Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: c3169a52 by Sylvain Beucler at 2026-03-24T10:28:12+01:00 CVE-2026-33250/freeciv: bullseye EOL - - - - - 1990f0ff by Sylvain Beucler at 2026-03-24T10:28:12+01:00 dla: add snapd - - - - - 50db2b88 by Sylvain Beucler at 2026-03-24T10:28:12+01:00 lts-cve-triage: print higher-priority items first fixed in DSA > planned for DSA > LTS-specific > no-dsa > limited support > EOL > consistency checks - - - - - 3 changed files: - bin/lts-cve-triage.py - data/CVE/list - data/dla-needed.txt Changes: ===================================== bin/lts-cve-triage.py ===================================== @@ -67,25 +67,27 @@ except ImportError: #TRACKER_LINK_URL = 'https://security-tracker.debian.org/tracker/' TRACKER_LINK_URL = 'https://deb.freexian.com/extended-lts/tracker/' +# Order: fixed in DSA > planned for DSA > LTS-specific > no-dsa > limited support > EOL +# > consistency checks LIST_NAMES = ( - ('triage_end_of_life', - 'Issues to mark as <end-of-life> for {lts}'.format(**RELEASES)), - ('triage_limited_support', - 'Issues on packages with limited support (review support rules)'), + ('triage_possible_easy_fixes', + ('Issues not yet triaged for {lts}, but already fixed in {next_lts}') + .format(**RELEASES)), ('triage_already_in_dsa_needed', ('Issues to triage for {lts} that are already in dsa-needed') .format(**RELEASES)), + ('triage_other', + 'Unclassified issues to triage (likely LTS-specific)'), ('triage_likely_nodsa', ('Issues to triage for {lts} that are no-dsa in {next_lts}') .format(**RELEASES)), - ('triage_possible_easy_fixes', - ('Issues not yet triaged for {lts}, but already fixed in {next_lts}') - .format(**RELEASES)), + ('triage_limited_support', + 'Issues on packages with limited support (review support rules)'), + ('triage_end_of_life', + 'Issues to mark as <end-of-life> for {lts}'.format(**RELEASES)), ('triage_other_not_triaged_in_next_lts', ('Other issues to triage for {lts} (not yet triaged for {next_lts})') .format(**RELEASES)), - ('triage_other', - 'Other issues to triage (no special status)'), ('from_next_lts', ('Issues postponed for {lts}, but already fixed in {next_lts} via DSA or point releases (low priority)') .format(**RELEASES)), ===================================== data/CVE/list ===================================== @@ -868,6 +868,7 @@ CVE-2019-25544 (Pidgin 2.13.0 contains a denial of service vulnerability that al CVE-2026-33250 (Freeciv21 is a free open source, turn-based, empire-building strategy ...) {DSA-6173-1} - freeciv 3.2.4+ds-1 (bug #1131524) + [bullseye] - freeciv <end-of-life> (Games are not supported in LTS) NOTE: https://redmine.freeciv.org/issues/1955 CVE-2026-4510 (A weakness has been identified in PbootCMS up to 3.2.12. This impacts ...) NOT-FOR-US: PbootCMS ===================================== data/dla-needed.txt ===================================== @@ -426,6 +426,10 @@ samba smb4k NOTE: 20251217: Added by Front-Desk (pochu) -- +snapd + NOTE: 20260324: Added by Front-Desk (Beuc) + NOTE: 20260324: See DSA-6170-1 (root LPE) (Beuc/front-desk) +-- spip NOTE: 20260220: Added by Front-Desk (rouca) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d03d4b1eadeca30998c7bf8b498518149e05b4fb...50db2b880561f8fa844341f047c74ee84ff7c89a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/d03d4b1eadeca30998c7bf8b498518149e05b4fb...50db2b880561f8fa844341f047c74ee84ff7c89a You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
