Project

General

Profile

Bug #744

Remove obsolete Buster packages

Added by Pierre-Louis Bonicoli 7 days ago. Updated 7 days ago.

Status:
In Progress
Priority:
Normal
Category:
System :: Base
Start date:
2021-11-24
Due date:
% Done:

0%

Estimated time:
Patch Available:
Confirmed:
Yes
Branch:
Entity:
DuckCorp
Security:
Help Needed:
No

Description

From a security status mail received today:

Security report based on the bullseye release

*** Available security updates

CVE-2021-25219 In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21,...
  <https://security-tracker.debian.org/tracker/CVE-2021-25219>
  - libdns-export1104, libisc-export1100

root@orthos:~# apt policy libdns-export1104
libdns-export1104:
  Installed: 1:9.11.5.P4+dfsg-5.1+deb10u3
  Candidate: 1:9.11.5.P4+dfsg-5.1+deb10u3
  Version table:
 *** 1:9.11.5.P4+dfsg-5.1+deb10u3 100
        100 /var/lib/dpkg/status

According to the [Debian security tracker](https://security-tracker.debian.org/tracker/CVE-2021-25219) 1:9.11.5.P4+dfsg-5.1+deb10u5 is vulnerable. This package is buster only and should be removed.

I will remove every buster only (thanks to apt-forktracer).
  • ✅ Elwing
  • ❔ Jinta (libgcc1 gcc-8-base e2fslibs libcomerr2 multiarch-support linux-image-4.19.0-18-amd64)
  • ✅ Nicecity (libffi6 libnettle6 libgcc1 libapt-pkg5.0 libip4tc0 gcc-8-base libmpx2 e2fslibs libcomerr2 libreadline7 libapt-inst2.0 linux-headers-4.19.0-5-common cpp-8 libip6tc0 multiarch-support linux-image-4.19.0-18-amd64 libisl19 libhogweed4 linux-kbuild-4.19)
  • ✅ Orfeo (libgcc1 libgupnp-1.0-4 gcc-8-base e2fslibs libcomerr2 libreadline5 libgssdp-1.0-3 el-get linux-image-4.19.0-18-amd64)
  • ✅ Orthos (libapt-pkg5.0 libnettle6 libffi6 libprocps7 libjson-c3 libapt-inst2.0 gcc-8-base libip4tc0 libip6tc0 libhogweed4 perl-modules-5.28 libisc-export1100 libdns-export1104 linux-image-4.19.0-14-amd64
  • ✅ Thorfinn (libgcc1 libtexlua52 gcc-8-base e2fslibs libcomerr2 libbtparse1 el-get multiarch-support linux-image-4.19.0-18-amd64)
  • ✅ Toushirou (libgdbm3 libisc-export160 libhogweed4 echoping linux-image-4.19.0-18-amd64 multiarch-support libip6tc0 libprocps6 libapt-inst2.0 libreadline7 libcomerr2 e2fslibs gcc-8-base libip4tc0 liblogging-stdlog0 linux-image-4.9.0-6-amd64 ttf-dejavu-core libapt-pkg5.0 libgcc1 libunistring0 libnettle6 libffi6 libcryptsetup4)
There are some packages not upgraded to bullseyes:
  • molly-guard: ✅ 0.7.2.0 is now used instead of 0.7.2.0~buster on every host
  • rspamd: this package is upgraded manually, the upgrade requires to perform some manual checks
There are some used packages without any bullseyes version:
  • incron: ❔
Marc Dequènes on Jinta, could these packages be removed:
  • dict-freedict-all It looks like there isn't a dict meta package anymore ? Should we update a playbook in order to ensure all other dict packages are installed ?
  • dict-moby-thesaurus, dict-bouvier, dict-gazetteer2k

History

#1

Updated by Pierre-Louis Bonicoli 7 days ago

  • Description updated (diff)
  • Status changed from New to In Progress
#2

Updated by Pierre-Louis Bonicoli 7 days ago

  • Description updated (diff)
#3

Updated by Pierre-Louis Bonicoli 7 days ago

  • Description updated (diff)
#4

Updated by Pierre-Louis Bonicoli 7 days ago

  • Description updated (diff)
#5

Updated by Pierre-Louis Bonicoli 7 days ago

  • Description updated (diff)
#6

Updated by Pierre-Louis Bonicoli 7 days ago

  • Description updated (diff)
  • Status changed from In Progress to Rejected
#7

Updated by Pierre-Louis Bonicoli 7 days ago

  • Description updated (diff)
  • Status changed from Rejected to In Progress
#8

Updated by Pierre-Louis Bonicoli 7 days ago

  • Description updated (diff)
#9

Updated by Pierre-Louis Bonicoli 7 days ago

  • Description updated (diff)
#10

Updated by Pierre-Louis Bonicoli 7 days ago

  • Description updated (diff)
#11

Updated by Pierre-Louis Bonicoli 7 days ago

  • Description updated (diff)

Also available in: Atom PDF