November 2018 Archives by thread
Starting: Thu Nov 1 03:33:52 GMT 2018
Ending: Fri Nov 30 23:09:21 GMT 2018
Messages: 804
- [Git][security-tracker-team/security-tracker][master] LTS/claim mysql-5.5
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2018-18883/xen assigned for XSA-278
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Four curl issues fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18849/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-18849/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] exiv spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] mark CVE-2018-1199 as no-dsa in jessie
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] mark CVE-2018-1257 as no-dsa in jessie
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] unclaim openjdk-7, taking one package at a time
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1563-1 for tzdata
Santiago R.R.
- [Git][security-tracker-team/security-tracker][master] confirm CVE-2018-13982 N/A in jessie
Antoine Beaupré
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16831 also N/A in jessie
Antoine Beaupré
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1564-1 for mono
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2009-0689,mono: Remove no-dsa tag.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] glusterfs, link to fixing commits
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add systemd to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reference fix for CVE-2018-14661/glusterfs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream fix for CVE-2018-17972/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2018-14659/glusterfs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-15688,network-manager: Jessie is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2018-14654/glusterfs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add commit references for CVE-2018-14652
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16789:shellinabox, no-dsa for Jessie, minor issue.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add openssl to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add reference for CVE-2018-14651
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-16840,curl: Jessie is not affected.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add squid3 to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18820/icecast2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: new thunderbird issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] gitlab n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-18820/icecast2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new libsdl2-image issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug references for CVE-2018-3977 SDL image issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add informatin on CVE-2018-5407
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Four CVEs fixed via unstable upload for thunderbird
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Michael Gilbert
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-16847/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-16847/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status on CVE-2018-16847/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2018-18820/icecast2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18897/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2018-14660/glusterfs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Drop smarty3. CVE-2018-16831 does not affect jessie.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] claim salt
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Unclaim libdatetime-timezone-perl in dla-needed. Work on a single package at a time
Santiago R.R.
- [Git][security-tracker-team/security-tracker][master] Add curl to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Expand TODO item for CVE-2018-5407
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add icecast2 to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add sdl-image1.2 and libsdl2-image to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add two u-boot issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] curl DSA
Alessandro Ghedini
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-16849/mistral
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-16849/mistral
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mistral no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18915/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ruby2.3 update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qemu: ignore CVE-2015-8817, CVE-2015-8818. add regression note about CVE-2017-11334
Santiago R.R.
- [Git][security-tracker-team/security-tracker][master] mgetty issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-14652,glusterfs: Link to fixing commit.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1565-1 for glusterfs
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim curl in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] u-boot unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] apache spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] resolve knot-resolver
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] ffmpeg fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add additional reference to review commit for CVE-2018-14652
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2018-5407
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] mark CVE-2018-1270 as not-affected in jessie
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] triage libspring-java for jessie
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] remove libspring-java and claim icecast2
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Sort suites order
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1272: sort entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new mariadb issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for mariadb-10.0 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-14654,CVE-2018-14660,glusterfs: Jessie is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-4022,mkvtoolnix: Link to fixing commit.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add mkvtoolnix to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove mkvtoolnix from dla-needed.txt again.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] crossroads removed from unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add libapache-mod-jk to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add mariadb-10.0 to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] icecast, mupdf DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add mysql-connector-java to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add jasper to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-3258,mysql-connector-java: Reference Debian bug.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add fixed version for mariadb-10.1 in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2018-3977/{libsdl2-image,sdl-image1.2}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18928/icu
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2018-18928/icu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] For time beeing mark icu as unfixed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2018-11759/libapache-mod-jk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: reclaim firefox
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1566-1 for mysql-5.5
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1567-1 for gthumb
Herbert Parentes Fortes Neto
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1567-1 for gthumb - fix package version
Herbert Parentes Fortes Neto
- [Git][security-tracker-team/security-tracker][master] Reference Debian bug for glusterfs issues.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Correct DLA-1567-1 entry (add source package name)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-16849/mistral
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove one postponed tagged entry which had an update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-16470/ruby-rack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-16471/ruby-rack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-16470/ruby-rack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-16471/ruby-rack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note to icecast2 in dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18956/suricata
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/claim openssl
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add and claim icu
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add poppler fix
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: take thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add missing CVE ID for Chromium
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Claim squid3 in dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1568-1 for curl
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Three curl CVEs were adressed in recent DLA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reorder listing for contact adresses
