Holger Levsen pushed to branch master at Debian Security Tracker / security-tracker
Commits: bab29cd5 by Holger Levsen at 2019-06-17T13:04:53Z semi-automatic unclaim after 2 weeks of inactivity Signed-off-by: Holger Levsen <[email protected]> - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -31,7 +31,7 @@ freeimage -- gfvs (Markus Koschany) -- -glib2.0 (Mike Gabriel) +glib2.0 -- golang-go.crypto (Adrian Bunk) NOTE: 20190609: Might need rebuild of reverse dependency. @@ -63,10 +63,10 @@ libmatio (Adrian Bunk) NOTE: 20190428: older changes seem to also be required for them NOTE: 20190609: work is ongoing -- -libsdl1.2 (Hugo Lefeuvre) +libsdl1.2 NOTE: see libsdl2 entry. -- -libsdl2 (Hugo Lefeuvre) +libsdl2 NOTE: recent issues received very few investigation. Some of them have already been NOTE: triaged no-dsa, but I think we should at least process the TODOs to determine NOTE: which product exactly is affected. @@ -75,7 +75,7 @@ libsdl2 (Hugo Lefeuvre) NOTE: crasher" since I suspect it to allow for unlimited oob write on the heap. Hard NOTE: to exploit, but not impossible I believe. -- -libsdl2-image (Hugo Lefeuvre) +libsdl2-image NOTE: see libsdl2 entry. -- libspring-java (Roberto C. Sánchez) @@ -92,23 +92,23 @@ linux (Ben Hutchings) -- linux-4.9 (Ben Hutchings) -- -mupdf (Mike Gabriel) +mupdf NOTE: 20190529: Upload candidate: http://packages.sunweavers.net/debian/pool/main/m/mupdf/mupdf_1.5-1+deb8u5.dsc NOTE: 20190529: Not yet fully tested. -- polarssl NOTE: 20181207: Not 100% sure if vulnerable. Upstream would prefer us to move to latest version, etc. (!). (lamby) -- -python-urllib3 (Roberto C. Sánchez) +python-urllib3 NOTE: 20190601: Packages built. (roberto) -- -python2.7 (Roberto C. Sánchez) +python2.7 NOTE: 20190601: Packages built. (roberto) -- -python3.4 (Roberto C. Sánchez) +python3.4 NOTE: 20190601: Packages built. (roberto) -- -qemu (Mike Gabriel) +qemu NOTE: 20190528: An upload candidate is waiting for being tested on real hardware. NOTE: 20190528: Still need to set up a notebook with jessie installed for testing. NOTE: 20190528: Will also mail a request for testing to the mailing list later @@ -116,14 +116,14 @@ qemu (Mike Gabriel) NOTE: 20190529: Upload candidate: http://packages.sunweavers.net/debian/pool/main/q/qemu/qemu_2.1+dfsg-12+deb8u12.dsc NOTE: 20190529: More testing needed. -- -ruby-omniauth (Abhijith PA) +ruby-omniauth NOTE: CVE-2015-9284: The vulnerability is rathar bad, especially in combination with other NOTE: CVE-2015-9284: known vulnerabilities. However the issue is rather old and the impact NOTE: CVE-2015-9284: may be rather large. When fixing this needs to be further investigated. NOTE: CVE-2015-9284: This issue fixed in rails community by introducing a new gem called omniauth- NOTE: CVE-2015-9284: rails. -- -sdl-image1.2 (Hugo Lefeuvre) +sdl-image1.2 NOTE: see libsdl2 entry. -- sqlite3 (Jonas Meurer) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bab29cd5a2810ac2c1f44c67db94ccb4db102dc3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bab29cd5a2810ac2c1f44c67db94ccb4db102dc3 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
