[Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Roberto C. Sánchez (@roberto)
roberto at debian.org
Mon Nov 24 15:43:49 GMT 2025
Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits:
24ed17e4 by Roberto C. Sánchez at 2025-11-24T10:41:46-05:00
semi-automatic unclaim after 2 weeks of inactivity
Signed-off-by: Roberto C. Sánchez <roberto at debian.org>
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
@@ -86,7 +86,7 @@ erlang (jspricke)
NOTE: 20251016: https://salsa.debian.org/erlang-team/packages/erlang/-/merge_requests/3
NOTE: 20251016: ssh related CVE patches seems too invasive to backport (jspricke)
--
-ffmpeg (charles)
+ffmpeg
NOTE: 20251102: Added by Front-Desk (apo)
--
freeimage
@@ -111,7 +111,7 @@ golang-github-gorilla-csrf
NOTE: 20250621: still stuck at Uploaded phase, probably due to missing sources at security.debian.org (Beuc)
NOTE: 20251107: Please coordinate with FTP masters to unblock the situation (Beuc/front-desk)
--
-golang-glog (andrewsh)
+golang-glog
NOTE: 20250209: Added by Front-Desk (apo)
NOTE: 20251107: Re-add as binNMUs are not all properly Installed in the archive:
NOTE: 20251107: https://buildd.debian.org/status/package.php?p=+golang-github-grpc-ecosystem-grpc-gateway&suite=bullseye-security
@@ -159,7 +159,7 @@ jackson-core (eamanu)
NOTE: 20251016: A single patch is not possible to apply to fix the CVE. I'm working on backporting more than one.
NOTE: 20251121: Still working backporting patches to fix CVE-2025-52999.
--
-lasso (abhijith)
+lasso
NOTE: 20251108: Added by Front-Desk (Beuc)
NOTE: 20251108: CVE-2025-47151 is a critical RCE (Beuc/front-desk)
--
@@ -275,7 +275,7 @@ p7zip
p7zip-rar
NOTE: 20250719: Added by Front-Desk (Beuc)
--
-pagure (dleidert)
+pagure
NOTE: 20250117: Added by Front-Desk (rouca)
NOTE: 20250119: Coordinate with ds (rouca/FD)
NOTE: 20250216: Prepared patches in lts-team/packages/pagure, but two issues here (dleidert)
@@ -303,7 +303,7 @@ python-gevent (paride)
NOTE: 20251116: Added by Front-Desk (ta)
NOTE: 20251123: Actively working on it. (paride)
--
-pytorch (dleidert)
+pytorch
NOTE: 20250422: Added by Front-Desk (rouca)
NOTE: 20250422: CVE-2025-32434 RCE need to be fixed. DoS may be postponed (rouca/FD)
NOTE: 20251020: wip (dleidert)
@@ -330,7 +330,7 @@ runc
NOTE: 20251105: This could be hard to backport so maybe check with the security team
NOTE: 20251105: and maintainers if a version bump can be considered. (Beuc/front-desk)
--
-rust-openssl (andrewsh)
+rust-openssl
NOTE: 20250209: Added by Front-Desk (apo)
NOTE: 20251107: Re-add as binNMUs are not all properly Installed in the archive:
NOTE: 20251107: https://buildd.debian.org/status/package.php?p=rust-condure&suite=bullseye-security
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24ed17e49a3a9b944d691030431a9b7eaf2f216f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24ed17e49a3a9b944d691030431a9b7eaf2f216f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251124/52cb3cce/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list