Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker
Commits: 65563032 by Utkarsh Gupta at 2019-11-18T15:54:03Z Claim ruby-rack-cors, unclaim libexif, and add notes - - - - - 7e7b0bca by Utkarsh Gupta at 2019-11-18T15:59:05Z Merge branch 'master' of salsa.debian.org:security-tracker-team/security-tracker - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -13,6 +13,7 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues 389-ds-base (Utkarsh Gupta) NOTE: 20191109: Contacted upstream for relevant commits. Will ping here or claim it once they reply back. (utkarsh2102) NOTE: 20191114: Conversation going on; got a patch. (utkarsh2102) + NOTE: 20191118: WIP. Should be ready soon. (utkarsh2102) -- ansible NOTE: 20191011: Code appears to be in lib/ansible/callbacks.py in jessie's version. (lamby) @@ -52,11 +53,13 @@ libav (Sylvain Beucler) NOTE: 20190831: so there is something one can test with and see if the fix worked. NOTE: 20191114: Triaging new vulnerabilities and cross-referencing with ffmpeg (Beuc) -- -libexif (Utkarsh Gupta) - NOTE: 20191111: Contacted upstream for relevant commits of CVE-2019-9278. - NOTE: 20191114: Pinged upstream; just have the Android patch yet. +libexif + NOTE: 20191111: Contacted upstream for relevant commits of CVE-2019-9278. (utkarsh2102) + NOTE: 20191114: Pinged upstream; just have the Android patch yet. (utkarsh2102) + NOTE: 20191118: No patch yet. Shall claim and fix once the patch is available. (utkarsh2102) -- libjpeg-turbo (Utkarsh Gupta) + NOTE: 20191118: WIP; should be ready soon. (utkarsh2102) -- libmatio (Adrian Bunk) NOTE: fairly high number of open issues. Not sure why we never had a look at them. @@ -111,7 +114,7 @@ radare2 NOTE: Support status is being discussed at: NOTE: https://lists.debian.org/debian-lts/2019/08/msg00064.html -- -ruby-rack-cors +ruby-rack-cors (Utkarsh Gupta) -- slurm-llnl (Abhijith PA) NOTE: 20190814: Contacted security of slurm-llnl for relevant commits (abhijith) @@ -133,6 +136,7 @@ tightvnc (Mike Gabriel) NOTE: 20191030: contains non-security-maintained code from libvncserver (sunweaver) -- tnef (Utkarsh Gupta) + NOTE: 20191118: Facing a little problem with patch; contacting upstream. (utkarsh2102) -- vino (Mike Gabriel) NOTE: 20191030: ships non-security-maintained copy of libvncserver. (sunweaver) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c2fe3bc97ba6478579ddf046cf5fe6c35f2d301b...7e7b0bca4d52be19a08d982ce84323f6422139eb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/c2fe3bc97ba6478579ddf046cf5fe6c35f2d301b...7e7b0bca4d52be19a08d982ce84323f6422139eb You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
