Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker
Commits: b93f4c78 by Utkarsh Gupta at 2020-09-28T01:14:20+05:30 Add notes for claimed packages - - - - - 926f2111 by Utkarsh Gupta at 2020-09-28T01:15:23+05:30 Take this week's frontdesk w/ premission - - - - - 2 changed files: - data/dla-needed.txt - org/lts-frontdesk.2020.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -110,7 +110,7 @@ nss (Adrian Bunk) NOTE: 20200914: new CVE for racoon (bunk) -- open-build-service (Utkarsh Gupta) - NOTE: 20200909: in touch with upstream. (utkarsh) + NOTE: 20200928: in touch with upstream - still figuring out the best way to backport. (utkarsh) -- opendmarc NOTE: 20200719: no patches for remaining CVEs available, everything else is already done in Stretch (thorsten) @@ -148,7 +148,9 @@ ruby-doorkeeper NOTE: 20200831: more investigation needed. (utkarsh) -- ruby-json-jwt (Utkarsh) - NOTE: 20200914: testing against the new reproducer. (utkarsh) + NOTE: 20200928: when explicitly specifying the number of elements when splitting + NOTE: 20200928: JWE string, three are chances of regression. the demonstration doesn't + NOTE: 20200928: work as advertised. (utkarsh) -- ruby-kaminari (Utkarsh) NOTE: 20200819: The source in Debian (at least in LTS) appears to have a different lineage to @@ -156,14 +158,14 @@ ruby-kaminari (Utkarsh) NOTE: 20200819: kaminari/kaminari and amatsuda/kaminari repositories does no have the NOTE: 20200819: @params.except(:script_name) line in any part of their history (although the NOTE: 20200819: file has been refactored a few times). (lamby) - NOTE: 20200914: A new module should be written in config/initializers/kaminari.rb. (utkarsh) - NOTE: 20200914: It should prepend_features from Kaminari::Helpers::Tag. (utkarsh) + NOTE: 20200928: A new module should be written in config/initializers/kaminari.rb. (utkarsh) + NOTE: 20200928: It should prepend_features from Kaminari::Helpers::Tag. (utkarsh) -- ruby-oauth -- ruby-rack-cors (Utkarsh) NOTE: 20200817: Was fixed in DLA-2096-1 for jessie LTS but is now re-vulnerable again in stretch LTS AFAICT. (lamby) - NOTE: 20200914: problems in reproducing. will investigate in sometime. (utkarsh) + NOTE: 20200928: last bits of testing + smoke test remains. (utkarsh) -- samba NOTE: 20200703: Check with security team so that there's no clash for Stretch update. (utkarsh) ===================================== org/lts-frontdesk.2020.txt ===================================== @@ -49,7 +49,7 @@ From 31-08 to 06-09:Utkarsh Gupta <[email protected]> From 07-09 to 13-09:Chris Lamb <[email protected]> From 14-09 to 20-09:Mike Gabriel <[email protected]> From 21-09 to 27-09:Thorsten Alteholz <[email protected]> -From 28-09 to 04-10:Abhijith PA <[email protected]> +From 28-09 to 04-10:Utkarsh Gupta <[email protected]> From 05-10 to 11-10:Abhijith PA <[email protected]> From 12-10 to 18-10:Chris Lamb <[email protected]> From 19-10 to 25-10:Thorsten Alteholz <[email protected]> View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c7a4c8b81a6306d1830122c7816b0926ab7bcf84...926f2111833150efb04897094efdededb8bdb27c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c7a4c8b81a6306d1830122c7816b0926ab7bcf84...926f2111833150efb04897094efdededb8bdb27c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
