YA report on security holes that are fixed in unstable but not yet in testing. Executive summary: gcc-3.4 is blocking many security fixes, KDE continues to suck. Also, a RM should look at mtr. groff 1.18.1.1-5 needed, have 1.18.1.1-3 for CAN-2004-1296 Frozen also blocked by gcc-3.4. nasm 0.98.38-1.1 needed, have 0.98.38-1 for CAN-2004-1287 Should go in after ~3 days cupsys 1.1.22-2 needed, have 1.1.20final+rc1-10 for CAN-2004-1270 cupsys 1.1.22-2 needed, have 1.1.20final+rc1-10 for CAN-2004-1269 cupsys 1.1.22-2 needed, have 1.1.20final+rc1-10 for CAN-2004-1268 cupsys 1.1.22-2 needed, have 1.1.20final+rc1-10 for CAN-2004-1267 Delayed by frequent uploads which include another possible security hole, due in 3 days barring more uploads. abcm2ps 4.8.5-1 needed, have 4.6.7-1 for CAN-2004-1258 Uploaded at too low urgency (low); now 7 of 10 days old. mtr 0.67-1 needed, have 0.58-1 for CAN-2004-1224 Frozen, fix is in new upstream version. Needs RM dsecision or t-p-u upload. vim 1:6.3-046+0sarge1 needed, have 1:6.3-013+2 for CAN-2004-1138 Blocked by gcc-3.4, FTBFS on arm for unknown reason. xpdf 3.0.0-11 needed, have 3.00-10 for CAN-2004-1125 Blocked by gcc-3.4. kernel-source-2.4.27 2.4.27-7 needed, have 2.4.27-6 for CAN-2004-1074 kernel-source-2.4.27 2.4.27-7 needed, have 2.4.27-6 for CAN-2004-1068 kernel-image-2.4.27-i386 2.4.27-7 needed, have 2.4.27-6 for CAN-2004-1016 kernel-source-2.4.27 2.4.27-7 needed, have 2.4.27-6 for CAN-2004-0814 Just uploaded, at mostly low urgency. d-i will need to be updated, as well as other architectures. cyrus21-imapd 2.1.17-1 needed, have 2.1.16-10 for CAN-2004-1013 cyrus21-imapd 2.1.17-1 needed, have 2.1.16-10 for CAN-2004-1012 Still blocked by perl. mailutils 1:0.5-4 needed, have 1:0.5-3 for CAN-2004-0984 FTBFS on s390, due to massive test suite failures. Possilbly the test suite wants something that's not present on our s390 buildd? See bug #281653. perl 5.8.4-4 needed, have 5.8.4-3 for CAN-2004-0976 Frozen, out of date on arm, mipsel, see discussion after previous reports, no new progress that I know of. libc6 2.3.2.ds1-19 needed, have 2.3.2.ds1-18 for CAN-2004-0968 Frozen; out of date on arm, hppa, m68k; blocked by gcc-3.4. xfree86 4.3.0.dfsg.1-9 needed, have 4.3.0.dfsg.1-8 for CAN-2004-0914 FTBFS on s390 (buildd out of space); blocked by gcc-3-4. telnetd-ssl 0.17.24+0.1-6 needed, have 0.17.24+0.1-4 for DSA-616-1 Blocked by gcc-3.4. ethereal 0.10.8-1 needed, have 0.10.6-1 for DSA-613-1 Missing arm build, which happened on the 15th but was not uploaded. koffice 1:1.3.4-1 needed, have 1:1.3.2-1.sarge.1 for CAN-2004-0888 kaffeine 0.4.3.1-3 needed, have 0.4.3-1 for CAN-2004-1034 kdelibs 4:3.3.1-2 needed, have 4:3.2.3-2 for CAN-2004-1171 kdebase 4:3.3.1-3 needed, have 4:3.2.2-1 for CAN-2004-1171 kdelibs 4:3.3.1-3 needed, have 4:3.2.3-2 for CAN-2004-1158 kdelibs 4:3.2.3-3.sarge.1 needed, have 4:3.2.3-2 for CAN-2004-0746 konqueror 4:3.2.3-1.sarge.1 needed, have 4:3.2.2-1 for CAN-2004-0721 kdelibs 4:3.2.3-3.sarge.1 needed, have 4:3.2.3-2 for CAN-2004-0721 kdelibs 4:3.2.3-3.sarge.1 needed, have 4:3.2.3-2 for CAN-2004-0690 kpdf 4:3.3.1-1 needed, have 4:3.2.3-1.1 for DSA-573-1 kfax 4:3.3.1-1 needed, have 4:3.2.3-1.1 for DSA-573-1 Maye I can stop worrying about these since the new KDE Is expected to get into testing. In addition to the above, I know of about 25 other security holes that are not fixed in unstable and have RC bugs. Help on these is of course always needed. -- see shy jo
Attachment:
signature.asc
Description: Digital signature