March 2018 Archives by thread
Starting: Thu Mar 1 03:35:06 UTC 2018
Ending: Sat Mar 31 21:22:27 UTC 2018
Messages: 954
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] claim zsh in dla-needed.txt
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Apple bluetoothd NFUs
Paul Wise
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-15130/dovecot
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-14461/dovecot
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add commits for CVE-2017-14461/dovecot
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add commits for CVE-2017-15130/dovecot
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim freexl in dla-needed.txt.
Bas Couwenberg
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add dovecot to dsa-needed list
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-12627/xerces-c
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2017-14461/dovecot
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-7330, Wheezy and Jessie and Stretch not affected
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] add isc-dhcp to dsa-needed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add note that apoikos will prepare updates for dovecot
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18208/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Dovecot issues fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7570/binutils
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7569/binutils
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7568/binutils
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new icinga2 issues
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add references for CVE-2018-653{2, 3, 4, 5}
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add references for CVE-2017-3144, CVE-2018-5732 and CVE-2018-5733
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add two new mosquitto issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] claim isc-dhcp
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2018-7550/qemu
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Take simplesamlphp (new issues since last taken).
Thijs Kinkhorst
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] MITRE clarified the scope of CVE-2018-6533 and CVE-2017-16933
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record proposed fix for CVE-2017-15906/openssh via stretch-pu
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record proposed fix for unbound via stretch-pu
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add two new krb5 issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-57{29, 30}/krb5
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7584/php*
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18211/imagemagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18210/imagemagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18209/imagemagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7566/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim imagemagick in dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim tomcat7 in dla-needed.txt.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] DSA 4127-1 simplesamlphp
Thijs Kinkhorst
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add temporary workaround for SSPSA 201802-01 until CVE assigned and remove…
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1066/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1065/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1063/policycoreutils
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Take care of the linux regression update
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add new cimg issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] imagemagick no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: take simplesamlphp
Thijs Kinkhorst
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add temporary workaround and remove no-dsa tags for issues included in update
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1058 as no-dsa
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA-4128-1 for trafficserver (CVE-2017-5660, CVE-2017-7671)
Sebastien Delafond
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2017-5660 (trafficserver)
Sebastien Delafond
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE assigned for SSPSA 201802-01
Thijs Kinkhorst
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-7644: Remove specific suite tagged entries (now in DSA and DLA list)
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove TODO item for CVE-2017-7559
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add reported bug for CVE-2018-1047
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-1048: #891928
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7440/leptonlib bug reference
Santiago R.R.
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-7440 and CVE-2018-3836
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2018-1047, wildfly/undertow: Add link to pull request
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add missing DLA-1297-1 for freexl and bump DLA number for simplesamlphp
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries for CVE-2017-15132
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add freexl to DLA list.
Bas Couwenberg
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] freexl DSA
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7648/openjpeg2
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-7648/openjpeg2 as unimportant
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7643/binutils
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7642/binutils
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-76{37, 38, 39, 40, 41}/cimg
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA for dovecot
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] update NOTE: zsh in dla-needed
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-5803/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000115/memcached
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] REserve DSA for linux regression update
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-7440/leptonlib as fixed with unstable upload
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7262
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixed version for glibc issues now that 2.27-1 entered unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Correct references to commits for isc-dhcp
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2017-3144
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1048, undertow: Link to patch
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2017-7559, undertow: Link to patch, correct upstream bug
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] SAML vulns
Paul Wise
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] SAML NFU
Paul Wise
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] node-hoek more details
Paul Wise
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] node-ssri ReDoS
Paul Wise
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] fastify NFU
Paul Wise
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] electron details
Paul Wise
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] npm serve NFU
Paul Wise
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18196/leptonlib jessie and wheezy not affected
Santiago R.R.
