Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker
Commits: 99c3bff4 by Hugo Lefeuvre at 2020-01-27T12:03:36+01:00 dla-needed: update notes for clamav, python-reportlab and xcftools - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -12,8 +12,8 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues -- cacti (Chris Lamb) -- -clamav - NOTE: 20200111: waiting for 0.102.1 to enter stretch/buster. +clamav (Hugo Lefeuvre) + NOTE: 20200127: waiting for 0.102.1 to enter stretch/buster. NOTE: 0.102.* introduces a fair amount of ABI changes, and the migration NOTE: does not seem very smooth from the perspective of users. The release NOTE: team would like to wait for an init script for the new clamonacc @@ -84,8 +84,8 @@ openjpeg2 (Mike Gabriel) -- python-pysaml2 (Abhijith PA) -- -python-reportlab - NOTE: 20200111: still no upstream fix +python-reportlab (Hugo Lefeuvre) + NOTE: 20200127: upstream fix was published, but potentially unsuitable. currently investigating. -- qemu (Utkarsh Gupta) NOTE: 20200118: embedded libslirp in qemu/jessie is affected. (sunweaver) @@ -139,10 +139,11 @@ wordpress NOTE: 20200118: Maybe affected, needs deeper triaging, no obvious commits NOTE: 20200118: referenced upstream. (sunweaver) -- -xcftools +xcftools (Hugo Lefeuvre) NOTE: 20200111: wrote a patch + reproducer for CVE-2019-5086, waiting for review. NOTE: but I might just not receive any review any time soon, so I will now attempt to NOTE: fix the second issue and move on with the update. + NOTE: 20200127: ongoing -- xen -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/99c3bff48a352fa3fdd78da34a262da0fd6088eb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/99c3bff48a352fa3fdd78da34a262da0fd6088eb You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
