May 2018 Archives by date
Starting: Tue May 1 04:35:47 BST 2018
Ending: Thu May 31 23:13:37 BST 2018
Messages: 768
- [Git][security-tracker-team/security-tracker][master] Update CVE-2018-10188 status
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Expand note for CVE-2018-7263
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ruby2.3 removed from unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update CVE-2017-16645 entry
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference to #897269
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-1o5{36,37,38,39,40}/wavpack: #897271
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Record wavpack issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] icinga2 bug
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] radare2 bug
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Two CVEs assigned for quassel issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10379/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] wirekshark/2.4.6-1 uploaded to unstable fixing several CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-6811/hadoop
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10195/lrzsz fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000199/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4187-1 for linux DSA (jessie)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update (stretch)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18264/phpmyadmin (PMASA-2017-8)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add jackson-databind to dsa-needed as proposed by maintainer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add description for CVE-2018-1000199
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add (yet to clarify) libreoffice issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2017-6888/flac
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixing version for CVE-2018-1308 of unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Record fixes for icinga2 via experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take jackson-databind in dsa-needed
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] note on hadoop CVE ID
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] another wireshark issue fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new matrix-synapse issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add commit reference for matrix-synapse
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Drop note for CVE-2016-6811
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 5 commits: readd xen
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reference blog article for matrix-synapse issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] update status for libreoffice
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] faad2 spu/ospu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10657/matrix-synapse assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10675/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Record proposed update for ghostscript via jessie-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] quassel DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference report for CVE-2018-1108/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo
- [Git][security-tracker-team/security-tracker][master] Claim calibre
Brian May
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10685/lrzip
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10689/blktrace
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-1072{1,2}/partclone
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] blktrace no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add upstream fix for issue in R Windows GUI
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add php5
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4190-1 for jackson-databind (CVE-2018-7489)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] mark CVE-2018-10689 as no-dsa for Wheezy
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4191-1 for redmine
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Mark redmine as EOL in jessie
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] new kwallet-pam issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Claim php5 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add more references for CVE-2018-10380
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add kwallet-pam to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take entry from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Slightly reorder entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-10685
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] take libmad and kwallet-pam
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new p7zip-rar issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add elasticsearch to removed-packages
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-10115
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: not support for non-free p7zip-rar
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Mark cacti no-dsa in wheezy
Brian May
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-10472/xen n/a in wheezy
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: remove xen
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: claim quassel
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: remove ruby1.9.1
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: claim phpmyadmin
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] claim cups
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] mark ocaml as no-dsa in wheezy
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 2 commits: use tabs
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-10689
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] packages/clamav: document more explicitly how to handle LTS updates
Santiago R.R.
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1370-1 for quassel
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1000179/quassel no-dsa on wheezy
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] remove ocaml from dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add note for kwallet-pam
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] partclone, gegl no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] libmad DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new libgxps issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove withdrawn CVE (from its CNA)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-10733
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup CVE-2016-5320 and CVE-2016-5875
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup four confirmed reservation duplicates for Joomla
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10754/ncurses
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1371-1 for tzdata
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1372-1 for libdatetime-timezone-perl
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10753/abcm2ps
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] partclone no-dsa on wheezy
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add bug reference for CVE-2018-10753/abcm2ps
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10017 as proposed for stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-10753/abcm2ps as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1313/derby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update some older NFUs in Apache Derby to track the derby source package
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-9336/openvpn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2015-1832/derby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2010-2232/derby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2009-4269/derby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2006-721{6,7}/derby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2005-4849/derby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for packagekit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Prepare DSA release for wordpress
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark CVE-2018-10753 as no-dsa for Wheezy
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for wordpress update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove tomcat9 from CVE-2017-12617
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Clarify status for CVE-2016-5397/thrift
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ncurses no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-100210{1,2}/kubernetes fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new HHVM issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reference upstream fixes for CVE-2018-10733/libgxps
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Record (some of) the fixes for openjdk-10
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] icinga2 2.8.4-1 uploaded to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] solr DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-10177,imagemagick: Mark as no-dsa for Wheezy. Minor issue.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-0494/wget
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-0494/wget
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-0494/wget fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU: CVE-2018-1047, Wildfly
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add wget to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1114,CVE-2017-12196,undertow: Fixed in unstable.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Record itp/rfp for wildfly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to announce for CVE-2018-0494
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add vim-syntastic issue, #894736
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference advisory for CVE-2018-0494
