Brian May <b...@debian.org> writes:
> Any objections by anybody if I upload Antoine Beaupré's packages to
> Debian, this Monday morning at Melbourne timezone?
Done.
Next step, the DLA. I went through the changelog and remove entries that
are already marked as fixed in the security tracker. I think we need to
mark the following as fixed, does this list look correct and complete?
* CVE-2015-2752: xsa125-4.2.patch
* CVE-2015-2756: xsa126-qemut.patch
* CVE-2015-5165: xsa140-backport.patch (no-dsa)
* CVE-2015-5307: xsa156-4.2.patch
* CVE-2015-7969: xsa149.patch
* CVE-2015-7969: xsa151.patch
* CVE-2015-7970: xsa150-4.1.patch (no-dsa)
* CVE-2015-7971: xsa152-4.5.patch
* CVE-2015-7972: xsa153-libxl-4.2.patch (no-dsa, xl)
* CVE-2015-8104: xsa156-4.2.patch
* CVE-2015-8339: xsa159.patch
* CVE-2015-8340: xsa159.patch
* CVE-2015-8550: xsa155-qemut-qdisk-double-access.patch
* CVE-2015-8550: xsa155-qemut-xenfb.patch
* CVE-2015-8550: xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch
* CVE-2015-8550: xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch
* CVE-2015-8554: xsa164.patch
* CVE-2015-8555: xsa165-4.1.patch
* CVE-2015-8615: xsa169.patch
* CVE-2016-1570: xsa167-4.4.patch
* CVE-2016-1571: xsa168.patch
* CVE-2016-2270: xsa154-4.1.patch
* CVE-2016-2271: xsa170-4.3.patch
--
Brian May <b...@debian.org>
