[Git][security-tracker-team/security-tracker][master] dla-needed: update NOTEs for my packages

[Paride Legovini (@paride)]

Paride Legovini pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dce619ee by Paride Legovini at 2025-11-23T17:09:51+01:00
dla-needed: update NOTEs for my packages

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -267,7 +267,8 @@ opencryptoki
 --
 openexr (paride)
   NOTE: 20251113: Added by Front-Desk (ta)
-  NOTE: 20251113: probably not affected, but please recheck
+  NOTE: 20251123: vulnerable code is in the OpenEXRCore component, which got introduced in
+  NOTE: 20251123: version 3.1.0.
 --
 p7zip
   NOTE: 20251020: Added by Front-Desk (dleidert)
@@ -302,6 +303,7 @@ python-django (Chris Lamb)
 --
 python-gevent (paride)
   NOTE: 20251116: Added by Front-Desk (ta)
+  NOTE: 20251123: Actively working on it. (paride)
 --
 pytorch (dleidert)
   NOTE: 20250422: Added by Front-Desk (rouca)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dce619ee331e54d11102bc978193b45007af7b53

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dce619ee331e54d11102bc978193b45007af7b53
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251123/6df426e5/attachment.htm>