diff options
| author | Roberto C. Sánchez <roberto@debian.org> | 2022-05-25 10:22:29 -0400 |
|---|---|---|
| committer | Roberto C. Sánchez <roberto@debian.org> | 2022-05-25 10:22:29 -0400 |
| commit | e6d54956dfb7f0f49c844d76f4996d63cce2f3b6 (patch) | |
| tree | 87073c8f453089abff1338a6b9fe07f81a21f4a5 /data/dla-needed.txt | |
| parent | 16d199dc59b575fdb967b5849d21b1ae5d8ef910 (diff) | |
LTS: update subversion notes in dla-needed.txt
Diffstat (limited to 'data/dla-needed.txt')
| -rw-r--r-- | data/dla-needed.txt | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 4dbf6677b6..7481a48043 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -265,6 +265,9 @@ subversion (Roberto C. Sánchez) NOTE: 20220422: Upstream's patch for CVE-2021-28544 does not cleanly apply (eg. "copyfrom_path = apr_pstrdup(...)" assignment) NOTE: 20220422: and, once applied manually, appears to break multiple and possibly unrelated parts of the testsuite. (lamby) NOTE: 20220501: Done some analysis, worked on a patch, cannot find a way to test it, mailed results to Roberto C. Sánchez (enrico) + NOTE: 20220525: Based on the results of Enrico's analysis and some further work, I was able to have the test execute reliably (roberto) + NOTE: 20220525: The test passes, which seems to indicate that the vulnerability does not affect 1.9.5 (roberto) + NOTE: 20220525: I have asked Enrico to replicate my findings (roberto) -- systemd NOTE: 20220524: CVE-2020-1712 marked for update but didn't make it to 9.13 |