Holger Levsen pushed to branch master at Debian Security Tracker / security-tracker
Commits: a601d54c by Holger Levsen at 2020-01-27T11:34:02+01:00 semi-automatic unclaim after 2 weeks of inactivity Signed-off-by: Holger Levsen <[email protected]> - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -12,7 +12,7 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues -- cacti (Chris Lamb) -- -clamav (Hugo Lefeuvre) +clamav NOTE: 20200111: waiting for 0.102.1 to enter stretch/buster. NOTE: 0.102.* introduces a fair amount of ABI changes, and the migration NOTE: does not seem very smooth from the perspective of users. The release @@ -39,7 +39,7 @@ iperf3 (Thorsten Alteholz) jackson-databind NOTE: 20200105: Can be postponed again. (apo) -- -libexif (Hugo Lefeuvre) +libexif NOTE: 20191111: Contacted upstream for relevant commits of CVE-2019-9278. (utkarsh2102) NOTE: 20191114: Pinged upstream; just have the Android patch yet. (utkarsh2102) NOTE: 20191118: No patch yet. Shall claim and fix once the patch is available. (utkarsh2102) @@ -84,7 +84,7 @@ openjpeg2 (Mike Gabriel) -- python-pysaml2 (Abhijith PA) -- -python-reportlab (Hugo Lefeuvre) +python-reportlab NOTE: 20200111: still no upstream fix -- qemu (Utkarsh Gupta) @@ -139,7 +139,7 @@ wordpress NOTE: 20200118: Maybe affected, needs deeper triaging, no obvious commits NOTE: 20200118: referenced upstream. (sunweaver) -- -xcftools (Hugo Lefeuvre) +xcftools NOTE: 20200111: wrote a patch + reproducer for CVE-2019-5086, waiting for review. NOTE: but I might just not receive any review any time soon, so I will now attempt to NOTE: fix the second issue and move on with the update. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a601d54c66cf8876ff46f8c2566b7479b5fae8f1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a601d54c66cf8876ff46f8c2566b7479b5fae8f1 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
