[Secure-testing-team] Re: testing security status

Steve Langasek vorlon at debian.org
Tue Oct 11 05:19:46 UTC 2005 

On Mon, Oct 10, 2005 at 05:50:01PM -0400, Joey Hess wrote:
> Another one of my periodic mails generated by checking every security holes
> listed on http://spohr.debian.org/~joeyh/testing-security.html as fixed in
> unstable but not in testing.
> 
> CCing this time to the mailing lists for the ports that appear in the
> most issues below. You can grep for your architecture.
> 
> (Ignoring all m68k problems.)

> abiword
> 	too young
> 	blocked on gmp/gcc-4.0

And on a lot of other things; gmp/gcc-4.0 is ready to go, so is no longer a
blocker, but there are other libs abiword waits on that aren't ready to go
yet.  Also needs manual intervention from an ftpmaster to remove xfonts-abi.

> apachetop
> 	9 days old
> 	blocked on gmp/gcc-4.0
> clamav
> 	20 days old! (DTSAs issued)
> 	blocked by gmp

> kismet
> 	49 days old (DTSA issued)
> 	blocked by gmp

> python2.1
> 	40 days old
> 	blocked by gmp

> python2.3
> 	40 days old
> 	blocked by gmp

Accepted with today's run (if aj commits the britney rerun).

> dia
> 	7 days old
> 	missing sparc build
> 	blocked by gmp/gcc-4.0

It's also blocked by libpng, because it's been built against a version of
libpng that had overly-strict shlibs.  A sourceful upload to unstable would
be best here, AFAICT.

> mozilla
> 	25 days old (DTSAs issued for some issues)
> 	RC bugs
> 	missing alpha, arm, ia64 builds

The newly-uploaded version fixes the alpha, arm, and ia64 build failures; it
just needs to be built on hppa and sparc (and m68k).

> texmacs
> 	85 days old!
> 	missing arm, hppa builds

Will need a reupload to use g++-3.4 on arm/hppa/m68k.

> turqstat
> 	28 days old
> 	missing hppa build
> 	blocked by gcc-4.0/gmp

Also blocked by qt...

> xloadimage
> 	too young
> 	blocked by libpng hich is missing an arm build

Should actually be rebuilt on arm and sparc to lose this libpng dependency;
queued.


-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
vorlon at debian.org                                   http://www.debian.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20051010/775e951a/attachment.pgp

More information about the Secure-testing-team mailing list