Re: limits of automatic unclaiming (Re: pdns/pdns-recursor)

[Abhijith PA <abhijith@disroot.org>]

Hi, Holger..

On Thursday 27 December 2018 07:46 PM, Holger Levsen wrote:
> Hi Abhijith, Antoine,
> 
> I just ran "./bin/review-update-needed --lts --unclaim 1814400 --exclude
> linux linux-4.9" today and it unclaimed pdns/pdns-recursor as the last
> NOTE entries were more than 3 weeks ago. However Abhijith wrote here:
> 
> On Sat, Dec 22, 2018 at 01:02:06PM +0530, Abhijith PA wrote:
>> I am currently working on pdns[1] and pdns-recursor's[2] security issues
>> and which are marked as no-DSA, postponed. Last month I picked it up as
>> I had some time remaining. Upstream patch is available for the remaining
>> issues(CVE-2018-10851, CVE-2018-14644). Both patches contain C++11
>> specific code and I was only able to port CVE-2018-14644. In
>> CVE-2018-10851 I used 'boost' library's smart pointers to deal with the
>> default C++11 smart pointers, but I am not quite there. I was wondering
>> whether anyone here can _help_ me with it. I don't want to spend anymore
> 
> Abhijith, thanks for this update! Just please also update the notes for
> these packages in data/dla-needed.txt.

I will.

> Antoine, this is an example were automatic unclaim might be problematic,
> as it would have unclaimed pdns/pdns-recursor which is not ideal. (For
> now, just ment as a data point.)
> 
>> time in it as it is not so popular one and it has no-DSA postponed
>> priority.
> 
> pdnsd is used by our sponsors so we should support it as best as we can.

pdnsd is a different package.


--a