[Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity

Roberto C. Sánchez (@roberto) roberto at debian.org
Mon Nov 3 15:39:11 GMT 2025 


Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f0d3b16a by Roberto C. Sánchez at 2025-11-03T10:38:02-05:00
semi-automatic unclaim after 2 weeks of inactivity

Signed-off-by: Roberto C. Sánchez <roberto at debian.org>

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -85,14 +85,14 @@ epiphany-browser
   NOTE: 20250429: Changes the UI to prompt when opening URLs in external applications. (lamby)
   NOTE: 20250606: mark as ignored/end-of-life if webkit2gtk doesn't get updated (pochu)
 --
-erlang (jspricke)
+erlang
   NOTE: 20250710: Added by Front-Desk (apo)
   NOTE: 20250719: SPU in progress https://bugs.debian.org/1105009 (Beuc/front-desk)
   NOTE: 20251016: Pinged the maintainer about SPU and proposed LTS patch:
   NOTE: 20251016: https://salsa.debian.org/erlang-team/packages/erlang/-/merge_requests/3
   NOTE: 20251016: ssh related CVE patches seems too invasive to backport (jspricke)
 --
-expat (guilhem)
+expat
   NOTE: 20250922: Added by Front-Desk (ta)
   NOTE: 20251020: In progress, the fix for CVE-2025-59375 is very intrusive and
   NOTE: 20251020: triaging it like CVE-2024-28757 might make sense (guilhem)
@@ -171,7 +171,7 @@ icingaweb2
   NOTE: 20250603: I also saw in the release log that multiple issues were fixed without mentioning any CVE (dleidert)
   NOTE: 20250603: upstream should be asked about the patches for CVE 2025-* (dleidert)
 --
-jackson-core (eamanu)
+jackson-core
   NOTE: 20250707: Added by Front-Desk (apo)
   NOTE: 20251016: A single patch is not possible to apply to fix the CVE. I'm working on backporting more than one.
 --
@@ -218,7 +218,7 @@ libxmltok
   NOTE: 20250421: Fixing the expat copy in xmlrpc-c at the same time would make sense. (bunk)
   NOTE: 20250505: WIP there are lots of CVEs to review (ta)
 --
-libxslt (guilhem)
+libxslt
   NOTE: 20250930: Added by Front-Desk (rouca)
   NOTE: 20251020: In progress, waiting for upstream action (guilhem)
 --
@@ -308,7 +308,7 @@ pure-ftpd (santiago)
   NOTE: 20251031: Added by coordinator (santiago)
   NOTE: 20251031: Added to fix CVE-2021-40524, sync'ing with buster (santiago)
 --
-pytorch (dleidert)
+pytorch
   NOTE: 20250422: Added by Front-Desk (rouca)
   NOTE: 20250422: CVE-2025-32434 RCE need to be fixed. DoS may be postponed (rouca/FD)
   NOTE: 20251020: wip (dleidert)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0d3b16a7e9163a095c0e2883b73cb4cfa11c859

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0d3b16a7e9163a095c0e2883b73cb4cfa11c859
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251103/da8edafa/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list