Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits: e0c41834 by Bastien Roucariès at 2025-12-06T22:25:13+01:00 dla-needed: add package that have a regression from buster - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -313,6 +313,9 @@ openjpeg2 NOTE: 20251206: Avoid regression from buster: CVE-2025-50952 (rouca/front-desk) NOTE: 20251206: Fix postponed CVE and do dsa/PU work if needed (rouca/front-desk) -- +osslsigncode + NOTE: 20251206: Added by Front-Desk. Avoid a regression from buster (rouca) +-- p7zip NOTE: 20251020: Added by Front-Desk (dleidert) NOTE: 20251020: I disagree with the low-severity ratings; but finding the patches might be a hard (dleidert/front-desk) @@ -320,6 +323,12 @@ p7zip p7zip-rar NOTE: 20250719: Added by Front-Desk (Beuc) -- +paramiko + NOTE: 20251206: Added by Front-Desk. Avoid a regression from buster (rouca) +-- +php-dompdf + NOTE: 20251206: Added by Front-Desk. Avoid a regression from buster (rouca) +-- php-laravel-framework NOTE: 20250307: Added by Front-Desk (rouca) NOTE: 20251027: History of upstream branch fixing v12: git log 9de75259..2d133034^2. @@ -329,12 +338,21 @@ php-laravel-framework NOTE: 20251027: tests is required to prevent regressions, but I could not get the upstream NOTE: 20251027: test suite to work. It is not exercised as part of Debian packages build. (paride) -- +pillow + NOTE: 20251206: Added by Front-Desk. Avoid a regression from buster (rouca) +-- python-django (Chris Lamb) NOTE: 20251106: Added by Front-Desk (Beuc) NOTE: 20251106: Lots of postponed vulnerabilities triaged for the next update. NOTE: 20251106: Also, time to finalize the SPU? (Beuc/front-desk) NOTE: 20251106: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1079454 -- +python-mechanize + NOTE: 20251206: Added by Front-Desk. Avoid a regression from buster (rouca) +-- +python-oslo.utils + NOTE: 20251206: Added by Front-Desk. Avoid a regression from buster (rouca) +-- rails (rouca) NOTE: 20250105: Added by Front-Desk (apo) NOTE: 20250305: Utkarsh uploaded the CVE fixes to unstable via rails/7.2.2.1. (utkarsh) @@ -344,6 +362,12 @@ rails (rouca) NOTE: 20251120: Import old security release and fix. Will likely do a partial release due to number of CVEs (rouca) NOTE: 20251125: Do a partial release. Need to fix bookworm first (rouca) -- +ruby-git + NOTE: 20251206: Added by Front-Desk. Avoid a regression from buster (rouca) +-- +ruby-sidekiq + NOTE: 20251206: Added by Front-Desk. Avoid a regression from buster (rouca) +-- runc NOTE: 20251105: Added by Front-Desk (Beuc) NOTE: 20251105: 3 high-severity container breakouts. Used by docker.io. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0c418345277d8d86d55e74c53f40db0e32c904f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0c418345277d8d86d55e74c53f40db0e32c904f You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
