[Git][security-tracker-team/security-tracker][master] 2 commits: LTS: update notes on mongo-c-driver

Roberto C. Sánchez (@roberto) roberto at debian.org
Mon May 19 14:00:56 BST 2025 


Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker


Commits:
95bac970 by Roberto C. Sánchez at 2025-05-19T08:57:58-04:00
LTS: update notes on mongo-c-driver

- - - - -
38e0634d by Roberto C. Sánchez at 2025-05-19T08:58:53-04:00
semi-automatic unclaim after 2 weeks of inactivity

Signed-off-by: Roberto C. Sánchez <roberto at debian.org>

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -158,7 +158,7 @@ knot-resolver (eamanu)
   NOTE: 20240924: Added by Front-Desk (lamby)
   NOTE: 20250506: Writting to upstream to get a PoC to reproduce open CVEs.
 --
-krb5 (rouca)
+krb5
   NOTE: 20250422: Added by Front-Desk (rouca)
   NOTE: 20250422: Backporting knob allow_des3 and allow_rc4 variables in [libdefaults] may be suffisant (rouca)
   NOTE: 20250504: Bookworm PU on review (rouca)
@@ -192,7 +192,7 @@ libsoup2.4 (Sean Whitton)
   NOTE: 20250519: Back to work on this now.
   NOTE: 20250519: Asked ah to take a look at CVE-2024-46421.  (spwhitton)
 --
-libstring-compare-constanttime-perl (guilhem)
+libstring-compare-constanttime-perl
   NOTE: 20250412: Added by Front-Desk (Beuc)
   NOTE: 20250412: Upstream has been dormant, but there's a patch proposal from RedHat.
   NOTE: 20250412: Coordinate with them?
@@ -231,6 +231,8 @@ mina2
 mongo-c-driver (roberto)
   NOTE: 20250331: Added by Front-Desk (apo)
   NOTE: 20250418: submitted to bookworm-pu, https://bugs.debian.org/1103557 (roberto)
+  NOTE: 20250519: PU was accepted 20250426 and went into bookworm 12.11 (roberto)
+  NOTE: 20250519: WIP, but nearly done with backporting the patches (roberto)
 --
 musl
   NOTE: 20250217: Added by Front-Desk (Beuc)
@@ -315,7 +317,7 @@ pagure
 pgagent
   NOTE: 20250117: Added by Front-Desk (rouca)
 --
-pgbouncer (lee)
+pgbouncer
   NOTE: 20250422: Added by Front-Desk (rouca)
 --
 php-horde-css-parser
@@ -396,7 +398,7 @@ trafficserver
 twitter-bootstrap3
   NOTE: 20250519: Added by Front-Desk (apo)
 --
-u-boot (dleidert)
+u-boot
   NOTE: 20250219: Added by Front-Desk (Beuc)
   NOTE: 20250219: New CVEs, plus it's time to fix all the no-dsa&postponed CVEs (Beuc/front-desk)
   NOTE: 20250501: DLA released; will do another round for remaining two issues (dleidert)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0fa88c38a129f5d305f57c98eaa574dc62a1ed41...38e0634d18f40429fcfdd44b9181d5fdce45463c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/0fa88c38a129f5d305f57c98eaa574dc62a1ed41...38e0634d18f40429fcfdd44b9181d5fdce45463c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250519/8358025e/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list