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] node-ssri unimportant, nodejs not covered by security support
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2017-11430: reference the upstream issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-6412 as unimportant
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Sync various issues with kernel-sec triage from benh
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Fixup state for CVE-2017-18174 with kernel-sec
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] node-moment ReDoS
Paul Wise
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] node-moment: old ReDoS: fixed
Paul Wise
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] correct note timestamp in dla-needed
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update CVE-2017-18174 information
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] mariadb-10.2 removed from the archive
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-7651 assigned
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] xen, libvpx DSA
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new zypper issue
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2017-16612/wayland fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove no-dsa tags for CVE-2017-3144
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7550/qemu
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] memcached no-dsa in wheezy as well, listens only on localhost
Antoine Beaupré
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2017-3469/mysql-workbench fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record proposed update for wayland via jessie-pu
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record CVE-2017-16612 proposed update via stretch-pu
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] open-build-service n/a
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new OBS issue
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new libzypp issues
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add new libsdl2-image
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add new simplesamlphp issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Re-add python-crypto to dla-needed
Brian May
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add likely fix for simplesamlphp issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: clamav: add data for a CVE
Sebastian Siewior
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2017-18214 assigned
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Merge one older temporary entry to the assigned CVE-2016-4055
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add TALOS references to libsdl2-image issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2017-14461/dovecot
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 4 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1299-1 for libjgraphx-java
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-7652: NOT-FOR-US: Zonemaster Web GUI
Luciano Bello
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-7567 as yet unfixed
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-14804 as fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record fixed versions for isc-dhcp issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2018-7568, CVE-2018-7569, CVE-2018-7570, CVE-2018-7642, CVE-2018-7643…
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark SSPSA 201803-01 no-dsa, update fixed version for CVE-2017-12873 (does not…
Thijs Kinkhorst
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new tor issues
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add references for tor issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1300-1 for xen
Felix Geyer
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add patch links for recent libsdl2-image CVEs
Felix Geyer
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: OBS, zypper no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2017-18209, CVE-2017-18211, imagemagick: Wheezy is not affected
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove imagemagick from dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Use HTTPs for hg.libsdl.org links
Felix Geyer
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1054/389-ds-base
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-1054
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove libreoffice regression details - wheezy LTS
Brian May
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add reference to CVE-2018-7456
Brian May
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18216/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18218/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18215/xv
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add assigned CVE-2018-7711/simplesamlphp
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-1002102 as NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add three new opencv issues, keep undetermined
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18220/graphicsmagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18219/graphicsmagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2017-18219/graphicsmagick fixed in 1.3.27-1
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update status for CVE-2017-18220, needs clarification
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2018-0490 & CVE-2018-0491 (tor) for wheezy; end-of-life in this distribution.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1301-1 for tomcat7
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] pycryptodome fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Record upstream fixed versions for CVE-2018-7584
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] patches for dovecot are done
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add two new python-django issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] irssi fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add issue for bash-completions
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add notes for util-linux/bash-completion issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add util-linux to dsa-needed list
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2018-7731/exempi
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7729/exempi
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7728/exempi
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-7731 as not-affected for jessie
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-7738/util-linux assigned
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process three piwigo issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add new zziplib issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2017-15709 fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-7731 (exempi) for wheezy.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-7738 (util-linux) for wheezy.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1302-1 for leptonlib
Santiago R.R.
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1062 as NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Cleanup trailing whitespaces
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000119/ruby-rack-protection
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-1000119
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] update note zsh: dla-needed.txt
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record fixing version for python-django issues
Salvatore Bonaccorso
- [Secure-testing-commits] Webs profesionales
Vipweb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixing version for CVE-2018-7738/util-linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7740/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18221/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim clamav in dla-needed.txt
Santiago R.R.