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Claim jasper in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] new nginx issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: take mariadb
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Update commit references for CVE-2018-14654/glusterfs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-14652/glusterfs fixed in unstable with 5.0-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update commit for CVE-2018-14660/glusterfs (still under review upstream)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add short descriptions for nginx issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-1684{3,4,5}/nginx
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2014-10077/ruby-i18n
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two IBM NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2014-10077/ruby-i18n
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-18778
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] nginx fixes
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Process two new NFUs in Apache Syncope
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18954/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim tiff
Brian May
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-14667
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two entries related to amanda
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-14644/pdns-recursor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-14626/pdns-recursor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-14626/pdns
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10851/pdns-recursor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10851/pdns
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19052/lighttpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: new vbox issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add bug reference for virtualbox issue for tracking
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add further xml-security-c issue distinct from #905332
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-1684{3,4,5}/nginx via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add gettext upstream fix
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: update firefox/thunderbird status
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: take libdatetime-timezone-perl
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1569-1 for libdatetime-timezone-perl
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1570-1 for mariadb-10.0
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] linux n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] some bugs filed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] zziplib, audiofile bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add bug reference for tracking gettext (negligable) issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add nginx to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19058/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19059/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2018-19058/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19058/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19060/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19059/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19060
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1569-2 for libdatetime-timezone-perl
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1571-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2018-3977 (libsdl2-image, sdl-image1.2) for stretch as per private correspondence w/jmm)
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Order source package name entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1724{5,6}/kibana
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Traige CVE-2018-16843 (nginx) for jessie; HTTP 2.0 support added later.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-16844 (nginx) for jessie LTS; HTTP 2.0 support added later.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage nginx for jessie.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: Correct "negligible" typos.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Sort entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process three NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-14663/dnsdist
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-14663/dnsdist
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-14988/openexr as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qemu triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-16850/postgresql
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1572-1 for nginx
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] two n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16850/postgresql-11 fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19108/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19108/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19107/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19107/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] nginx DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new xen issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Claim the last weeks of 2018 for LTS front desk
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add short description for XSA-282
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add ansible to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Precheck candidates for 9.6 inclusion
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19105/librecad
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add four new keepalived issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2018-19105 (librecad) for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage pdns for jessie.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] rust fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Sort entries top-down
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] squid CVEfied
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information on virtualbox issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark virtualbox for now as unfixed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new otrs issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] pdns fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new libav issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] pdns-recursor fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dnsdist fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Adjust information on one otrs2 issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream bug references for CVE-2018-191{28,29,30}/libav
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add assigned CVEs for otrs2 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: fix CI: do not try to checkout a branch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Preliminary merge CVE-2018-13406
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2018-19139/jasper
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Record two propups to unstable as same version in unstable and stable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gitlab and knot-resolved acked for removal from stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync proposed update list with updates really included in point release
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove ignored tag for CVE-2018-11645/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim pdns and add note to squid3
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2018-11723
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ghostscript update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] update notes
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] takeover coordinated with Roberto, same version in jessie and wheezy
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 7 commits: fix usage help for --verbose flag, obvious copy-paste error
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19148/caddy, itp'ed, #810890
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19149/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-18751/gettext
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1573-1 for firmware-nonfree
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage xml-security-c for jessie.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add fixed version for virtualbox issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] remove n/a for ansible
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new chromium issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] three keepalived issues unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add bug references for ceph issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-15751/salt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-15750/salt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Use the namedtuple class supplied with Python
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix for CVE-2018-1129 included in 12.2.8 upstream
