[10:00] <bittin> any new episode today?
[10:00] <bittin> of the podcast
[10:00] <bittin> that is
[11:05] <mainek00n> I was looking at the Ubuntu Security Tracker git repository and found something strange.
[11:05] <mainek00n> In the README, Package Status should be written as `<release>_<source-package>: <status> (<version/notes>)`.
[11:05] <mainek00n> However, in https://git.launchpad.net/ubuntu-cve-tracker/tree/active/CVE-2022-1921, it is written as `upstream_gst-plugins-good1.0: 1.20.3`.
[11:06] <mainek00n> Checking at https://ubuntu.com/security/CVE-2022-1921, the status of upstream is released.
[11:07] <mainek00n> Therefore, it should be written as `upstream_gst-plugins-good1.0: released (1.20.3)`.
[11:09] <mainek00n> If you know of a more appropriate place to report, please let me know.
[11:28] <amurray> bittin: yes, apologies I am a bit behind - will take another hour or two
[11:30] <amurray> mainek00n (if you see this in IRC logs): thanks for the heads up - I've just updated it via https://git.launchpad.net/ubuntu-cve-tracker/commit/?id=0d72c098eed6292d3fd067d3fb57186cee7a289d
[11:31] <amurray> mainek00n: thanks for heads up - I've just updated it https://git.launchpad.net/ubuntu-cve-tracker/commit/?id=0d72c098eed6292d3fd067d3fb57186cee7a289d
[11:32] <amurray> (we do have a script which is meant to catch things like this but apparently we purposefully don't check the upstream field: https://git.launchpad.net/ubuntu-cve-tracker/tree/scripts/check-syntax#n473)
[11:35] <mainek00n> I'm watching this repository pretty carefully, but if I find mistakes again, shall I send a Patch?
[11:37] <mainek00n> For example, a typo for `Tags_cupsys_gutsy` instead of `Tags_cups_gutsy`.
[11:37] <mainek00n> https://git.launchpad.net/ubuntu-cve-tracker/tree/retired/CVE-2007-4351?id=0d72c098eed6292d3fd067d3fb57186cee7a289d#n19
[11:38] <bittin> amurray, alright attending Fedora flock, but will listen to it tommorow then, thanks
[12:45] <amurray> mainek00n: sure, you can send a merge request if you like - see https://help.launchpad.net/Code/Git for how launchpad does git - in particular once you've cloned the git repo you can push it to your own remote (see "Pushing your code" on that help page)  - and when you do push it to your own local fork, git should then prompt you if you want to file a merge request
[12:46] <amurray> mainek00n: or you can do it via the web interface too I think - see "Fork it to your account" on https://code.launchpad.net/ubuntu-cve-tracker
[12:55] <amurray> bittin: hope you enjoy flock! - fwiw the podcast for this week just went live - https://ubuntusecuritypodcast.org/episode-171/
[13:04] <bittin> amurray, thanks
[14:14] <sbeattie> mainek00n: FYI, back in gutsy, the source package for cups was named cupsys, it's not a typo. https://launchpad.net/ubuntu/+source/cupsys/+publishinghistory
[14:15] <sbeattie> mainek00n: oh, I see what you're saying.
[14:16]  * sbeattie gets coffee
[14:24] <mainek00n> I was thinking the same thing about cupsys.
[14:24] <mainek00n> https://git.launchpad.net/~mainek00n/ubuntu-cve-tracker/commit/?id=2b2e900c9519d518eb789a11fd4088a0c84c93d6
[14:26] <mainek00n> I'm sorry I'm not good at communicating……
[14:31] <mainek00n> I wrote two patches.
[14:31] <mainek00n> https://code.launchpad.net/~mainek00n/ubuntu-cve-tracker/+git/ubuntu-cve-tracker/+ref/patch-1
[14:31] <mainek00n> https://code.launchpad.net/~mainek00n/ubuntu-cve-tracker/+git/ubuntu-cve-tracker/+ref/patch-2
[19:10] <luis220413> Please release the fix for node-moment in bug 1982617.
[21:09] <luis220413> Please release the fix for jupyter-notebook in bug 1982670, even though CVE-2021-32798 is unfixed (it requires at least 5 new packages in Bionic and 3 in Focal).
[21:29] <luis220413> leosilva: I have fixes for 2 distinct packages ready for sponsoring. 
[21:32] <luis220413> See bug 1982617 and bug 1982670