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Document progress on mbedtls for Stretch
Sebastien Delafond
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Drop trailing whitespce.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new python issue
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] obs-build spu
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-7567 as unimportant
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add new python-bleach issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000100/gpac
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000116/net-snmp
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000118/electron, itp'ed, #842420
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process two more NFUs
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] zziplib no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA number for isc-dhcp
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-7725 (zziplib) for wheezy.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7752/gpac
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-7753/python-bleach assigned
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add upstream claimed (and checked for the respective commit) fixed version for CVE-2018-6954
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Six binutils CVEs fixed in unstable upload
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1303-1 for python-django
Brian May
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Start tracking ntpsec as well for february's ntp security advisory
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1069 as NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7755/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new adminer issue
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add upstream issue link note for CVE-2018-7712, CVE-2018-7713, CVE-2018-7714/opencv
Santiago R.R.
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-7726 & CVE-2018-7727 (zziplib) for wheezy.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] exempi, libcdio, python-crypto, mp4v2 no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Fix note for CVE-2017-7427
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update reference for CVE-2018-7550
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7290, NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2015-8855
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18222/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7757/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add several new ming issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 4 commits: Triage mp4v2 for LTS
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1071/zsh
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-580{0, 1, 2}/libraw
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7858/qemu
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2018-580{0, 1, 2}/libraw
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add calibre issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Slightly reorder list in preparation for point release
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] chromium fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] mark opencv asserts as ignored
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] qemu n/a for stable/oldstable
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-7858 (qemu) for wheezy.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1304-1 for zsh
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: two ntp issues no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7858/qemu
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7995/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-1065/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add reference to commit for CVE-2018-1054/389-ds-base
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-6916: kfreebsd-10
Luciano Bello
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] libpodofo (bug #892520)
Luciano Bello
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-6916 as unimportant
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7999/graphite2
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7998/vips
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove electrum entries, pending for removal of 9.4
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove dolibarr entries, pending for removal of today's 9.4
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record bug and fixed version for calibre issue: #892242, CVE-2018-7889
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Fix typo in note for CVE-2018-7752 making clear to which issue the CVE is associated
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7752
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record one more memcached CVE planned to go in via upcoming stretch-pu
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record proposed cups update via jessie-pu
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixed version for xen in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove first round of merges from 9.4
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update first entries included in 9.4
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add more fixes from 9.4
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove merged updates
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2017-17564
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Fix for CVE-2018-1053 included in 9.4
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim exempi in dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add webkit2gtk fixes from 9.4 point release
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixed version for clamav CVE-2018-0202
Scott Kitterman
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add information for CVE-2018-1000089
Scott Kitterman
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Move bug reference to source
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] add information for CVE-2016-9865
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] deal with the newest libpodofo CVEs
Mattia Rizzolo
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-7170 and CVE-2018-7183 (ntp) for wheezy.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] phpymyadmin in wheezy not vulnerable to CVE-2018-7260
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2016-9865: Add commit for master branch
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-052{4, 5}/jubatus, itp'ed: #704100
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-7260
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-7260 as no-dsa
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA number for util-linux update
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7998/vips
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-7998 as no-dsa
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7999/graphite2: #892590
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8043/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7998/vips fixed version in unstable
László Böszörményi
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8050/afflib
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8050 bug reference for afflib
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Claim DLA-1305-1 for ming 0.4.4-1.1+deb7u7
Hugo Lefeuvre
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] add a note with the upstream commits
Mattia Rizzolo
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Fix CVE NOTE
László Böszörményi
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Triage vips for LTS
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1306-1 for vips
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] graphite no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add missing epoch in ming version
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixing version for CVE-2018-7999/graphite2 in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Triage graphite2 for LTS
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] mark libcdio no-dsa as already done for jessie+stretch
Holger Levsen
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] claim phpmyadmin in dsa-needed.txt
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] claim graphite2 in dla-needed.txt