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark calibre CVE-2018-7889 in wheezy
Brian May
- [Git][security-tracker-team/security-tracker][master] Take firebird2.5
Brian May
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new abcm2ps bug
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10767/libgxps
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new bibutils non-issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add prosody issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new tiff issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new mp3gain issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] another mp3gain issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] another mp3gain issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] two additional bibutils issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new webkit issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] update webkit2gtk for WSA-2018-0004
Jeremy Bicha
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-10771
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add source package for CVE-2018-10779
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-10767
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug references for bibutils issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1089/389-bs-base
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-1089
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two CVEs for brave-browser, itp'ed: #864795
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Move move NFUs for Brave Browser to source tracking entry
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Severe enough to fix.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] claim wget in dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1119/haproxy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-1119/haproxy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Expand note for CVE-2017-12165
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10801/tiff
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for wget
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove undertow from dsa needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark undertow as no-dsa, will be removed at point release
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1108 as unfixed, various regressions reported and fix will be reverted
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8897/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add xen for CVE-2018-8897
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1087/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add references to kernel issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: End of life.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10804/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream bug reference for CVE-2018-10804
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2018-10805/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-10805
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1118/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-4944 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1127 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-14160: link to upstream fix
Guido Günther
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup haproxy entries after CVE-2018-1119 rejection in favour of CVE-2018-10184
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process three NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO for CVE-2018-10184
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add dnsreplay DoS
Yves-Alexis Perez
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1046 n/a for jessie
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-1046
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10549,php5: Wheezy is not affected. Vulnerable code not present.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1373-1 for php5
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10546,php5: Wheezy is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] wavpack DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2017-18265/prosody assigned for #875829
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] prosody DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] hhvm fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Claim glusterfs in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-10768/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-10768 as no-dsa for jessie
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10940/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two new CVEs for wildfly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new firefox-esr issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new firefox issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add firefox to dsa-needed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: claim firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-5158 for src:firefox and link directly to texts
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] firefox-esr fixed in unstable with 52.8.esr-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-3719/node-mixin-deep
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1130/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixing version for CVE-2018-1130/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-3719
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add xdg-utils issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Prefix commit for xdg-utils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new tiff issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-18266/xdg-utils assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add details for CVE-2018-1115
Christoph Berg
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-10963
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18267/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Record experimental fixes for two libpodofo CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2017-18267
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage result.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-17973 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: firefox DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-10779
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage results.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Record experimental upload of firefox 60.0-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-10754/ncurses
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] claim xdg-utils in dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage results.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add missing attribution/date to note.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10981/xen assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10982/xen assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new entry for incomplete fix for lilypond issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1374-1 for firebird2.5
Brian May
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1375-1 for wget
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1376-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two new flif issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: claim xen
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug references for flif issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-1118/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Adding blender even though I'm not sure.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add missing date and note attribution.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Consistently format the file. Dat CDO.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] dla: take libmad
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Record fixing version for lilypond issue (incomplete fix for CVE-2017-17523)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct tracking of firefox fixes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7442
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 5 commits: Record three more CVEs fixed with mariadb-10.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for mariadb-10.1 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for further mariadb-10.1 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Various leptonlib issues fixed with 1.76.0-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-5747
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-7226
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference commit for CVE-2017-14160
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2017-14633
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-14160, CVE-2018-10392 and CVE-2018-10393 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10992/lilypond assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Expand TODO for CVE-2018-0765
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update TODO item for CVE-2018-1039
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark for now CVE-2018-10780 as undetermined
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Two libgit2 issues fixed with exerpimental upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream fix for CVE-2018-8905
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference fix for CVE-2018-10963
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-10963 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update libtiff entry in dla-needed
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Reference fix for CVE-2018-1000200
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Spice in wheezy is affected. The question is whether it is worth fixing in wheezy or not.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Revert "Spice in wheezy is affected. The question is whether it is worth fixing in wheezy or not."
