will get a tag as the CVEs do not appear to be remotely
exploitable, but check with Mortiz or Salvatore.
fis-gtm isn't listed in packages-to-support for debian-lts, so it would
not appear to be a candidate.
--
Neil Williams
=
https://linux.codehelp.co.uk/
pgpMhuTCRLQCT.pgp
Description: OpenPGP digital signature
.org/tags/depends-on-obsolete-package
> which also does not seem relevant for stretch.
>
> Assuming this analysis makes sense to you, should I ignore these
> lintian errors, or would you prefer that I add lintian overrides to
> the LTS release?
>
>
> Enri
On Wed, 1 Dec 2021 13:38:48 +
Neil Williams wrote:
> On Sun, 28 Nov 2021 21:02:16 +0100
> Salvatore Bonaccorso wrote:
>
> > Hi Adrian, Neil,
> >
> > One additional point:
> >
> > On Sun, Nov 28, 2021 at 08:56:57PM +0100, Sal
> > > On Tue, Aug 31, 2021 at 09:15:15AM +, Raphaƫl Hertzog
> > > (@hertzog) wrote:
> > > >...
> > > > Commits:
> > > > 63957298 by Neil Williams at 2021-08-31T10:11:30+01:0
ELTS message)
--
Neil Williams
=
https://linux.codehelp.co.uk/
pgpNKtpJrG27O.pgp
Description: OpenPGP digital signature
Here is my public monthly report.
Thanks to our sponsors for making this possible, and to Freexian for
handling the offering.
https://www.freexian.com/services/debian-lts.html#sponsors
This month involved responding to a support query on security tracker
data handling.
--
Neil Williams
in November after initial
reports from the customer of a successful backport of a patch to
systemd.
Other work this month was packaging new upstream source for Debian.
--
Neil Williams
=
https://linux.codehelp.co.uk/
pgpjvg9_0rh9t.pgp
Description: OpenPGP digital signature
).
I also looked into #965326 with a proposed change in distro-tracker to
make it easier for packages.d.o to retrieve the same changelog and
copyright as is already used in tracker.d.o
--
Neil Williams
=
https://linux.codehelp.co.uk/
pgpsCjnm4ypiC.pgp
Description: OpenPGP digital
: Only triage CVEs for gpac in ccextractor if the impact on
NOTE: a gpac CLI is likely to be more severe than a command line crash.
NOTE: https://lists.debian.org/debian-lts/2021/09/msg00035.html
>
> Best regards
>
> // Ola
>
> On Mon, 27 Sept 2021 at 15:04, Neil Williams
> wr
like that for lintian would be useful.
Nice and simple, return zero on success, print out a diff and exit
non-zero on failure. If the script could parse an sbuild pre and post
build log file, so much the better.
--
Neil Williams
=
https://linux.codehelp.co.uk/
pgp7gFUcBvQOX.pgp
Description: OpenPGP digital signature
in buster, only
handle gpac and leave ccextractor vulnerable to (i.e. seg fault) at
least some of the known and new CVEs in gpac.
So far, opinion (Sebastien, Raphael & I) is all for option C: - leave
ccextractor unchanged in buster.
Have I missed another solution? Does anyone object to adopt
Stretch.
- CVE-2021-37218 - Not able to reproduce, upstream fix may be
incomplete.
- qt4-x11
- CVE-2020-24742 - vulnerable code introduced later
- CVE-2020-24741 - vulnerable code introduced later
--
Neil Williams
=
https://linux.codehelp.co.uk/
pgp16SZ4Ff0eJ.pgp
nt-config
- preparing a merge request for Debian Ontology support.
--
Neil Williams
=
Debian LTS team
pgpxNZOENih8y.pgp
Description: OpenPGP digital signature
13 matches
Mail list logo
