Actions
Bug #744
closed
Remove obsolete Buster packages
Start date:
2021-11-24
Due date:
% Done:
100%
Estimated time:
Patch Available:
Confirmed:
Yes
Branch:
Entity:
DuckCorp
Security:
Help Needed:
No
Description
From a security status mail received today:
Security report based on the bullseye release *** Available security updates CVE-2021-25219 In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21,... <https://security-tracker.debian.org/tracker/CVE-2021-25219> - libdns-export1104, libisc-export1100
root@orthos:~# apt policy libdns-export1104
libdns-export1104:
Installed: 1:9.11.5.P4+dfsg-5.1+deb10u3
Candidate: 1:9.11.5.P4+dfsg-5.1+deb10u3
Version table:
*** 1:9.11.5.P4+dfsg-5.1+deb10u3 100
100 /var/lib/dpkg/status
According to the [Debian security tracker](https://security-tracker.debian.org/tracker/CVE-2021-25219) 1:9.11.5.P4+dfsg-5.1+deb10u5 is vulnerable. This package is buster only and should be removed.
apt-forktracer).
- ✅ Elwing
- ❔ Jinta (libgcc1 gcc-8-base e2fslibs libcomerr2 multiarch-support linux-image-4.19.0-18-amd64)
- ✅ Nicecity (libffi6 libnettle6 libgcc1 libapt-pkg5.0 libip4tc0 gcc-8-base libmpx2 e2fslibs libcomerr2 libreadline7 libapt-inst2.0 linux-headers-4.19.0-5-common cpp-8 libip6tc0 multiarch-support linux-image-4.19.0-18-amd64 libisl19 libhogweed4 linux-kbuild-4.19)
- ✅ Orfeo (libgcc1 libgupnp-1.0-4 gcc-8-base e2fslibs libcomerr2 libreadline5 libgssdp-1.0-3 el-get linux-image-4.19.0-18-amd64)
- ✅ Orthos (libapt-pkg5.0 libnettle6 libffi6 libprocps7 libjson-c3 libapt-inst2.0 gcc-8-base libip4tc0 libip6tc0 libhogweed4 perl-modules-5.28 libisc-export1100 libdns-export1104 linux-image-4.19.0-14-amd64
- ✅ Thorfinn (libgcc1 libtexlua52 gcc-8-base e2fslibs libcomerr2 libbtparse1 el-get multiarch-support linux-image-4.19.0-18-amd64)
- ✅ Toushirou (libgdbm3 libisc-export160 libhogweed4 echoping linux-image-4.19.0-18-amd64 multiarch-support libip6tc0 libprocps6 libapt-inst2.0 libreadline7 libcomerr2 e2fslibs gcc-8-base libip4tc0 liblogging-stdlog0 linux-image-4.9.0-6-amd64 ttf-dejavu-core libapt-pkg5.0 libgcc1 libunistring0 libnettle6 libffi6 libcryptsetup4)
- molly-guard: ✅
0.7.2.0is now used instead of0.7.2.0~busteron every host - rspamd: this package is upgraded manually, the upgrade requires to perform some manual checks
- incron: ❔
- dict-freedict-all It looks like there isn't a dict meta package anymore ? Should we update a playbook in order to ensure all other dict packages are installed ?
- dict-moby-thesaurus, dict-bouvier, dict-gazetteer2k
Updated by Pierre-Louis Bonicoli over 2 years ago
- Description updated (diff)
- Status changed from New to In Progress
Updated by Pierre-Louis Bonicoli over 2 years ago
- Description updated (diff)
- Status changed from In Progress to Rejected
Updated by Pierre-Louis Bonicoli over 2 years ago
- Description updated (diff)
- Status changed from Rejected to In Progress
Updated by Marc Dequènes almost 2 years ago
Quack,
I upgraded rspamd to bullseye but forgot to update this ticket.
incron is only used for handling package uploads in our Debian repository. I'm fine with replacing it but I have no idea what alternatives are out there.
As for dict-freedict-all it was removed, let's list deps we use most as you suggested. I'm fine with removing the other packages as they are most surely unmaintained upstream anyway.
Updated by Marc Dequènes 10 months ago
- Status changed from In Progress to Resolved
- % Done changed from 0 to 100
Ok, all done. Also did the same for Bookworm.
Actions