[Git][security-tracker-team/security-tracker][master] 2 commits: LTS: add nginx to dla-needed.txt

Thu Jun 18 14:41:52 BST 2026


Carlos Henrique Lima Melara pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9938eb41 by Carlos Henrique Lima Melara at 2026-06-18T10:31:46-03:00
LTS: add nginx to dla-needed.txt

- - - - -
10cbe3dd by Carlos Henrique Lima Melara at 2026-06-18T10:40:59-03:00
LTS: add gsasl to dla-needed.txt and claim it

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -255,6 +255,11 @@ grub2/bullseye (Emilio)
   NOTE: 20260406: grub2/bookworm approved https://bugs.debian.org/1132510 (partial update)
   NOTE: 20260407:  shim/bookworm approved https://bugs.debian.org/1131862 (but waiting for Microsoft signature)
 --
+gsasl (charles)
+  NOTE: 20260618: Added by Front-Desk (charles)
+  NOTE: 20260618: Bookworm patch proposed by maintainer, DSA 6348-1 already out.
+  NOTE: 20260618: https://lists.debian.org/debian-lts/2026/06/msg00037.html (charles)
+--
 gst-plugins-bad1.0
   NOTE: 20260612: Added by Front-Desk (rouca)
 --
@@ -479,6 +484,13 @@ netty/bullseye (rouca)
   NOTE: 20260114: fix remaining CVE wait DSA (rouca)
   NOTE: 20260331: release DLA-4519-1 netty. Unfortunatly partial due to new CVEs (rouca)
 --
+nginx
+  NOTE: 20260618: Added by Front-Desk (charles)
+  NOTE: 20260618: Special care is needed for the HTTP2 Bomb (TEMP-1138794-BADE22)
+  NOTE: 20260618: as it caused an ABI break on ubuntu land. Debian patches are safe,
+  NOTE: 20260618: so they should be preferred, but do test if they don't cause problems.
+  NOTE: 20260618: There was also a customer request to fix it. (charles)
+--
 node-lodash/bullseye (utkarsh)
   NOTE: 20260131: Added by Front-Desk (Beuc)
   NOTE: 20260201: this package is pure madness - 290 vendored sources and origtars. :)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/23e2cd46832fa760e68fd19d6be4d1f0229c7a59...10cbe3ddccd702d6d7b0e2e50e154710b6d22497

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/23e2cd46832fa760e68fd19d6be4d1f0229c7a59...10cbe3ddccd702d6d7b0e2e50e154710b6d22497
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260618/12e64927/attachment-0001.htm>
