Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker
Commits: b281302d by Roberto C. Sánchez at 2026-01-12T14:43:10-05:00 semi-automatic unclaim after 2 weeks of inactivity Signed-off-by: Roberto C. Sánchez <[email protected]> - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -25,7 +25,7 @@ To make it easier to see the entire history of an update, please append notes rather than remove/replace existing ones. -- -amd64-microcode (tobi) +amd64-microcode NOTE: 20250710: Added by Front-Desk (apo) NOTE: 20250906: Reached out to maintainer, offering help. NOTE: 20250906: Might need newer firmware on the computer or newer kernel (#1109035) @@ -47,7 +47,7 @@ ansible NOTE: 20241123: Made a partial release. only CVE-2024-11079 needed but more upstream backport work needed (rouca) NOTE: 20250422: Testing/bisecting will take more time, please keep it assigned to me (lee) -- -apache-log4j2 (Markus Koschany) +apache-log4j2 NOTE: 20251229: Added by Front-Desk (apo) -- ca-certificates @@ -75,7 +75,7 @@ ckeditor containerd NOTE: 20251113: Added by Front-Desk (ta) -- -dcmtk (Markus Koschany) +dcmtk NOTE: 20251229: Added by Front-Desk (apo) -- docker.io @@ -89,7 +89,7 @@ epiphany-browser (abhijith) NOTE: 20251206: Added by Front-Desk (rouca) NOTE: 20251206: Fix CVE-2023-26081 fixed in buster. Try to fix other CVEs postponed (fd/rouca) -- -ffmpeg (charles) +ffmpeg NOTE: 20251102: Added by Front-Desk (apo) NOTE: 20251125: Re-claim it. I'm working thorugh the long list of postponed NOTE: 20251125: CVEs. I've got the bullseye's patches for CVE-2023-6603 and @@ -165,7 +165,7 @@ grub2 NOTE: 20251129: Maintainer (jak) replied: work underway, proposed to skip next point release (2026-01, too soon) NOTE: 20251129: also uncertainty on whether a shim/SBAT (revocation) update is feasible/needed. -- -jackson-core (Markus Koschany) +jackson-core NOTE: 20250707: Added by Front-Desk (apo) NOTE: 20251016: A single patch is not possible to apply to fix the CVE. I'm working on backporting more than one. NOTE: 20251121: Still working backporting patches to fix CVE-2025-52999. @@ -312,7 +312,7 @@ p7zip-rar NOTE: 20260106: Proposed EOL or full replacement with 7zip (Beuc) NOTE: 20260106: https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/306 -- -pgbouncer (ah) +pgbouncer NOTE: 20251209: Added by Front-Desk (dleidert) NOTE: 20251209: Take care of OSPU as well (and SPU for CVE-2025-12819 if not done by maintainer/secteam) (dleidert/front-desk) NOTE: 20251227: SPU: https://bugs.debian.org/1124079 (ah) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b281302da74e2b9efefdd62e4b89dc8c4972cfa2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b281302da74e2b9efefdd62e4b89dc8c4972cfa2 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
