[Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Anton Gladky (@gladk)
gladk at debian.org
Tue Jan 3 09:01:23 GMT 2023
Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b3be6a11 by Anton Gladky at 2023-01-03T10:01:11+01:00
semi-automatic unclaim after 2 weeks of inactivity
Signed-off-by: Anton Gladky <gladk at debian.org>
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
@@ -37,7 +37,7 @@ consul
NOTE: 20221031: Programming language: Go.
NOTE: 20221031: Concluded that the package should be fixed by the CVE description. Source code not analyzed in detail.
--
-curl (Roberto C. Sánchez)
+curl
NOTE: 20220901: Programming language: C.
NOTE: 20220904: VCS: https://salsa.debian.org/lts-team/packages/curl.git
NOTE: 20220904: Special attention: high popcon!.
@@ -47,10 +47,10 @@ erlang
NOTE: 20221119: Programming language: Erlang.
NOTE: 20221119: at least CVE-2022-37026 needs to be fixed (original request has been for Stretch)
--
-exiv2 (Helmut Grohne)
+exiv2
NOTE: 20221119: Programming language: C.
--
-firmware-nonfree (Markus Koschany)
+firmware-nonfree
NOTE: 20220906: Consider to check the severity of the issues again and judge whether a correction is worth it.
NOTE: 20221204: Coming soon in the first week of December. (apo)
NOTE: 20221211: Programming language: Binary blob
@@ -88,7 +88,7 @@ golang-websocket
graphite-web
NOTE: 20221229: Programming language: Python.
--
-imagemagick (Roberto C. Sánchez)
+imagemagick
NOTE: 20220904: Programming language: C.
NOTE: 20220904: VCS: https://salsa.debian.org/lts-team/packages/imagemagick.git
NOTE: 20220904: Should be synced with Stretch. (apo)
@@ -110,7 +110,7 @@ libde265
NOTE: 20221107: No prior DSA/DLA/ELA afaics (Beuc/front-desk)
NOTE: 20221215: CVE-2020-21599 CVE-2021-35452 CVE-2021-36408 CVE-2021-36409 CVE-2021-36410 CVE-2021-36411 adressed, remaining CVEs are unfixed upstream. (I've proposed a patch upstream, waiting for feeback) (tobi)
--
-libetpan (Utkarsh)
+libetpan
NOTE: 20221203: Programming language: C++.
NOTE: 20221203: VCS: https://salsa.debian.org/lts-team/packages/libetpan.git
--
@@ -147,7 +147,7 @@ net-snmp
NOTE: 20221120: Programming language: C.
NOTE: 20221206: no upstream patch yet.
--
-netatalk (gladk)
+netatalk
NOTE: 20220816: Programming language: C.
NOTE: 20220912: We get errors in the log, not present on bookworm. Needs more investigation. (stefanor)
NOTE: 20221212: VCS: https://salsa.debian.org/lts-team/packages/netatalk
@@ -174,7 +174,7 @@ node-got
NOTE: 20221111: Follow fixes from bullseye 11.4 (Beuc/front-desk)
NOTE: 20221223: Module has been rewritten in Typescript since Buster released (lamby).
--
-node-moment (Utkarsh)
+node-moment
NOTE: 20221111: Programming language: JavaScript.
NOTE: 20221111: Follow fixes from bullseye 11.4 and 11.5 (Beuc/front-desk)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3be6a1188a7427b8a03c8697580ba203c17780f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b3be6a1188a7427b8a03c8697580ba203c17780f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230103/2ea5adac/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list