diff options
| author | Holger Levsen <holger@layer-acht.org> | 2020-02-17 08:35:49 +0100 |
|---|---|---|
| committer | Holger Levsen <holger@layer-acht.org> | 2020-02-17 08:35:49 +0100 |
| commit | f64dc2b2022bd15b223ebc2ac4291969884f66d4 (patch) | |
| tree | cee6a8cc637437e9e70eda0f3ee37978e84f7ca6 | |
| parent | d6376a02321ea01d0e09497d646f24fcc3010a75 (diff) | |
semi-automatic unclaim after 2 weeks of inactivity
Signed-off-by: Holger Levsen <holger@layer-acht.org>
| -rw-r--r-- | data/dla-needed.txt | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 16ec010c70..64648cf4e7 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -10,7 +10,7 @@ this list is updated have a look at https://wiki.debian.org/LTS/Development#Triage_new_security_issues -- -clamav (Hugo Lefeuvre) +clamav NOTE: 20200127: waiting for 0.102.1 to enter stretch/buster. NOTE: 0.102.* introduces a fair amount of ABI changes, and the migration NOTE: does not seem very smooth from the perspective of users. The release @@ -68,7 +68,7 @@ php5 (Thorsten Alteholz) python-pysaml2 (Abhijith PA) NOTE: 2020203: test fails already for the one in archive (abhijith) -- -python-reportlab (Hugo Lefeuvre) +python-reportlab NOTE: 20200127: upstream fix was published, but potentially unsuitable. currently investigating. -- qemu (Utkarsh Gupta) @@ -89,7 +89,7 @@ ruby-rack NOTE: slight possibility of this patch inducing a backdoor on its own. (utkarsh2102) NOTE: 20200216: Discussion ongoing on -lts list. (lamby) -- -salt (Mike Gabriel) +salt NOTE: 20200118: about CVE-2019-17361... Compared to the upstream fix, there is a NOTE: 20200118: very similar code passage in salt/jessie's salt/client/api.py file. NOTE: 20200118: Needs to be checked, if that code is vulnerable or not. @@ -100,7 +100,7 @@ slurm-llnl NOTE: 20191125: up for testing https://people.debian.org/~abhijith/upload/slurm-llnl_14.03.9-5+deb8u5.dsc NOTE: Regression found. (abhijith) -- -spamassassin (Mike Gabriel) +spamassassin NOTE: 20200131: Code not checked whether it is actually vulnerable since it likely is. (ola) NOTE: 20200131: Contacted SA maintainer: https://lists.debian.org/debian-lts/2020/01/msg00076.html (sunweaver) -- @@ -128,7 +128,7 @@ wordpress NOTE: 20200118: Maybe affected, needs deeper triaging, no obvious commits NOTE: 20200118: referenced upstream. (sunweaver) -- -xcftools (Hugo Lefeuvre) +xcftools NOTE: 20200111: wrote a patch + reproducer for CVE-2019-5086, waiting for review. NOTE: but I might just not receive any review any time soon, so I will now attempt to NOTE: fix the second issue and move on with the update. |