Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker
Commits: 75d90a17 by Markus Koschany at 2026-01-13T21:16:30+01:00 Reclaim apache-log4j2, dcmtk and jackson-core These packages are already completed and will be released tomorrow. - - - - - 1 changed file: - data/dla-needed.txt Changes: ===================================== data/dla-needed.txt ===================================== @@ -47,7 +47,7 @@ ansible NOTE: 20241123: Made a partial release. only CVE-2024-11079 needed but more upstream backport work needed (rouca) NOTE: 20250422: Testing/bisecting will take more time, please keep it assigned to me (lee) -- -apache-log4j2 +apache-log4j2 (Markus Koschany) NOTE: 20251229: Added by Front-Desk (apo) -- ca-certificates @@ -75,7 +75,7 @@ ckeditor containerd NOTE: 20251113: Added by Front-Desk (ta) -- -dcmtk +dcmtk (Markus Koschany) NOTE: 20251229: Added by Front-Desk (apo) -- docker.io @@ -168,7 +168,7 @@ grub2 NOTE: 20251129: Maintainer (jak) replied: work underway, proposed to skip next point release (2026-01, too soon) NOTE: 20251129: also uncertainty on whether a shim/SBAT (revocation) update is feasible/needed. -- -jackson-core +jackson-core (Markus Koschany) NOTE: 20250707: Added by Front-Desk (apo) NOTE: 20251016: A single patch is not possible to apply to fix the CVE. I'm working on backporting more than one. NOTE: 20251121: Still working backporting patches to fix CVE-2025-52999. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75d90a178bdd6cec7e97a821873f8cbdcfa584d3 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75d90a178bdd6cec7e97a821873f8cbdcfa584d3 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
