Among the 6 debian patches
available in version 0.54-1 of the package,
we noticed the following issues:
4 patches
where the metadata indicates that the patch has not yet been forwarded
upstream. You should either forward the patch upstream or update the
metadata to document its real status.
1 issue left for the package maintainer to handle:
CVE-2018-21269:
(needs triaging)
checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files because a non-terminal path component can be a symlink.
Standards version of the package is outdated.
wishlist
The package should be updated to follow the last version of Debian Policy
(Standards-Version 4.7.0 instead of
4.6.2).
testing migrations
This package will soon be part of the auto-libselinux transition. You might want to ensure that your package is ready for it.
You can probably find supplementary information in the
debian-release
archives or in the corresponding
release.debian.org
bug.
Migration status for openrc (0.53-1 to 0.54-1): BLOCKED: Cannot migrate due to another item, which is blocked (please check which dependencies are stuck)