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add note:phpmyadmin in dsa-needed
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] cron fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18224/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-4952 as NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] abiword fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] abiword still unfixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add note for abiword explaining problem with --with-gnomevfs
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] podofo no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] gifsicle unimportant
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] wireshark, zsh no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] add ICU to dsa-needed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] add tor to dsa-needed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] icu bug
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] cimg no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] libvirt: mark CVE-2018-6764 as not affecting jessie and wheezy
Guido Günther
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] cimg bug
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] exempi bug
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add reference for icu issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark postgresql-9.1 CVE-2018-1058 as minor in wheezy
Brian May
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7749/python-asyncssh
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7749/python-asyncssh
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-12196/undertow
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-1002101/kubernetes
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for kubernetes issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8087/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8086/glibc, keep todo until properly checked
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add two new samba issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA number for samba update
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Android NFUs
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000097/sharutils
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 389-ds-base fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] samba fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1057 not for Wheezy
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new firefox-esr issues
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new firefox issues
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] add and take firefox
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove CVE-2018-8086 entry
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2016-995{2, 3}/curl
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7750/paramiko
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-100010{2, 3} REJECTED as they are duplicate for CVE-2018-100006{7, 8}
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Correct CVE-2017-1002102 classification
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7750
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove unneeded TODO
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVEs affecting ajenti, itp'ed, #792019
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2017-16896/tt-rss
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] dsa-needed:
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-15422/icu fixed version in unstable
László Böszörményi
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 3 commits: add uwsgi to dsa-needed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Partially sync CVE-2017-18222 status with kernel-sec
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Status update for some linux issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add link to upstream fix for CVE-2017-11613
Brian May
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] firefox issues fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000122/curl
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000121/curl
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000120/curl
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add curl to dsa-needed list
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] dla: take firefox-esr
Emilio Pozuelo Monfort
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] firefox-esr fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] packages/clamav: include info about how to handle clamav updates
Santiago R.R.
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000128, duplicate of CVE-2018-7752
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process CVE-2017-18231/graphicsmagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18230/graphicsmagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18229/graphicsmagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process CVE-2018-1000126/ajenti, itp'ed, #792019
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000127/memcached
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] exempi fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record fixed version for mupdf in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: add curl to dla-needed.txt
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] mark CVEs for cimg as no-dsa
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] mark CVEs for libpodofo as no-das
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] mark CVEs for paramiko as no-dsa
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1064/libvirt
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove no-dsa tag for CVE-2018-5748
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove no-dsa tag from CVE-2018-6764, included in upcoming DSA
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-18222 as unfixed and follow kernel-sec
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add further note expansion for CVE-2017-5715
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8099/libgit2
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8098/libgit2
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-8098
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-8099
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Cleanup CVE-2018-1000128 entry
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] curl DSA
Alessandro Ghedini
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 3 commits: Process NFUs
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2018-1000132/mercurial
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000132 bug reference for mercurial issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] libvirt DSA
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim curl in dla-needed.txt
Santiago R.R.
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] jakarta-jmeter no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new xpdf issues potentially affecting poppler
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixing version for CVE-2018-1000115/memcached
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-8050/afflib, #892599 fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process CVE-2018-4920 as NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process CVE-2018-4919 as NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1323/libapache-mod-jk
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1080/dogtag-pki
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process CVE-2018-1077 as NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-12194/{spice, spice-gtk}
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] libvirt issue fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add new linux issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA-4138-1 for mbedtls (CVE-2017-18187, CVE-2018-0487, CVE-2018-0488)
Sebastien Delafond
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Two gitlab issues in stretch confirmed n/a by upstream
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new freeplane issue
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: add mercurial to dla-needed.txt
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add information for CVE-2018-1000069/freeplane
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1307-1 for clamav
Santiago R.R.
