status of getting security fixes into sarge

Thu, 09 Dec 2004 15:19:06 -0600 

Some NMUing has been done lately on some of the older security holes in
sarge. Here are the ones the testing security team is currently tracking
that are fixed in unstable but don't yet have a fix in sarge, plus a few
others of interest:

opendchub 0.7.14-1.1 needed, have 0.7.14-1 for CAN-2004-1127
        Will go in in a few days.
prozilla (unfixed; bug #284117) for CAN-2004-1120
        Well it's not fixed, and no patch is known. Candidate for
        removal.
mtink 1.0.5 needed, have 1.0.1-2 for CAN-2004-1110
        Goes in today.
ppp 2.4.2+20040428-3 needed, have 2.4.2+20040428-2 for CAN-2004-1002
        Frozen, same as in last report, see maintainer's comments IIRC.
cscope 15.5-1.1 needed, have 15.5-1 for CAN-2004-0996
        Should go in RSN.
mailutils 1:0.5-4 needed, have 1:0.5-3 for CAN-2004-0984
        Blocked for over 1 month by missing s390 builds now.
perl 5.8.4-4 needed, have 5.8.4-3 for CAN-2004-0976
        Still missing mipsel build, should probably be re-queued or
        uploaded manually.
libc6 2.3.2.ds1-19 needed, have 2.3.2.ds1-18 for CAN-2004-0968
        Missing some builds and new RC bug, probably not yet ready for
        testing. Pity the security fix was bundled with other changes..
kernel-source-2.4.27 2.4.27-6 needed, have 2.4.27-5 for CAN-2004-0814
        Too young and buggy.
kernel-image-2.4.27-i386 2.4.27-6 needed, have 2.4.27-2 for CAN-2004-0814
        Too young and buggy.
cyrus21-imapd 2.1.17-1 needed, have 2.1.16-10 for DSA-597-1
        Still blocked by perl.
kaffeine 0.4.3.1-3 needed, have 0.4.3-1 for CAN-2004-1034
kdelibs 4:3.2.3-3.sarge.1 needed, have 4:3.2.3-2 for CAN-2004-0746
konqueror 4:3.2.3-1.sarge.1 needed, have 4:3.2.2-1 for CAN-2004-0721
kdelibs 4:3.2.3-3.sarge.1 needed, have 4:3.2.3-2 for CAN-2004-0721
kdelibs 4:3.2.3-3.sarge.1 needed, have 4:3.2.3-2 for CAN-2004-0690
koffice 1:1.3.4-1 needed, have 1:1.3.2-1.sarge.1 for CAN-2004-0888
kpdf 4:3.3.1-1 needed, have 4:3.2.3-1.1 for DSA-573-1
kfax 4:3.3.1-1 needed, have 4:3.2.3-1.1 for DSA-573-1
kdelibs 4:3.2.3-3.sarge.1 needed, have 4:3.2.3-2 for DSA-539
        All of these are the same old same old KDE issue I'm afraid.
        So half of sarge's unfixed security holes are now in kde. :-(

-- 
see shy jo

Attachment: signature.asc
Description: Digital signature

Reply via email to