Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: 8c4e6aba by Sylvain Beucler at 2024-03-14T17:45:04+01:00 dla: tidy notes - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -53,14 +53,14 @@ cacti (Sylvain Beucler) -- composer (rouca) NOTE: 20240209: Added by Front-Desk (utkarsh) - NOTE: 20240304: Need to backport bullseye - NOTE: 20240312: likely not affected by CVE-2024-24821 + NOTE: 20240304: Need to backport bullseye (rouca) + NOTE: 20240312: likely not affected by CVE-2024-24821 (rouca) -- curl (rouca) NOTE: 20231229: Added by Front-Desk (lamby) NOTE: 20231229: CVE-2023-27534 fixed in bullseye via DSA or point release. (lamby) - NOTE: https://salsa.debian.org/debian/curl/-/merge_requests/21 - NOTE: test fix + NOTE: 20240129: https://salsa.debian.org/debian/curl/-/merge_requests/21 (rouca) + NOTE: 20240312: test fix (rouca) -- dnsmasq (dleidert) NOTE: 20240303: Added by Front-Desk (apo) @@ -72,7 +72,8 @@ docker.io NOTE: 20230706: ask for review testing https://lists.debian.org/debian-lts/2023/07/msg00013.html NOTE: 20230801: rouca and santiago testing the swarm overlay network (including current buster version) NOTE: 20240213: CVE-2024-24557 patch does not directly apply and lack of reproducer test case - NOTE: 20230311: Reverted decision to remove from this file since three CVEs are in bullseye. + NOTE: 20240310: Dropped from dla-needed.txt (ola/front-desk) + NOTE: 20230311: Reverted decision to remove from this file since three CVEs are in bullseye. (ola) -- dogecoin NOTE: 20230619: Added by Front-Desk (Beuc) @@ -111,8 +112,8 @@ i2p imagemagick NOTE: 20230622: Added by Front-Desk (Beuc) NOTE: 20230622: Requested by maintainer (rouca) to tidy remaining open CVEs (Beuc/front-desk) - NOTE: 20231014: Some work under git branch debian/buster but unease - NOTE: 20240227: Made a partial release + NOTE: 20231014: Some work under git branch debian/buster but unease (rouca) + NOTE: 20240227: Made a partial release (rouca) -- jenkins-htmlunit-core-js NOTE: 20231231: Added by Front-Desk (lamby) @@ -127,7 +128,8 @@ jetty9 -- knot-resolver NOTE: 20231029: Added by Front-Desk (gladk) - NOTE: 20240311: Reverted decision to remove from dla-needed since four CVEs has been fixed in bullseye. + NOTE: 20240310: Dropped from dla-needed.txt (ola/front-desk) + NOTE: 20240311: Reverted decision to remove from dla-needed since four CVEs has been fixed in bullseye. (ola) -- libcommons-compress-java (Markus Koschany) NOTE: 20240303: Added by Front-Desk (apo) @@ -187,7 +189,7 @@ nova nss NOTE: 20240121: Added by Front-Desk (apo) NOTE: 20240310: CVE-2023-6135: Upstream suggests to wait until they have a patch for 3.90 (their LTS version) available and backport from there. - NOTE: 20230310: see also: Message-ID: <[email protected]> + NOTE: 20230310: see also: Message-ID: <[email protected]> (tobi) -- nvidia-cuda-toolkit NOTE: 20230514: Added by Front-Desk (utkarsh) @@ -195,16 +197,16 @@ nvidia-cuda-toolkit NOTE: 20230514: piled up. (utkarsh) NOTE: 20230610: Details: https://lists.debian.org/debian-lts/2023/06/msg00032.html NOTE: 20230610: my recommendation would be to put the package on the "not-supported" list. (tobi) - NOTE: 20240311: CVE-2020-5991 is fixed in bullseye. However email sent to suggest removal of support. + NOTE: 20240311: CVE-2020-5991 is fixed in bullseye. However email sent to suggest removal of support. (ola) -- nvidia-graphics-drivers NOTE: 20240303: Added by Front-Desk (apo) NOTE: 20240303: Do we still support the NVIDIA drivers? Can we upgrade to a new upstream release? - NOTE: 20240303: Maybe it's time to mark them EOL? + NOTE: 20240303: Maybe it's time to mark them EOL? (apo/front-desk) -- nvidia-graphics-drivers-legacy-390xx NOTE: 20240303: Added by Front-Desk (apo) - NOTE: 20240303: See comment for nvidia-graphics-drivers. + NOTE: 20240303: See comment for nvidia-graphics-drivers. (apo/front-desk) -- pdns-recursor (dleidert) NOTE: 20240306: Added by Front-Desk (opal) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c4e6aba9f7d3a5f3d0f8ebf76100dca1731596d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8c4e6aba9f7d3a5f3d0f8ebf76100dca1731596d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