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] bin/unsupported_packages.py: Update to match new location of debian-security-support repository.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] dla: unclaim ruby packages
Emilio Pozuelo Monfort
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1308-1 for firefox-esr
Emilio Pozuelo Monfort
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-9268/open-build-service
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7033/slurm-llnl
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2018-7033
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7033
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18238/exempi
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18237/exempi
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18236/exempi
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18235/exempi
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18234/exempi
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18233/exempi
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Holger wanted to upload samba
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 4 commits: readd leptonlib
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update entry for gitlab, jmm taking care of it
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Add DSA-4139-1/firefox-esr
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record 8u162-b12-1 upload for openjdk-8
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Return mercurial to the pool as I don't think I'll get to it again within 24h.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Re-add section.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new hhvm issue
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Two NFUs from Android Security Bulletin-March 2018
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] openjdk-9 fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVe-2018-7749/python-asyncssh fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add note for CVE-2018-1068
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Two Java issues not in OpenJDK
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] data/dla-neede.txt: Add note for CVE-2018-7667 (adminer).
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-5146 tracking entry
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-5147
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Take two entries
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add firefox entries for CVE-2018-514{6, 7}
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed, add jmm as taking care of
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for libvorbis
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-5147
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Resolve various xpdf TODOs
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] next issues for firefox-esr
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] add libvorbisidec to dla-needed
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libvorbis
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-5147/libvorbisidec in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libvorbisidec update
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: icu in Wheezy not vulnerable
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] add note:graphite2 in dla-needed.txt
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] claim uwsgi in dla-needed.txt
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1324/libcommons-compress-java
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1324 as no-dsa
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-1324/libcommons-compress-java: #893174
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7544
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add note for icu
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Take uwsgi from dsa-needed list
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8740/sqlite3
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-8740: #893195
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add new squirrelmail issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixed version CVE-2018-5146/libvorbis in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] typofix
Henri Salo
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8740/sqlite3 fixed version in unstable
László Böszörményi
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-8741/squirrelmail assigned
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-5233
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-514{6, 7}/firefox fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-514{6, 7}/firefox-esr fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Update note for adminer to justify longer-term squatting of entry.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-7262 as not affected in Debian according to investigation of maintainer
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Cleanup trailing whitespaces
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA number for uwsgi update
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] fix typo
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] firefox DSA
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] sqlite no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] openjdk-8 DSA
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] lts: unassign vorbis
Guido Günther
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-6187/CVE-2018-6544 ignored in Wheezy
Hugo Lefeuvre
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Unclaim mupdf in dla-needed.
Hugo Lefeuvre
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim tiff in dla-needed, now working on CVE-2018-7456
Hugo Lefeuvre
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update lame and ming entries in dla-needed
Hugo Lefeuvre
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add part 2 of patch for CVE-2017-11613
Brian May
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark three gdk-pixbuf issues as fixed via unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2017-11428/ruby-saml
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-7490/uwsgi in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8768
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] tor browser specific
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update note for adminer in data/dla-needed.txt.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8769/elfutils
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8754/libevt
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Quagga issues fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-8769
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] gitlab DSA
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] take icu
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 8 commits: follow security team for CVE-2018-8740
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DLA-1309-1 for curl
Santiago R.R.
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update status on CVE-2018-8769/elfutils
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-8754
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reference fix for CVE-2018-8768
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove TODO item for CVE-2018-8768
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-8768/jupyter-notebook
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2017-16611/libxfont fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-7033/slurm-llnl fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add apicca-unix source package for CVE-2017-1369{3, 4, 5}
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim jruby, ruby1.9.1 and rubygems in dla-needed.txt
Santiago R.R.
