[Git][security-tracker-team/security-tracker][master] DLA: Take several packages

Adrian Bunk (@bunk) bunk at debian.org
Wed Jan 25 13:59:10 GMT 2023 


Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ab011c77 by Adrian Bunk at 2023-01-25T15:58:17+02:00
DLA: Take several packages

(Too) many (mostly small) packages I am taking after an initial
triage round that look doable for me for working my January hours
before Monday (perhaps with 1-3 leftover packages for February).

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -47,7 +47,7 @@ curl
   NOTE: 20230103: Sorted out issue with broken CVE fix in stable, working with secteam to land the fix (roberto)
   NOTE: 20230103: Packages ready for bullseye and buster, syncing ELTS releases (roberto)
 --
-dojo
+dojo (Adrian Bunk)
   NOTE: 20230105: Programming language: JavaScript.
   NOTE: 20230105: Follow fixes from bullseye 11.6 (Beuc/front-desk)
 --
@@ -57,7 +57,7 @@ erlang
   NOTE: 20230111: VCS: https://salsa.debian.org/erlang-team/packages/erlang
   NOTE: 20230111: Maintainer notes: Coordinate with maintainer, whether their VCS can be used.
 --
-fig2dev
+fig2dev (Adrian Bunk)
   NOTE: 20230105: Programming language: C.
   NOTE: 20230105: Harmonize with bullseye 11.5 and stretch (Beuc/front-desk)
 --
@@ -123,7 +123,7 @@ lemonldap-ng (guilhem)
   NOTE: 20230105: Programming language: Perl.
   NOTE: 20230105: Follow fixes from bullseye 11.6 (Beuc/front-desk)
 --
-libapache2-mod-auth-mellon
+libapache2-mod-auth-mellon (Adrian Bunk)
   NOTE: 20230105: Programming language: C.
   NOTE: 20230105: Follow fixes from bullseye 11.6 (Beuc/front-desk)
 --
@@ -131,7 +131,7 @@ libhtml-stripscripts-perl (Utkarsh)
   NOTE: 20230125: Programming language: Perl.
   NOTE: 20230125: VCS: https://salsa.debian.org/lts-team/packages/libhtml-stripscripts-perl.git
 --
-libreoffice
+libreoffice (Adrian Bunk)
   NOTE: 20221012: Programming language: C++.
   NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/libreoffice.git
 --
@@ -139,7 +139,7 @@ libsdl2 (Markus Koschany)
   NOTE: 20221111: Programming language: C.
   NOTE: 20221111: Sync with jessie/stretch/bullseye (Beuc/front-desk)
 --
-libstb
+libstb (Adrian Bunk)
   NOTE: 20221111: Programming language: C.
 --
 libzen (Thorsten Alteholz)
@@ -206,7 +206,7 @@ node-object-path
   NOTE: 20221111: Follow fixes from bullseye 11.1 (Beuc/front-desk)
   NOTE: 20221223: Functional part of CVE-2021-3805 might be https://gist.github.com/lamby/ebf0633837f16d174138bbf36bef38f3/raw (lamby)
 --
-node-qs
+node-qs (Adrian Bunk)
   NOTE: 20230105: Programming language: JavaScript.
   NOTE: 20230105: Follow fixes from bullseye 11.6 (Beuc/front-desk)
 --
@@ -301,7 +301,7 @@ ruby-rails-html-sanitizer
   NOTE: 20221231: Programming language: Ruby.
   NOTE: 20221231: VCS: https://salsa.debian.org/lts-team/packages/ruby-rails-html-sanitizer.git
 --
-ruby-sidekiq
+ruby-sidekiq (Adrian Bunk)
   NOTE: 20221231: Programming language: Ruby.
   NOTE: 20221231: CVE-2022-23837 was fixed in stretch so should be fixed in buster for consistency even though it is not that severe. (opal).
 --
@@ -334,7 +334,7 @@ snort (Markus Koschany)
   NOTE: 20230121: Prepared new upstream version for unstable which we could
   NOTE: 20230121: backport to buster later. See https://bugs.debian.org/1021276
 --
-sofia-sip
+sofia-sip (Adrian Bunk)
   NOTE: 20230125: Programming language: C.
   NOTE: 20230125: VCS: https://salsa.debian.org/lts-team/packages/sofia-sip.git
 --
@@ -373,7 +373,7 @@ xrdp (Abhijith PA)
   NOTE: 20221225: VCS: https://salsa.debian.org/lts-team/packages/xrdp.git
   NOTE: 20230117: Fixed 6 out 10 CVEs. Testing (abhijith)
 --
-zabbix
+zabbix (Adrian Bunk)
   NOTE: 20220911: At least CVE-2022-23134 was fixed in stretch so it should be fixed in buster too.
   NOTE: 20221209: Programming language: C.
   NOTE: 20221209: Testsuite: https://lts-team.pages.debian.net/wiki/TestSuites/zabbix.html



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab011c77e71df5252468c3929d61a2cbfab94c39

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab011c77e71df5252468c3929d61a2cbfab94c39
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230125/13f35000/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list