Bug #744: Remove obsolete Buster packages - DuckCorp Infrastructure - DuckCorp Projects

Bug #744

Updated by Pierre-Louis Bonicoli over 3 years ago

From a security status mail received today: 
 <pre> 
 Security report based on the bullseye release 

 *** Available security updates 

 CVE-2021-25219 In BIND 9.3.0 -&gt; 9.11.35, 9.12.0 -&gt; 9.16.21,... 
   <https://security-tracker.debian.org/tracker/CVE-2021-25219> 
   - libdns-export1104, libisc-export1100 
 </pre> 

 <pre> 
 root@orthos:~# apt policy libdns-export1104 
 libdns-export1104: 
   Installed: 1:9.11.5.P4+dfsg-5.1+deb10u3 
   Candidate: 1:9.11.5.P4+dfsg-5.1+deb10u3 
   Version table: 
  *** 1:9.11.5.P4+dfsg-5.1+deb10u3 100 
         100 /var/lib/dpkg/status 
 </pre> 

 According to the [Debian security tracker](https://security-tracker.debian.org/tracker/CVE-2021-25219) @1:9.11.5.P4+dfsg-5.1+deb10u5@ is vulnerable. This package is buster only and should be removed. 

 I will remove every buster only (thanks to @apt-forktracer@). 
 * ▢ Elwing 
 * ❔ Jinta (libgcc1 gcc-8-base e2fslibs libcomerr2 multiarch-support linux-image-4.19.0-18-amd64) 
 * ✅ Nicecity (libffi6 libnettle6 libgcc1 libapt-pkg5.0 libip4tc0 gcc-8-base libmpx2 e2fslibs libcomerr2 libreadline7 libapt-inst2.0 linux-headers-4.19.0-5-common cpp-8 libip6tc0 multiarch-support linux-image-4.19.0-18-amd64 libisl19 libhogweed4 linux-kbuild-4.19) 
 * ✅ ▢ Orfeo (libgcc1 libgupnp-1.0-4 gcc-8-base e2fslibs libcomerr2 libreadline5 libgssdp-1.0-3 el-get linux-image-4.19.0-18-amd64) 
 * ✅ Orthos (libapt-pkg5.0 libnettle6 libffi6 libprocps7 libjson-c3 libapt-inst2.0 gcc-8-base libip4tc0 libip6tc0 libhogweed4 perl-modules-5.28 libisc-export1100 libdns-export1104 linux-image-4.19.0-14-amd64 
 * ✅ Thorfinn (libgcc1 libtexlua52 gcc-8-base e2fslibs libcomerr2 libbtparse1 el-get multiarch-support linux-image-4.19.0-18-amd64) 
 * ✅ Toushirou (libgdbm3    libisc-export160 libhogweed4 echoping linux-image-4.19.0-18-amd64 multiarch-support libip6tc0 libprocps6 libapt-inst2.0 libreadline7 libcomerr2 e2fslibs gcc-8-base libip4tc0 liblogging-stdlog0 linux-image-4.9.0-6-amd64 ttf-dejavu-core libapt-pkg5.0 libgcc1 libunistring0 libnettle6 libffi6 libcryptsetup4) 

 There are some packages not upgraded to bullseyes: 
 * molly-guard, rspamd 
 There are some used packages without any bullseyes version: 
 * incron 

 @Duck on Jinta, could these packages be removed: 
 * "dict-freedict-all":https://packages.debian.org/stretch/dict-freedict-all It looks like there isn't a dict meta package anymore ? Should we update a playbook in order to ensure all other dict packages are installed ? 
 * dict-moby-thesaurus, dict-bouvier, dict-gazetteer2k

Back

Project

General

Profile

DuckCorp » DuckCorp Infrastructure

Bug #744