Re: Removal of sendmail from dla-needed?

To: debian-lts@lists.debian.org
Subject: Re: Removal of sendmail from dla-needed?
From: Sylvain Beucler <beuc@beuc.net>
Date: Wed, 13 Mar 2024 19:00:19 +0100
Message-id: <[🔎] b5772914-d674-4f6f-895f-dc93cd583f9e@beuc.net>
In-reply-to: <[🔎] CABY6=0m-SYkoiCZxgDT3OLLO7JHNVzRfsUxO6NRN=-oZLQrfvA@mail.gmail.com>
References: <[🔎] CABY6=0m-SYkoiCZxgDT3OLLO7JHNVzRfsUxO6NRN=-oZLQrfvA@mail.gmail.com>

Hi,

For reference, re-added through
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a2a182dc53f0632ecd32108c91c071bdad76289

Cheers!
Sylvain Beucler
Debian LTS Team

On 10/03/2024 23:18, Ola Lundqvist wrote:

Hi all

Since I'm not 100% sure about this one I'm sending this out to the list.

We have sendmail in dla-needed. I do not see why so I have removed it.
But I see the following notes:
NOTE: 20240213: Patch need to be extracted (rouca). Upstream does notpublish patches
   NOTE: 20240217: Patch extracted and being reviewed (rouca)
What CVE(s) do this comment apply to? I'm asking since we have no CVEthat is not no-dsa.
Comments or objections?

Reply to:

References:
- Removal of sendmail from dla-needed?
  - From: Ola Lundqvist <ola@inguza.com>

Prev by Date: Re: Question about tinymce dsa/no-dsa decisions
Next by Date: Guidance for CVE triage and listing packages in dla-needed.txt
Previous by thread: Removal of sendmail from dla-needed?
Next by thread: Question about tinymce dsa/non-dsa decisions
Index(es):
- Date
- Thread