NOTE: 20221128: Please coordinate with maintainer the usage of their git-repo (gladk).
+--
node-cached-path-relative
NOTE: 20221111: Programming language: JavaScript.
NOTE: 20221111: Follow fixes from bullseye 11.3 (Beuc/front-desk)
@@ -318,6 +333,11 @@ trafficserver
NOTE: 20221114: https://people.debian.org/~abhijith/upload/trf/ (abhijith)
NOTE: 20221114: Asked upstream regarding CVE-2022-31779 (abhijith)
--
+vim
+ NOTE: 20221128: Programming language: C.
+ NOTE: 20221128: VCS: https://salsa.debian.org/lts-team/packages/vim.git
+ NOTE: 20221128: Please wait till at least several CVEs appear before upload (gladk).
+--
virglrenderer (Thorsten Alteholz)
NOTE: 20221009: Programming language: C.
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/540aab09498e193c6b6058b811192049e3004270...a24776ed8ea4dd477fb2103df1af4f48d1519b4a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/540aab09498e193c6b6058b811192049e3004270...a24776ed8ea4dd477fb2103df1af4f48d1519b4a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221128/336104fb/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list