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-12194 as unfixed (changing from undetermined)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2017-12194
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2017-12194/spice-gtk: #898503
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new jasper non issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Found that spice-gtk is not affected as the demarchal.py file that was…
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] front-desk
Luciano Bello
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Claim DLA numbers for tiff and tiff3 updates
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Update lame entry in dla-needed
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Mark several ming issues not-affected in Wheezy
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Mark ming CVE-2018-8807 not-affected in Wheezy
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Mark ming CVE-2018-8806 not-affected in Wheezy
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Remove tiff & tiff3; they were released as DLA-1377-1 and…
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add #efail CVE numbers
Yves-Alexis Perez
- [Git][security-tracker-team/security-tracker][master] add clients vulnerable to s/mime efail according to paper
Yves-Alexis Perez
- [Git][security-tracker-team/security-tracker][master] pdns fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add bug number for efail packages
Yves-Alexis Perez
- [Git][security-tracker-team/security-tracker][master] new ming issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage tiff for LTS
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] new exiv issues (currently pending upstream investigation)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] knot-resolver fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] kwallet-pam DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new kfreebsd issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1088,glusterfs: Wheezy is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1088,glusterfs: Jessie is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Remove glusterfs from dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] apache spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] syntax
Henri Salo
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10196/graphviz
Henri Salo
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo
- [Git][security-tracker-team/security-tracker][master] Mark ming CVE-2018-7877 not-affected in wheezy
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Fix syntax errors in my ming triage work
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Update ming & lame dla-needed entries
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Correct "investigation" typo. ;)
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new ming issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new ming issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add note for evolution efail bug
Yves-Alexis Perez
- [Git][security-tracker-team/security-tracker][master] new libav issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] libspring-java not affected in wheezy - vulnerable broker code introduced in…
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] mark CVE-2018-1111 as NFU
Yves-Alexis Perez
- [Git][security-tracker-team/security-tracker][master] xen DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: new old chromium CVE ID from RH external check
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs from external check
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark ming CVE-2018-7874 fixed in Wheezy
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new spring issues, spring NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-12194 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct ming version (missing epoch)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two new curl issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO item for CVE-2018-10196
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-10196
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1000300/curl does not affect stretch as well
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add curl to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage curl for LTS
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1000300 (curl) not affected in wheezy; vulnerable code introduced in 7.54.1.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add Debian bug for CVE-2018-1000301 in curl.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1379-1 for curl
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1000300: Order entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new tomcat issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve curl DSA
Alessandro Ghedini
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup CVE-2017-7473
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11211/tinyxml2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference fix for CVE-2017-8845
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference merge for CVE-2018-1000135
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add commit for CVE-2018-5650
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1000155
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-3750/node-deep-extend
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix version for xen DSA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add two new ming issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-11033 associated with xpdf and unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] graphviz no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add enigmail to dsa-needed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-8768 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lrzip, libgxps no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-8014 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-8014: add reference to upstream bug
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-8014: #898935
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim tomcat7 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] vlc DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Take imagemagick in dsa-needed
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] krb5 no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] poppler no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] fmtlib non-issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] derby fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] freeipa non-issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add procps and linux CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix URL for CVE-2018-1120
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-10196 (graphviz) for wheezy.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage enigmail for LTS
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add lrzip fixed version in unstable to relevant issues
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Add reference to Qualys report
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Record descriptive information about qualys issue to identify until description updated
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to named patches
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-11230 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-17670 as end-of-life for jessie
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Record three issues in vcftools
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] prosody/jessie n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: add thunderbird to dsa-needed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] claim enigmail in dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] dla: claim thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Report vcftools CVEs upstream (since reporter did not inform upstream)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1380-1 for libmad
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Process a couple of NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-11202, CVE-2018-11203, CVE-2018-11204, CVE-2018-11205,…
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] add procps to dsa-needed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add mariadb-10.0 to dsa-needed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11232/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add terminating bracket
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-8015 as NFU (Apache ORC)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Follow dsa need for jessie for mariadb-10.1 in stable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark fixed version for CVE-2018-0737/openssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] blktrace proposed for jessie- and stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] vcftools no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1121/linux as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] exiv triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4204-1 for imagemagick (CVE-2017-10995, CVE-2017-11533,…
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] nova fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] unimportant scala issue fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Adjust version to 2:17.0.0-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Drop some no-dsa/postponed items for qemu/stretch as proposed by aintainer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Two more CVEs included in proposed debdiff
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ruby-ox no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18270/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] reserve DSA ID for jessie EOL
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-11210
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] curl issues are fixed in sid
Alessandro Ghedini
- [Git][security-tracker-team/security-tracker][master] libzypp bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] calibre no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new podofo issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11251/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11237/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11236/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2017-18269, git-fixes updates in 2.27-3 includes fix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] glibc bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18273/imagemagick, fix included in 8:6.9.9.34+dfsg-3 upload to unstable first
