[Git][security-tracker-team/security-tracker][master] dla: drop php-horde-turba, move remaining work to ckeditor3

[Sylvain Beucler (@beuc)]

Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0b136bbd by Sylvain Beucler at 2024-11-21T18:45:05+01:00
dla: drop php-horde-turba, move remaining work to ckeditor3

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -50,6 +50,12 @@ ckeditor
   NOTE: 20241002: Added by Front-Desk (Beuc)
   NOTE: 20241002: Multiple CVEs have been piling up (Beuc/front-desk)
 --
+ckeditor3
+  NOTE: 20241121: Added by Front-Desk (Beuc)
+  NOTE: 20241121: Only used by Horde editor (Beuc/front-desk)
+  NOTE: 20241002: rouca to check EOL'd ckeditor3 -> ckeditor[v4] upgrade path
+  NOTE: 20241002: https://lists.debian.org/debian-lts/2024/10/msg00003.html
+--
 clamav
   NOTE: 20241121: Added by Front-Desk (Beuc)
   NOTE: 20241121: Bump to 0.103.12 to follow fixes from bookworm 12.8 (2 CVEs) (Beuc/front-desk)
@@ -155,15 +161,6 @@ opensc (guilhem)
 pgpool2 (abhijith)
   NOTE: 20240915: Added by Front-Desk (ta)
 --
-php-horde-turba
-  NOTE: 20220607: Added by stable Security Team (jmm)
-  NOTE: 20240815: considered for EOL, sunweaver to work on an update maybe
-  NOTE: 20240815: https://lists.debian.org/debian-lts/2024/08/msg00023.html (Beuc/front-desk)
-  NOTE: 20241002: rouca to check EOL'd ckeditor3 -> ckeditor[v4] upgrade path
-  NOTE: 20241002: https://lists.debian.org/debian-lts/2024/10/msg00003.html
-  NOTE: 20241002: Consider bumping to 2.2.29
-  NOTE: 20241019: Targeted fix for RCE (CVE-2022-30287) uploaded, keeping above log to decide for frontdesk if it should remain in dla-needed.
---
 proftpd-dfsg
   NOTE: 20240815: Added by Front-Desk (Beuc)
   NOTE: 20240815: Follow fixes from bookworm 12.5 (2 CVEs) (Beuc/front-desk)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b136bbdd66c5d60b25355d4e5fec67df95fc9b8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b136bbdd66c5d60b25355d4e5fec67df95fc9b8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241121/1aa44551/attachment-0001.htm>