[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2026-33250/freeciv: bullseye EOL
Sylvain Beucler (@beuc)
gitlab at salsa.debian.org
Tue Mar 24 09:28:22 GMT 2026
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c3169a52 by Sylvain Beucler at 2026-03-24T10:28:12+01:00
CVE-2026-33250/freeciv: bullseye EOL
- - - - -
1990f0ff by Sylvain Beucler at 2026-03-24T10:28:12+01:00
dla: add snapd
- - - - -
50db2b88 by Sylvain Beucler at 2026-03-24T10:28:12+01:00
lts-cve-triage: print higher-priority items first
fixed in DSA > planned for DSA > LTS-specific > no-dsa > limited support > EOL > consistency checks
- - - - -
3 changed files:
- bin/lts-cve-triage.py
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
bin/lts-cve-triage.py
=====================================
@@ -67,25 +67,27 @@ except ImportError:
#TRACKER_LINK_URL = 'https://security-tracker.debian.org/tracker/'
TRACKER_LINK_URL = 'https://deb.freexian.com/extended-lts/tracker/'
+# Order: fixed in DSA > planned for DSA > LTS-specific > no-dsa > limited support > EOL
+# > consistency checks
LIST_NAMES = (
- ('triage_end_of_life',
- 'Issues to mark as <end-of-life> for {lts}'.format(**RELEASES)),
- ('triage_limited_support',
- 'Issues on packages with limited support (review support rules)'),
+ ('triage_possible_easy_fixes',
+ ('Issues not yet triaged for {lts}, but already fixed in {next_lts}')
+ .format(**RELEASES)),
('triage_already_in_dsa_needed',
('Issues to triage for {lts} that are already in dsa-needed')
.format(**RELEASES)),
+ ('triage_other',
+ 'Unclassified issues to triage (likely LTS-specific)'),
('triage_likely_nodsa',
('Issues to triage for {lts} that are no-dsa in {next_lts}')
.format(**RELEASES)),
- ('triage_possible_easy_fixes',
- ('Issues not yet triaged for {lts}, but already fixed in {next_lts}')
- .format(**RELEASES)),
+ ('triage_limited_support',
+ 'Issues on packages with limited support (review support rules)'),
+ ('triage_end_of_life',
+ 'Issues to mark as <end-of-life> for {lts}'.format(**RELEASES)),
('triage_other_not_triaged_in_next_lts',
('Other issues to triage for {lts} (not yet triaged for {next_lts})')
.format(**RELEASES)),
- ('triage_other',
- 'Other issues to triage (no special status)'),
('from_next_lts',
('Issues postponed for {lts}, but already fixed in {next_lts} via DSA or point releases (low priority)')
.format(**RELEASES)),
=====================================
data/CVE/list
=====================================
@@ -868,6 +868,7 @@ CVE-2019-25544 (Pidgin 2.13.0 contains a denial of service vulnerability that al
CVE-2026-33250 (Freeciv21 is a free open source, turn-based, empire-building strategy ...)
{DSA-6173-1}
- freeciv 3.2.4+ds-1 (bug #1131524)
+ [bullseye] - freeciv <end-of-life> (Games are not supported in LTS)
NOTE: https://redmine.freeciv.org/issues/1955
CVE-2026-4510 (A weakness has been identified in PbootCMS up to 3.2.12. This impacts ...)
NOT-FOR-US: PbootCMS
=====================================
data/dla-needed.txt
=====================================
@@ -426,6 +426,10 @@ samba
smb4k
NOTE: 20251217: Added by Front-Desk (pochu)
--
+snapd
+ NOTE: 20260324: Added by Front-Desk (Beuc)
+ NOTE: 20260324: See DSA-6170-1 (root LPE) (Beuc/front-desk)
+--
spip
NOTE: 20260220: Added by Front-Desk (rouca)
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d03d4b1eadeca30998c7bf8b498518149e05b4fb...50db2b880561f8fa844341f047c74ee84ff7c89a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d03d4b1eadeca30998c7bf8b498518149e05b4fb...50db2b880561f8fa844341f047c74ee84ff7c89a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260324/4e9750e1/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list