[Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Roberto C. Sánchez (@roberto)
roberto at debian.org
Mon Jan 12 19:44:18 GMT 2026
Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b281302d by Roberto C. Sánchez at 2026-01-12T14:43:10-05:00
semi-automatic unclaim after 2 weeks of inactivity
Signed-off-by: Roberto C. Sánchez <roberto at debian.org>
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
@@ -25,7 +25,7 @@ To make it easier to see the entire history of an update, please append notes
rather than remove/replace existing ones.
--
-amd64-microcode (tobi)
+amd64-microcode
NOTE: 20250710: Added by Front-Desk (apo)
NOTE: 20250906: Reached out to maintainer, offering help.
NOTE: 20250906: Might need newer firmware on the computer or newer kernel (#1109035)
@@ -47,7 +47,7 @@ ansible
NOTE: 20241123: Made a partial release. only CVE-2024-11079 needed but more upstream backport work needed (rouca)
NOTE: 20250422: Testing/bisecting will take more time, please keep it assigned to me (lee)
--
-apache-log4j2 (Markus Koschany)
+apache-log4j2
NOTE: 20251229: Added by Front-Desk (apo)
--
ca-certificates
@@ -75,7 +75,7 @@ ckeditor
containerd
NOTE: 20251113: Added by Front-Desk (ta)
--
-dcmtk (Markus Koschany)
+dcmtk
NOTE: 20251229: Added by Front-Desk (apo)
--
docker.io
@@ -89,7 +89,7 @@ epiphany-browser (abhijith)
NOTE: 20251206: Added by Front-Desk (rouca)
NOTE: 20251206: Fix CVE-2023-26081 fixed in buster. Try to fix other CVEs postponed (fd/rouca)
--
-ffmpeg (charles)
+ffmpeg
NOTE: 20251102: Added by Front-Desk (apo)
NOTE: 20251125: Re-claim it. I'm working thorugh the long list of postponed
NOTE: 20251125: CVEs. I've got the bullseye's patches for CVE-2023-6603 and
@@ -165,7 +165,7 @@ grub2
NOTE: 20251129: Maintainer (jak) replied: work underway, proposed to skip next point release (2026-01, too soon)
NOTE: 20251129: also uncertainty on whether a shim/SBAT (revocation) update is feasible/needed.
--
-jackson-core (Markus Koschany)
+jackson-core
NOTE: 20250707: Added by Front-Desk (apo)
NOTE: 20251016: A single patch is not possible to apply to fix the CVE. I'm working on backporting more than one.
NOTE: 20251121: Still working backporting patches to fix CVE-2025-52999.
@@ -312,7 +312,7 @@ p7zip-rar
NOTE: 20260106: Proposed EOL or full replacement with 7zip (Beuc)
NOTE: 20260106: https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/306
--
-pgbouncer (ah)
+pgbouncer
NOTE: 20251209: Added by Front-Desk (dleidert)
NOTE: 20251209: Take care of OSPU as well (and SPU for CVE-2025-12819 if not done by maintainer/secteam) (dleidert/front-desk)
NOTE: 20251227: SPU: https://bugs.debian.org/1124079 (ah)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b281302da74e2b9efefdd62e4b89dc8c4972cfa2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b281302da74e2b9efefdd62e4b89dc8c4972cfa2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260112/b9e1557d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list