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Still no adminer patch.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] civicrm fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] sharutils bug
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add report for CVE-2018-7667
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Note change ind adminer 4.4.0 changing behaviour in response to the CVE-2018-7667 report
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add commit for adminer which disalowss connecting to privileged ports
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-7667: add additional note on rate-limiting login attempts
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7260/phpmyadmin
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7339/mp4v2
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for curl issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] take plexus-utils
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2017-12196, undertow: Add link to patch.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2017-12196, undertow: One more patch.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-1000097/sharutils
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Don't consider CVE-2017-5715 yet as fixed (not completely)
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8048/ruby-loofah
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-3740/ruby-sanitize
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8804/imagemagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process one further NFUs
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add two new ming issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-88{08, 09, 10}/radare2
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record fixes for linux/4.15.11-1
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-8048
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process three imagemagick issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-8804 fixed in imagemagick/8:6.9.9.39+dfsg-1
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add note for CVE-2018-3740
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-3740
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] mark CVE-2018-7667 as fixed with 4.5.0-1
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] plexus-utils DSA
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8828/kamailio
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8822/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000135/network-manager
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove TODO item
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add imagemagick to dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim libvirt in dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1000069, freeplane: bug filed
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Filed CVE-2018-7667 as #893668
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reference freeplane bug
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-7667 as no-dsa
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add note on python-django
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8088/libslf4j-java
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add more references for CVE-2018-8088/libslf4j-java issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-8088/libslf4j-java
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add and take polarssl in dsa-needed
Sebastien Delafond
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reference commit related to CVE-2018-1000071
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2018-1063/policycoreutils
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2018-1080/dogtag-pki
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add pagure.io reference for CVE-2018-1080/dogtag-pki
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1080/dogtag-pki bug reference
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-888{1, 2, 3}/nasm issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] dsa-needed.txt: python-django (luciano)
Luciano Bello
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA-4147-1 for polarssl (CVE-2017-18187 CVE-2018-0487 CVE-2018-0488)
Sebastien Delafond
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] exempi: Three CVE do not affect Wheezy
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1310-1 for exempi
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] web2py removed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] mercurial fixed in sid
Julien Cristau
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] gksu removed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] libxfont1 has been removed
Julien Cristau
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1063, policycoreutils: Mark as no-dsa in Wheezy.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add calibre to dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-7752, gpac: Wheezy is not affected
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-8768, Ipython: Mark as no-dsa for Wheezy.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add ipython to dla-needed.txt with some notes.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new tiff issue
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new linux issue
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Use YYYYMMDD, not YYYDDMM (!!)
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] claim libvorbisidec
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] claim mupdf
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2017-18241: Use shortcut URL (and as used for kernel-sec fixes trackings)
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-807{3, 4}/yii, itp'ed: #597899
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] gitlab fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1311-1 for adminer
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Add one more yii CVE
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-8768: Lowercase source package name
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] node-ssri fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] ruby-loofah fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Record proposed update for adminer for jessie-pu
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-1001001/pluxml as fixed via unstable upload
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-11333 as fixed with libvorbis unstable upload
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2017-11333 for DSA-4113-1
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-8905/tiff
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1312-1 for libvorbisidec
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1313-1 for isc-dhcp
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] exempi, obs no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] kamailio, plexus-utils2 DSAs
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1000069, freeplane: Link to patch
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim freeplane in dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] unify error message generation: librelp and rsyslog
Luciano Bello
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1314-1 for simplesamlphp
Thijs Kinkhorst
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2018-1000051 as not-affected for Wheezy
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] mupdf CVEs not-affected or no-dsa
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new binutils issue
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new libav issues
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] NFU from external check
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] gitlab bug
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] icu DSA
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-8945, binutils: Mark as no-dsa for Wheezy.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add libraw to dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add memcached to dla-needed.txt with NOTES.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add mosquitto to dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add sdl-image1.2 to dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add slurm-llnl to dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim mosquitto in data/dla-needed.txt
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1315-1 for libvirt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-5748, libvirt: Remove postponed entry.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] one patch not needed for Jessie
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1316-1 for freeplane
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim graphicsmagick in dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add libslf4j-java to dla-needed.txt and claim it.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1000140/librelp assigned
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] librelp fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Fix error from previous merge when merging CVE assigned for librelp
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add upstream bug reference for CVE-2018-8945
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry for CVE-2018-7711
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process CVE-2018-8957 as NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process two MISP NFUs
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process four nnew issues in i-librariaan, itp'ed: #649291
