Re: script to review no-dsa packages fixed in LTS-1 and TLS+1

To: Emilio Pozuelo Monfort <pochu@debian.org>
Cc: Debian LTS <debian-lts@lists.debian.org>
Subject: Re: script to review no-dsa packages fixed in LTS-1 and TLS+1
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sun, 19 Jul 2020 11:52:18 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.20.2007191145240.3841@jupiter.server.alteholz.me>
In-reply-to: <[🔎] 5bb46b0e-f690-2ca3-affa-bee4c34d44a8@debian.org>
References: <[🔎] 5bb46b0e-f690-2ca3-affa-bee4c34d44a8@debian.org>

Hi Emilio,

thanks a lot for working on this.

On Tue, 7 Jul 2020, Emilio Pozuelo Monfort wrote:

CVE-2019-11187/gosa fixed in jessie and buster but no-dsa in stretch (Minor issue)


This seems to have been fixed via opu.

CVE-2019-3866/mistral fixed in jessie and buster but no-dsa in stretch (Minor issue; can be fixed via point release)
CVE-2019-3866/python-oslo.utils fixed in jessie and buster but no-dsa in stretch (Minor issue; can be fixed via point release)

mistral in buster has been fixed via unstable, so should not be mentionedhere, shouldn't it?python-oslo.utils is <not-affected> in jessie. Probably one CVE for twodifferent packages resolved differently confused your script?


  Thorsten

Reply to:

Follow-Ups:
- Re: script to review no-dsa packages fixed in LTS-1 and TLS+1
  - From: Emilio Pozuelo Monfort <pochu@debian.org>

References:
- script to review no-dsa packages fixed in LTS-1 and TLS+1
  - From: Emilio Pozuelo Monfort <pochu@debian.org>

Prev by Date: Re: Suggestions for handling of condor update
Next by Date: Re: script to review no-dsa packages fixed in LTS-1 and TLS+1
Previous by thread: Re: script to review no-dsa packages fixed in LTS-1 and TLS+1
Next by thread: Re: script to review no-dsa packages fixed in LTS-1 and TLS+1
Index(es):
- Date
- Thread