[Git][security-tracker-team/security-tracker][master] Reserve DLA-4390-1 for pagure

Daniel Leidert (@dleidert) dleidert at debian.org
Mon Dec 1 01:22:44 GMT 2025 


Daniel Leidert pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9addb0d2 by Daniel Leidert at 2025-12-01T02:22:34+01:00
Reserve DLA-4390-1 for pagure

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[01 Dec 2025] DLA-4390-1 pagure - security update
+	{CVE-2024-4981 CVE-2024-4982 CVE-2024-47515 CVE-2024-47516}
+	[bullseye] - pagure 5.11.3+dfsg-1+deb11u1
 [01 Dec 2025] DLA-4389-1 pytorch - security update
 	{CVE-2025-32434}
 	[bullseye] - pytorch 1.7.1-7+deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -296,15 +296,6 @@ p7zip
 p7zip-rar
   NOTE: 20250719: Added by Front-Desk (Beuc)
 --
-pagure (dleidert)
-  NOTE: 20250117: Added by Front-Desk (rouca)
-  NOTE: 20250119: Coordinate with ds (rouca/FD)
-  NOTE: 20250216: Prepared patches in lts-team/packages/pagure, but two issues here (dleidert)
-  NOTE: 20250216: 1) The test results are ignored and there is no way to determine any regression (dleidert)
-  NOTE: 20250216: 2) yui-compressor fails with multiple JS files (Can't find bundle for base name org.mozilla.javascript.resources.Messages) (dleidert)
-  NOTE: 20250216: The second issue is outside of my field of expertise. Returning to pool and send message to list (dleidert)
-  NOTE: 20250217: Upcoming DSA, coordinate with security team (Beuc/front-desk)
---
 php-laravel-framework
   NOTE: 20250307: Added by Front-Desk (rouca)
   NOTE: 20251027: History of upstream branch fixing v12: git log 9de75259..2d133034^2.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9addb0d21a1ae8d63bf56116d3a57f00e01503d6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9addb0d21a1ae8d63bf56116d3a57f00e01503d6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251201/0bbd84d2/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list