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add upstream references for i-librarian issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Correct some older i-librarian CVEs
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18247/libav
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18246/libav
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18245/libav
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000136/electron, itp'ed: #842420
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process CVE-2018-7502 as NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8964/ming
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8963/ming
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8962/ming
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8961/ming
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8960/imagemagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-8960/imagemagick fixed in unstable with 8:6.9.9.39+dfsg-1 upload
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-3741/ruby-rails-html-sanitizer
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-15710/apache2
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1312/apache2
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-15715/apache2
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1302/apache2
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1283/apache2
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1303/apache2
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1301/apache2
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-8971/gitlab assigned
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Triage radare2 for Wheezy.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add sam2p to dla-needed.txt.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add net-snmp to dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-3741/ruy-rails-html-sanitizer
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2014-1665/owncloud
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add one additional gitlab issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-9009/ming
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process new NFUs
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8970 for libressl specific issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-876{3, 4}/ldap-account-manager
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Consider CVE-2016-10714/zsh as no-dsa
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add sharutils to dsa-needed list
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1083/zsh
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-1071/zsh
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1000002/knot-resolver as no-dsa/ignored
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove knot-resolver fro dsa-needed list
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add ruby-loofah to dsa-needed list
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim net-snmp in data/dla-needed.txt
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] libav no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add apache2 to dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add ldap-account-manager to dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add apache2 to dsa-needed list
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1000140, librelp: Wheezy is not affected.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add ruby-rack-protection to dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] zsh no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Add libvncserver to dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add zsh to dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add xerces-c to dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reference commit for CVE-2018-7225
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-1083
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-1071
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7225/libvncserver
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2017-12627
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2017-1002102/kubernetes
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] +mupdf and +sharutils : luciano
Luciano Bello
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1090 as NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add new graphicsmagick issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] ntp fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new thunderbird issues
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2017-15107/dnsmasq fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: bin/report-vuln: Make the title a little cleaner.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1317-1 for net-snmp
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] dla: claim firefox-esr
Emilio Pozuelo Monfort
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] claim mercurial for DLA to cleanup my mess
Antoine Beaupré
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1318-1 for irssi
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove CVE-2018-7051 for DLA-1289-1 as the patch was missing and the issue thus not addressed
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: add squirrelmail to dsa-needed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2015-5621 and CVE-2018-1000116 are addressed with same patch (although two issues)
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove no-dsa entry for CVE-2015-5621
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] net-snmp needs an update in jessie
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: NFUs
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] add ldap-account-manager to dsa-needed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Follow Debian Security decision as the same version exist in wheezy.
Ola Lundqvist
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add reference to upstream advisory
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add librelp to dsa-needed list
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add note for gitlab
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Thunderbird issues fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Triaging result
Ola Lundqvist
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18248/cups
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Order one entry by source packages
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA number for librelp DSA
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2014-2048/owncloud
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-1000140: use https link
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] test package for dovecot available
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] claim mosquitto
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new exiv2 issues
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1319-1 for firefox-esr
Emilio Pozuelo Monfort
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] dla: claim thunderbird
Emilio Pozuelo Monfort
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] uwsgi in wheezy:not affected
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] remove uwsgi from dla-needed.txt
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Track issue for CVE-2018-8977 (although only affects experimental)
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] claim libvncserver in dla-needed.txt
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18249/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add new firefox issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] firefox-esr needs DSA
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-5148 fixed for firefox and firefox-esr
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1095/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1094/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1093/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1092/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-9055/jasper
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18254/imagemagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18253/imagemagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Take net-snmp from dsa-needed list
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18252/imagemagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18251/imagemagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18250/imagemagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new openssl issues
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] add references to upstream fixes
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add temporary short descriptions
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1320-1 for samba
Holger Levsen
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add entry for DSA-4152-1/mupdf
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-7489/jackson-databind fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1091/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-1091/linux
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: DSA-4152-1 mupdf
Luciano Bello
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: firefox DSA
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] ldap-account-manager issues fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] nm no-dsa
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add drupal7 to dsa-needed list
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add temporary item for drupal7
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add bug reference for drupal7 issue
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-9018, graphicsmagick: Link to patch.