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18272, already fixed in unstable upload as 8:6.9.9.34+dfsg-3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18271/imagemagick, fixed in unstable already with 8:6.9.9.34+dfsg-3 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new upx-ucl issue, but keep TODO since not closer verified
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Adjust source package name to libpodofo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] fix typo
Henri Salo
- [Git][security-tracker-team/security-tracker][master] two new issues in bind
Michael Gilbert
- [Git][security-tracker-team/security-tracker][master] chromium fixed
Michael Gilbert
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage procps for LTS
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2018-573{6,7}/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track new libjpeg9 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Explicitly track source package for qemu for CVE-2017-5715
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-11210 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add thunderbird CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-17689 as fixed for thunderbird with 1:58.0-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add as well kf5-mesagelib for CVE-2017-17689
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add one more source package to track as cloned from kmail bug
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark unixodbc issues as fixed with unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Two potrace issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] claim procps in dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] xdg-utils fixed in unstable
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for for amd64-microcode updates in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2017-18266
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for procps issues (#899170)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add simple .gitlab-ci.yml file to check syntax on commit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove python-apsw for syntax-check job
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVe-2018-6562 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO item
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-11243 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] check-syntax: don't install recommends and list ca-certificates
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-11243/upx-ucl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Record fixed version for procps
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2018-112{2,3,4,5,6}/procps, #899170
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update note for dsa-needed list for packagekit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process three NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reduce depth of fetching to only 10 commits
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-11239 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-11319/vim-syntastic assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process another NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Disable shallowing of git clone for now
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10689/blktrace fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new dolibarr issues from oss-security
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add short (temporary) descriptions for dolibarr issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gitlab DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Revert "Process three NFU"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8012/zookeeper
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8010/lucene-solr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-3639Add CVE-2018-3639Add CVE-2018-3639
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-3640
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add microcode packages for tracking to spectre v3a and v4
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dsa-needed list: Update thunderbird entry
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Adjust source package name to amd64-microcode
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new r-cran-haven issues (via embedded ReadStat copy)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take packagekit from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for packagekit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add note dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reference directly qualys report for CVE-2018-112{0..6}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for procps update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add xen to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-8014,tomcat7: Wheezy is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Remove tomcat7 from dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add imagemagick to dla-needed.txt and claim it.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] drop wavpack, already released
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new radare issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] remove TODO for "efail", all clients mentioned in advisory covered
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-8012,zookeeper: Add bug reference and more information.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim zookeeper in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] older r-cran-haven issue fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dsa-needed.txt: xdg-utils (luciano)
Luciano Bello
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2018-5698
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-1136{4,5}/r-cran-haven
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dsa-needed.txt : santiago will prepare a libidn update
Santiago R.R.
- [Git][security-tracker-team/security-tracker][master] Add new wireshark issues, all need to be closer checked
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup trailing whitespaces
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] take xen
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Wheezy and Jessie not affected by CVE-2018-9266
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-8013/batik
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-8013/batik
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-18272,imagemagick: Wheezy is not affected.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1381-1 for imagemagick
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Wheezy and Jessie not affected by CVE-2018-9273
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Wheezy, Jessie and Stretch not affected by CVE-2018-9274
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] initial wireshark triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] follow security team for some wireshark CVEs
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Wheezy and Jessie not affected by CVE-2018-9264
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] add strongSwan CVE (no-dsa)
Yves-Alexis Perez
- [Git][security-tracker-team/security-tracker][master] Wheezy, Jessie and Stretch not affected by CVE-2018-11354
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: Order entries top-down
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-11355
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11396/epiphany-browser
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-11396
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] more wireshark triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] epiphany fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11410/liblouis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new linux issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-11410
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-1339/tika
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE assigned for ext4 issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000040/mupdf, fixed in 1.13.0+ds1-1 (1.13.0 upstream)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000039, fixed in 1.13.0+ds1-1 (1.13.0 upstream)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000038/mupdf, fixed in 1.13.0+ds1-1 (upstream 1.13.0)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000037/mupdf, fixed in 1.13.0+ds1-1 (in upstream 1.13.0)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1000036/mupdf, unfixed yet
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO item for liblouis (handled in bug)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new dolibarr issue (CVE-2018-9019)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2018-8012,Wheezy: ignored
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-5388,strongswan: no-dsa for Wheezy
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Triage radare2 for Wheezy.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-11410,wheezy,jessie: unaffected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Sort entries top-down
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for the unstable upload of phpliteadmin fixing CVE-2018-10362
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10840/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track status for CVE-2018-10840
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird, xen DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new HHVM issue (n/a)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new undertow issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Follow CVE-2016-4993 as well for src:undertow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] glibc no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1382-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1383-1 for xen
Felix Geyer
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-11416
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixing version for CVE-2018-11410
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-8013,batik: Link to upstream bug report and patch.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1384-1 for xdg-utils