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix for CVE-2018-1128 included in 12.2.8 upstream
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10861/ceph fixed with 12.2.8 upstream
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qemu DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track pending fixes for stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-19052 (lighttpd) for jessie.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa entry for CVE-2017-7519/ceph
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1574-1 for imagemagick
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19052
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: claim openjdk-7
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: Annotate CVE-2018-18928 as not affecting jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS/Claim libapache-mod-jk
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] NFUs, one ITP
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1575-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1576-1 for ansible
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1577-1 for xen
Felix Geyer
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18955/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add workaround entry for XSA-282
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove mysql-connector-java from dla-needed.txt, no remaining open CVEs
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19205, CVE-2018-19206
Henri Salo
- [Git][security-tracker-team/security-tracker][master] Update inforamation for CVE-2018-19205/roundcube
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-19206/roundcube
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Start tracking still openssl under CVE-2018-5407
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18928/icu fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Add two libsass issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19217/ncurses
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19216/nasm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new nasm issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2018-19120/kio-extras
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-16856/octavia
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking for another nasm issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference proposed MR For CVE-2018-12900
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] kio-extras no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track three CVEs for uriparser
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] nasm unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add libapache-mod-jk to dsa needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new vmxnet3 issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2015-5221,jasper: Link to fixing commit
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Move CVE-2018-698{1,2} to NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] enigmail progress updates in jessie
Antoine Beaupré
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1578-1 for spamassassin
Antoine Beaupré
- [Git][security-tracker-team/security-tracker][master] LTS: claim systemd while i wait for more feedback on enigmail/gpg
Antoine Beaupré
- [Git][security-tracker-team/security-tracker][master] Triage results.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Triage result.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] ceph DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Adjust one CVE id for ceph
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19210/tiff
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19210/tiff
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-15978 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process three NFUs for Keycloak
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19208/libwpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19208/libwpd and mark as low
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Claim ruby-rack.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove bin/split-by-year as its printfs mangle data (\chars) and safe scripts…
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new ckeditor issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] remove pdns from dla-needed.txt, related to f1bf7a9d9249f276b136372030f2cfcf2f67c699
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add missing DLA and CVE to the list
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] add note to squid3 in dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] claim keepalived
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] fc1638e3435f1ace2d9e84e58464c0362bfe99a2: it was DSA-3625-1
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Update entry for ckeditor, this was assigned CVE-2018-17960
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update tracking information for CVE-2018-19270
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process one Intel NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2011-2767/libapache2-mod-perl2 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove postponed entries for mariadb-10.1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-17187/qpid-proton
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker] Pushed new branch users/rrs/mergerfs
Ritesh Sarraf
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19039/grafana
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][users/rrs/mergerfs] Mark it with <unfixable>
Ritesh Sarraf
- [Git][security-tracker-team/security-tracker][master] 4 commits: Add mergerfs to the list, that uses an embedded copy of fuse
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker] Deleted branch users/rrs/mergerfs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim uriparser in dla-needed.txt
Lucas Kanashiro
- [Git][security-tracker-team/security-tracker][master] CVE-2018-0734 does not affect Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add proposed update for mistral via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-9274/harfbuzz
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19278/asterisk (AST-2018-010)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take mariadb-10.1 from dsa-needed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-{19198,19199,19200}/uriparser (#913817)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-17187/qpid-proton as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update openjpeg2 entry in dla-needed
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Track fixes via unstable in 5.1-1 for glusterfs issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information of (ancient) GlusterFS issue CVE-2012-5635
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2011-2767/libapache2-mod-perl2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one .dotnet CoreFX specific CVE as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-17478/chromium-browser fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] userns issue n/a for stable/oldstable
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add note
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] gitlab fixed in experimental
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: claim harfbuzz
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 3 commits: qemu in jessie: tag CVE-2016-7466 not affected, CVE-2016-9923 ignored, CVE-2017-12809 not affected
Santiago R.R.
- [Git][security-tracker-team/security-tracker][master] uriparser spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] libapache2-mod-perl2 spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] asciidoctor bug
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] soundtouch bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] libbson bug
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] triagge some qemu bugs in jessie. follow secteam.
Santiago R.R.
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19296/libphp-phpmailer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19296/libphp-phpmailer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2018-16859/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track CVE fixed for gitlab after experimental -> unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-18956/suricata
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track CVE-2018-10846/gnutls28 as fixed in unstable and stable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove gnults28 from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mongo-c-driver embeds libbson and does use the embedded copy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking of mongo-c-driver for CVE-2018-16790
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add clarifying note on libbson and mongo-c-driver
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-15686/systemd via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage result for undetermined.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim libphp-phpmailer
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Partially revert "Triage result for undetermined."
