[Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity

Roberto C. Sánchez (@roberto) roberto at debian.org
Tue Jun 27 00:54:23 BST 2023 


Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c6287148 by Roberto C. Sánchez at 2023-06-26T19:51:05-04:00
semi-automatic unclaim after 2 weeks of inactivity

Signed-off-by: Roberto C. Sánchez <roberto at debian.org>

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -38,7 +38,7 @@ debian-archive-keyring (jspricke)
   NOTE: 20230619: Add bookworm keys as in #1033157; see DLA-2948-1 for a similar update
   NOTE: 20230619: See also https://lists.debian.org/debian-lts/2021/08/msg00037.html for context (Beuc/front-desk)
 --
-docker-registry (rouca)
+docker-registry
   NOTE: 20230525: Added by Front-Desk (lamby)
   NOTE: 20230608: Waiting for review (rouca)
 --
@@ -54,7 +54,7 @@ dogecoin
   NOTE: 20230619: also I just referenced 3 older bitcoin-related CVEs to fix;
   NOTE: 20230619: dogecoin not present in bullseye/bookworm, so we lead the initiatives. (Beuc/front-desk)
 --
-erlang (Markus Koschany)
+erlang
   NOTE: 20221119: Added by Front-Desk (ta)
   NOTE: 20221119: at least CVE-2022-37026 needs to be fixed (original request has been for Stretch)
 --
@@ -62,7 +62,7 @@ flatpak
   NOTE: 20230620: Added by Front-Desk (Beuc)
   NOTE: 20230620: Follow fixes from bullseye 11.7 (2 CVEs) (Beuc/front-desk)
 --
-fusiondirectory (Abhijith PA)
+fusiondirectory
   NOTE: 20221203: Added by Front-Desk (gladk)
   NOTE: 20221203: Please evaluate, whether the package can be fixed (gladk).
   NOTE: 20221203: Two CVEs have only mitigation, fix in a new version (gladk).
@@ -73,7 +73,7 @@ fusiondirectory (Abhijith PA)
 glib2.0 (santiago)
   NOTE: 20230612: Added by Front-Desk (apo)
 --
-golang-yaml.v2 (sgmoore)
+golang-yaml.v2
   NOTE: 20230125: Added by Front-Desk (gladk)
   NOTE: 20230525: In review with utkarsh.
 --
@@ -105,7 +105,7 @@ libapache2-mod-auth-openidc (gladk)
   NOTE: 20230620: Added by Front-Desk (Beuc)
   NOTE: 20230620: Follow fix from bullseye 11.7 (CVE-2022-23527) + 1 postponed CVE-2021-39191 (Beuc/front-desk)
 --
-libreoffice (Abhijith PA)
+libreoffice
   NOTE: 20230530: Added by Front-Desk (pochu)
 --
 libusrsctp (rouca)
@@ -128,21 +128,21 @@ nova
   NOTE: 20230302: zigo currently has no time and requests the LTS team to do it (IRC #debian-lts 2023-03-02). (Beuc/front-desk)
   NOTE: 20230525: NB. CVE-2023-2088 filed against python-glance-store, python-os-brick, nova and cinder. (lamby)
 --
-nvidia-cuda-toolkit (tobi)
+nvidia-cuda-toolkit
   NOTE: 20230514: Added by Front-Desk (utkarsh)
   NOTE: 20230514: package listed in packages-to-support; a bunch of CVEs have
   NOTE: 20230514: piled up. (utkarsh)
 --
-openimageio (gladk)
+openimageio
   NOTE: 20230406: Re-added due to regressions (apo)
   NOTE: 20230612: Backporting is mostly done, but still some failures.
 --
-openjdk-11 (Emilio)
+openjdk-11
   NOTE: 20230419: Added by Front-Desk (ola)
   NOTE: 20230522: waiting for sid update (pochu)
   NOTE: 20230612: sid updated, preparing backport (pochu)
 --
-php-cas (tobi)
+php-cas
   NOTE: 20221105: Added by Front-Desk (ola)
   NOTE: 20221105: The fix is not backwards compatible. Should be investigated further whether this issue should be solved or ignored.. (ola)
   NOTE: 20221107: php-cas only has 2 reverse-deps in buster (fusiondirectory, ocsinventory-reports),
@@ -223,7 +223,7 @@ salt
   NOTE: 20220814: I am not sure, whether it is possible to fix issues
   NOTE: 20220814: without backporting a newer verion. (Anton)
 --
-samba (Lee Garrett)
+samba
   NOTE: 20220904: Added by Front-Desk (apo)
   NOTE: 20220904: Many postponed or open CVE in general. (apo)
   NOTE: 20230323: Still working on the long list of CVEs, will likely release an intermittent package first (lee)
@@ -249,7 +249,7 @@ trafficserver (Adrian Bunk)
   NOTE: 20230618: Added by Front-Desk (opal)
   NOTE: 20230618: Low prio due to the few number of users.
 --
-webkit2gtk (Emilio)
+webkit2gtk
   NOTE: 20230512: Re-added (pochu)
   NOTE: 20230512: checking if upgrade to 2.40.x is possible, otherwise we'll have to EOL webkit (pochu)
   NOTE: 20230529: made some progress on the backport, but there are still some blockers,



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6287148b6665880ede66401c40d18a2d24e7a13

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6287148b6665880ede66401c40d18a2d24e7a13
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230626/8144d6f9/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list