[Git][security-tracker-team/security-tracker][master] LTS: notes + unclaim libsoup2.4 in dla-needed.txt

Andreas Henriksson (@ah) gitlab at salsa.debian.org
Tue Dec 9 18:12:56 GMT 2025 


Andreas Henriksson pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3f7139f7 by Andreas Henriksson at 2025-12-09T19:12:29+01:00
LTS: notes + unclaim libsoup2.4 in dla-needed.txt

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -203,7 +203,7 @@ libsndfile
   NOTE: 20251206: Added by Front-Desk (rouca)
   NOTE: 20251206: Closes CVE-2021-4156 fixed in buster (rouca/front-desk)
 --
-libsoup2.4 (ah)
+libsoup2.4
   NOTE: 20250408: Added by Front-Desk (Beuc)
   NOTE: 20250427: libsoup2.4 2.72.0-2+deb11u2 (bullseye) uploaded ...
   NOTE: 20250427: ... without CVE-2025-32907 and CVE-2025-32049.
@@ -228,7 +228,12 @@ libsoup2.4 (ah)
   NOTE: 20250630: spwhitton contributor status: inactive
   NOTE: 20251129: https://lists.debian.org/debian-lts/2025/11/msg00025.html
   NOTE: 20251209: Claiming to backport next round of fixes merged upstream
-  NOTE: 20251209: starting with libsoup2.4/2.74.3-11 upload to sid.
+  NOTE: 20251209: starting with libsoup2.4/2.74.3-11 upload to sid. (ah)
+  NOTE: 20251209: 4 more CVEs fixed in bullseye (DLA-4398-1). (ah)
+  NOTE: 20251209: Remaining open CVEs need upstream work and then revisited,
+  NOTE: 20251209: possibly also look into wip by spwitton, thus unclaiming
+  NOTE: 20251209: rather than removing this entry. (ah)
+
 --
 libstb
   NOTE: 20251206: Added by Front-Desk (rouca)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f7139f7bda1ee9b228593b6c3c1c998cb59080e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f7139f7bda1ee9b228593b6c3c1c998cb59080e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251209/8648f1eb/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list