Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: 742ebe38 by Sylvain Beucler at 2026-01-02T21:51:44+01:00 dla: drop hdf5 (limited support) - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -167,23 +167,6 @@ guix NOTE: 20250707: Added by Front-Desk (apo) NOTE: 20251011: Proposed for EOL: https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/262 -- -hdf5 - NOTE: 20250410: Added by Front-Desk (Beuc) - NOTE: 20250410: >50 CVEs piled-up during stable/oldstable/lts (Beuc/front-desk) - NOTE: 20250414: Most CVEs don't have identified patches, upstream makes no effort at - NOTE: 20250414: identifying CVEs, and merges huge changesets from develop to - NOTE: 20250414: stable branches in single commits. They have reproducers though at: - NOTE: 20250414: https://github.com/HDFGroup/cve_hdf5/ - NOTE: 20251014: Proposed limited security support in #1117607 (jspricke) - NOTE: 20251014: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117607 - NOTE: 20251107: Please fix what can be reasonably fixed, and add a README.Debian as requested in #1117607 (Beuc/front-desk) - NOTE: 20251107: d-s-s entry proposed (jspricke) - NOTE: 20251107: https://salsa.debian.org/debian/debian-security-support/-/merge_requests/52 - NOTE: 20251128: README.Debian proposed - NOTE: 20251128: https://lists.debian.org/debian-lts/2025/11/msg00022.html - NOTE: 20251128: A priori there are no current CVEs to fix within the new limited support status, - NOTE: 20251128: so let's drop this when the d-s-s MR is merged. (Beuc) --- jackson-core (Markus Koschany) NOTE: 20250707: Added by Front-Desk (apo) NOTE: 20251016: A single patch is not possible to apply to fix the CVE. I'm working on backporting more than one. @@ -242,7 +225,6 @@ libsoup2.4 NOTE: 20251209: Remaining open CVEs need upstream work and then revisited, NOTE: 20251209: possibly also look into wip by spwitton, thus unclaiming NOTE: 20251209: rather than removing this entry. (ah) - -- libstb (abhijith) NOTE: 20251206: Added by Front-Desk (rouca) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/742ebe38c0c6c4ab8ccedc06d74e0e7ce372d56c -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/742ebe38c0c6c4ab8ccedc06d74e0e7ce372d56c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