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Cleanup note for CVE-2018-5711 (typo in advisory clearered)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-11410/Liblouis as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-17689 as unfixed for unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: claim firefox-esr for ESR 60
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add note for xdg-utils in dsa-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] CVE-2018-8013,batik: Fixed in unstable.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1385-1 for batik
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add liblouis for stretch-pu pending
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] at least Stretch is affected by CVE-2018-11362
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] cups in Wheezy not affected by CVE-2017-15400
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add moodle issues CVE-2018-113{3,4,5,6,7}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11469/haproxy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-11469/haproxy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: DSA-4211-1 xdg-utils
Luciano Bello
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11440/liblouis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-11440
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark ming memory leaks ignored in wheezy
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Claim DLA-1386-1 for ming
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11468/discount
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-10842 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-1087
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2018-1039 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync status on linux CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-9503 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2018-10112
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add gitlab to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for gitlab regression update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Finalize sentence
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1000036/mupdf as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-1000036
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2017-5188/open-build-service
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-11469/haproxy fixed in unstable (#8900084)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2017-5188
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-11360 does not affect Wheezy and Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] LTS: update status of apache2
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2017-16539/docker.io
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2017-18252
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2017-15019
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1387-1 for cups
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2017-14992 and add golang-github-vbatts-tar-split
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2017-12155/tripleo-heat-templates
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2017-12155
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream issue reference for CVE-2017-12098
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2017-12098
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two more issues in discout
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] discount: reference directly the reproducing file to better identify the CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11499/libsass
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-11499
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-11499 as not-affected for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark CVE-2018-9244 and CVE-2018-10379 as not-affected for stretch
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-14992 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixing version for linux CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] two imagemagick issues ignored
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] remove amd64-microcode entries for two recent spectre updates,
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add intel-microcode to dsa-needed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Triage mupdf for Wheezy.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add fixing version for CVE-2017-15105/unbound via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for sssd update for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11506
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-11507/flif
Henri Salo
- [Git][security-tracker-team/security-tracker][master] Wheezy and Jessie not affected by CVE-2018-11361
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] claim tiff(3)
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] Add redmine for regression update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new strongswan issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add additional references for CVE-2018-5388 and CVE-2018-10811
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add zookeeper to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11508/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take qemu from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new lrzip issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1388-1 for wireshark
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add information for CVE-2016-4993
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-10843 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream reference for CVE-2018-1067
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1075 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: NFU
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add more information for CVE-2018-114{89,90}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new exiv issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2018-11531: Add reference to upstream issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] libzypp fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 3 commits: Jessie not affected by CVE-2017-15400
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11496/lrzip fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2017-10794 and CVE-2017-17913 for graphicsmagick in Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1123{3,5}/git
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gitlab regression update released
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add git to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference fixes for CVE-2018-11496/lrzip
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO item for CVE-2017-15400
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-11233 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixing versions for git for CVE-2018-11233
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference announce for git update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for git as prepared by Jonathan Nieder
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11439/taglib
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for qemu update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark libav not affected by CVE-2018-9841
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Update dla-needed entries for ming, lame and libav
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add fixed version for libraw upload to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixing version for CVE-2018-10155/p7zip-rar
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2018-7320 does not affect Jessie as well
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1389-1 for apache2
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] quickly triage git in LTS
Antoine Beaupré
- [Git][security-tracker-team/security-tracker][master] 2 commits: patch available for liblouis, triage in LTS
Antoine Beaupré
- [Git][security-tracker-team/security-tracker][master] CVE-2015-7313: unreproducible with tiff in wheezy
Holger Levsen
- Processing 878bf615e9412f29522dbbf9e78082904af8bed2 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] fix typo (and have installed the commit hook now)
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add NFUs for Libmobi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-16010
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2015-9244/node-mysql assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] chromium fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove CVE-2018-6146 as not (yet) listed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and take batik in dsa-needed
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa entries (issue will be fixed along with DSA)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Make the security tracker relocatable to another base URL
Raphaël Hertzog
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2018-11577/liblouis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark ngiflib issues as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Generalize the code to fetch Packages/Sources updates
Raphaël Hertzog
- [Git][security-tracker-team/security-tracker][master] also cant reproduce CVE-2017-7313 on jessie
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] Revert "also cant reproduce CVE-2017-7313 on jessie"
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add some common update-* aliases for convenience
Raphaël Hertzog
- [Git][security-tracker-team/security-tracker][master] Revert the try to have clean progress information during update-* targets
Raphaël Hertzog
- [Git][security-tracker-team/security-tracker][master] Add new prosody issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add ca-certs to lts
Antoine Beaupré
- [Git][security-tracker-team/security-tracker][master] Process two more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1390-1 for procps
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] Add bug reference for gitlab issues, #900522
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add prosody bug reference: #900524
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup CVE-2018-9131
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11625/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11624
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1391-1 for tiff
Holger Levsen
Last message date:
Thu May 31 23:13:37 BST 2018
Archived on: Thu May 31 23:13:40 BST 2018
This archive was generated by
Pipermail 0.09 (Mailman edition).