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1321-1 for firefox-esr
Emilio Pozuelo Monfort
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim drupal in dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-8754/libevt
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark openssl fixes via unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-0739/openssl1.0 fixed via unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry for CVE-2017-3738, will be included in DSA
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reclassify CVE-2018-0733 according to maintainers update
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add openssl to dsa-needed list
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8718
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1327/libstruts1.2-java
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-9058/lrzip
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-9058/lrzip as no-dsa
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA number for net-snmp update
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1322-1 for graphicsmagick
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-8088/libslf4j-java fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1096/foreman, itp'ed
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] dla: claim tzdata / libdatetime-timezone-perl
Emilio Pozuelo Monfort
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1323-1 for tzdata
Emilio Pozuelo Monfort
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1324-1 for libdatetime-timezone-perl
Emilio Pozuelo Monfort
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Triage result.
Ola Lundqvist
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Drupal name change in dla-needed.txt.
Ola Lundqvist
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Triage results.
Ola Lundqvist
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7600 CVE id
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-8764/ldap-account-manager
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Revert "Update status for CVE-2017-3737, thanks Q_"
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Expland explanation for CVE-2017-3737
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reference patch for CVE-2018-7600
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add FAQ reference for CVE-2018-7600
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2017-3126/gimp fixed in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff
- [Secure-testing-commits] secure-testing-commits at lists.alioth.debian.org Receive a document
DocuSign
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1325-1 for drupal7
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Take care of drupal7 DSA
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA number for drupal7 update
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2017-12627/xerces-c
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add information on fix for CVE-2018-7600 in unstable
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1097/foreman
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add details for CVE-2018-1096
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add referencd for CVE-2018-9056, keep TODO until we decide how to handle the CVE id
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-0936/nextcloud
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Process some Cisco specific CVEs as NFU
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new nodejs issues
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-7320 does not affect wheezy
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add two new nvidia-graphics-drivers* issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: Claim php5 and xerces-c in dla-needed.txt
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1326-1 for php5
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1327-1 for thunderbird
Emilio Pozuelo Monfort
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Take openssl from dsa-needed list
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Record fixed version for the (unimportant) CVE-2018-0733
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-9018/graphicsmagick
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA for openssl issues
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] memcached: upstream contacted and has reproducer, claiming
Antoine Beaupré
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1328-1 for xerces-c
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DSA for openssl1.0
Salvatore Bonaccorso
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1329-1 for memcached
Antoine Beaupré
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] filed bug about memcached
Antoine Beaupré
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] lts wheezy claim
Antoine Beaupré
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] add note for libvncserver in dla-neeeded.txt
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] update note graphite2 in dla-needed.txt
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] lrzip unimportant
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add some missing dates to data/dla-needed.txt.
Chris Lamb
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new ruby issue
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1330-1 for openssl
Antoine Beaupré
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1331-1 for mercurial
Antoine Beaupré
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1332-1 for libvncserver
Abhijith PA
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] mark CVE-2018-7325 as not-affected for Wheezy
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] note apache2 fixes
Stefan Fritsch
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] follow security team with CVEs for wireshark
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] add ruby to dsa-needed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1333-1 for dovecot
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1334-1 for mosquitto
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] claim slurm-llnl
Thorsten Alteholz
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: ruby fixed
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new exiv issues
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2018-9018/graphicsmagick fixed version in unstable
László Böszörményi
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: new binutils issue
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] new ming issue
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: new logstash issue
Moritz Muehlenhoff
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1335-1 for zsh
Markus Koschany
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1336-1 for rubygems
Santiago R.R.
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1337-1 for jruby
Santiago R.R.
- [Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Claim sam2p and sdl-image1.2 in dla-needed.txt
Markus Koschany
Last message date:
Sat Mar 31 21:22:27 UTC 2018
Archived on: Sat Mar 31 21:22:30 UTC 2018
This archive was generated by
Pipermail 0.09 (Mailman edition).