[Git][security-tracker-team/security-tracker][master] LTS: Add missing VCS information in packages
Anton Gladky (@gladk)
gladk at debian.org
Wed Jan 11 05:51:08 GMT 2023
Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bc6470c0 by Anton Gladky at 2023-01-11T06:50:53+01:00
LTS: Add missing VCS information in packages
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
@@ -24,6 +24,7 @@ apache2
--
asterisk
NOTE: 20221211: Programming language: C.
+ NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/asterisk.git
--
ceph (Stefano Rivera)
NOTE: 20221031: Programming language: C++.
@@ -32,6 +33,7 @@ ceph (Stefano Rivera)
NOTE: 20221130: CVE-2022-3650: The patch is kind of trivial Python stuff backporting work.
NOTE: 20221130: Can someone take care of it in Buster? I'm currently building the Bullseye backport of the fix...
NOTE: 20221130: https://lists.debian.org/debian-lts/2022/11/msg00025.html (zigo/maintainer)
+ NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/ceph.git
--
consul
NOTE: 20221031: Programming language: Go.
@@ -52,6 +54,7 @@ dojo
erlang
NOTE: 20221119: Programming language: Erlang.
NOTE: 20221119: at least CVE-2022-37026 needs to be fixed (original request has been for Stretch)
+ NOTE: 20230111: VCS: https://salsa.debian.org/erlang-team/packages/erlang
--
fig2dev
NOTE: 20230105: Programming language: C.
@@ -107,6 +110,7 @@ kopanocore
--
lava
NOTE: 20221127: Programming language: Python.
+ NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/lava.git
--
lemonldap-ng
NOTE: 20230105: Programming language: Perl.
@@ -124,12 +128,15 @@ libde265
NOTE: 20221107: Most vulnerabilities unfixed upstream, but a handful are fixed, and v1.0.9 (2022-10) is a security release (Beuc/front-desk)
NOTE: 20221107: No prior DSA/DLA/ELA afaics (Beuc/front-desk)
NOTE: 20221215: CVE-2020-21599 CVE-2021-35452 CVE-2021-36408 CVE-2021-36409 CVE-2021-36410 CVE-2021-36411 adressed, remaining CVEs are unfixed upstream. (I've proposed a patch upstream, waiting for feeback) (tobi)
+ NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/libde265.git
--
libitext5-java (Markus Koschany)
NOTE: 20221225: Programming language: Java.
+ NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/libitext5-java.git
--
libreoffice
NOTE: 20221012: Programming language: C++.
+ NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/libreoffice.git
--
libsdl2
NOTE: 20221111: Programming language: C.
@@ -153,9 +160,11 @@ man2html
modsecurity-crs
NOTE: 20221006: Programming language: Other.
NOTE: 20221006: Maintainer notes: Please contact maintainer. Consider uploading of newer version.
+ NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/modsecurity-crs.git
--
net-snmp (guilhem)
NOTE: 20221120: Programming language: C.
+ NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/net-snmp.git
--
netatalk
NOTE: 20220816: Programming language: C.
@@ -225,6 +234,7 @@ nvidia-graphics-drivers-legacy-390xx
NOTE: 20221225: Programming language: binary blob.
NOTE: 20230103: Cf. on-going discussion on nvidia support (Beuc/front-desk)
NOTE: 20230103: https://lists.debian.org/debian-lts/2023/01/msg00005.html
+ NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/nvidia-graphics-drivers-legacy-390xx.git
--
openimageio
NOTE: 20221225: Programming language: C.
@@ -288,6 +298,7 @@ rainloop
--
ring
NOTE: 20221120: Programming language: C.
+ NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/ring.git
--
ruby-loofah
NOTE: 20221231: Programming language: Ruby.
@@ -322,11 +333,13 @@ snakeyaml
--
snort
NOTE: 20220905: Requires further triaging to conclude exactly which CVEs to be fixed or ignored.
+ NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/snort.git
--
sox
NOTE: 20220818: Programming language: C.
NOTE: 20220818: Requires some investigation; see #1012138 etc.
NOTE: 20221003: https://sourceforge.net/p/sox/bugs/362/ Re-pinged upstream committer (abhijith)
+ NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/sox.git
--
tiff (Sylvain Beucler)
NOTE: 20221031: Programming language: C.
@@ -345,6 +358,7 @@ trafficserver
--
viewvc (Chris Lamb)
NOTE: 20230104: Programming language: Python.
+ NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/viewvc.git
--
webkit2gtk
NOTE: 20221229: Programming language: C++.
@@ -355,6 +369,7 @@ webkit2gtk
xdg-utils
NOTE: 20221120: Programming language: C.
NOTE: 20221120: no real fix yet
+ NOTE: 20230111: VCS: https://salsa.debian.org/freedesktop-team/xdg-utils
--
xfig
NOTE: 20230105: Programming language: C.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc6470c03cb018260a123a874d9df531919cd674
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc6470c03cb018260a123a874d9df531919cd674
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230111/6d14e2ae/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list