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2017-12426/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-19216/nasm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: Update CVE-2018-19216/nasm and mark it as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Record fixing commit for CVE-2018-10016/nasm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10254/nasm fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-8882/nasm fixed via new upstream version in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-8883/nasm fixed via new upstream version in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1000667/nasm fixed in unstable via 2.14-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10316/nasm fixed in unstable via 2.14-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16382/nasm fixed in unstable via 2.14-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16517/nasm fixed in unstable vie 2.14-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16999/nasm fixed in unstable via 2.14-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19209/nasm was adressed in unstable via new upstream version upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19214/nasm adressed with 2.14-1 upload to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19215/nasm adressed in unstable with 2.14-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-4022/mkvtoolnix does not affect stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove mkvtoolnix from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19358/gnome-keyring
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFU (libansilove)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2008-7320/seahorse
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1935{1,2}/jupyter-notebook
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] uriparser fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] libapache-mod-jk status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] change status of CVE-2018-0734 in Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add ceph for regression update to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE: update openjpeg2 cve notes
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] do not crash if --unclaim is not specified
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim DLA-1579-1 for openjpeg2 lts update
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] update openjpeg2 dla-needed entry
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Adjust entry for DLA-1579-1/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19274/phpbb3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] unclaim enigmail
Antoine Beaupré
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for mariadb-10.1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1580-1 for systemd
Antoine Beaupré
- [Git][security-tracker-team/security-tracker][master] Remove one postponed entry included in update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2014-10077 as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: jasper: Remove no-dsa tags. These issues will be fixed in an upcoming DLA.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18661/tiff fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19358/gnome-keyring
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-17479/chromium-browser
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Four CVEs fixed in experimental for gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes for elfutils in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19359/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-19359/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Unclaim tiff for now
Brian May
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19364/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU / duplicate
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1581-1 for uriparser
Lucas Kanashiro
- [Git][security-tracker-team/security-tracker][master] CVE-2017-13748,jasper: Link to upstream bug report.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2016-8884,CVE-2016-8885,jasper: Link to fixing commits.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: add NOTE to openssl
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] new xen issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Claim tiff in dla-needed
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] unclaim libav as per Message-ID: <20181120164621.GB3079 at hle-laptop.local>
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18544/graphicsmagick fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1582-1 for liblivemedia
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-18873,jasper: Jessie is affected but mark the issue as postponed
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2017-6852,jasper: Update NOTES.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2016-8886,jasper: Clarify impact and status of issue.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1583-1 for jasper
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim otrs2 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2015-5297/pixman
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fix for CVE-2018-19359/gitlab via experimental upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16471/ruby-rack proposed via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2014-10077/ruby-i18n fix proposed via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19407/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19406/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new php issues, might be Windows-specific, needs further investigation
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1584-1 for ruby-i18n
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Correct patch URL for CVE-2018-16471 (ruby-rack) for the 2.x branch.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] qemu in jessie, call for testers sent
Santiago R.R.
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19387/tmux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2014-10077/ruby-i18n fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16471/ruby-rack fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add liblivemedia to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] take liblivemedia
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1585-1 for ruby-rack
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Mark php7.2 as removed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] claim pixman
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for tmux bug
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19387
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19409/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove one not-trackable entry for amanda
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1586-1 for openssl
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DSA for ceph regression update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] update tiff entry in dla-needed
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2018-18409/tcpflow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes for some linux issues updated in sid branch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-16854/moodle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new tryton-client issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new webkit issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19416/sysstat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2015-5297: add patch that was finally used by upstream
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1587-1 for pixman
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 3 commits: inline explanation for why a package is unclaimed
Antoine Beaupré
- [Git][security-tracker-team/security-tracker][master] drop mariadb, all fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] minihttpd fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2018-19058 of poppler as minor issue
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] two PHP issues n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] openssl fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new libsndfile issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] amanda non-issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE for tryton-client issue assigned by MITRE
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim ghostscript in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19432/libsndfile
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19416/sysstat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-19358,gnome-keyring: no-dsa for Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-19274,phpbb3: Link to fixing commit
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add ghostscript to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1588-1 for icecast2
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1589-1 for keepalived
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add on top of the list first bug report for imap_open() php issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gitlab fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark postgresql-10 as removed for unfixed issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1590-1 for openjdk-7
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-4372/webkit2gtk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove CVE-2018-0735 from openssl1.0
Sebastian Siewior
- [Git][security-tracker-team/security-tracker][master] Adjust affectness information for CVE-2018-19443/tryton-client
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19115,keepalived: Link to Debian bug.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add note note
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2018-0735 as not-affected for openssl1.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add followup commit for CVE-2018-19409/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new git issue with falling back to cwd if a command is not in $PATH
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add libsndfile to dla-needed
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19486/git assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2018-19477/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: I will upload and announce.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1591-1 for libphp-phpmailer
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tag for CVE-2017-5223 as released in DLA-1591-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tag/branch information for CVE-2018-1947{5,6,7}/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2016-9139,otrs2: Fix link to upstream advisory
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2016-9139,otrs2: Issue was fixed with 3.3.18-1+deb8u1
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19141,otrs2: Will be fixed by upcoming DLA.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1592-1 for otrs2
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] add flag to exclude package from review
Antoine Beaupré
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-16862/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] unclaim symfony, I give up
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19387/tmux got properly rejected by MITRE
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] liblivemedia DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] claim xml-security-c
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-10851/pdns as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove pdns from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three CVEs for faad2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three CVEs (CVE-2018-1949{0,1,2}) for gnuplot issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark pdns-recursor issues as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add gnuplot to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add gnuplot5 to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] gnuplot non-issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: claim gnuplot
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] LTS/claim symfony
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-16861/foreman, itp'ed as #663101
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2017-765{3,4}/mosquitto fixed version via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] xml-security-c issue (#913136) fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE -2018-19205 as ignored for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add roundcube to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] extend explanation for one roundcube issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19274,phpbb3: Update link to fixing commit
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16396/ruby2.5 fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16395/ruby2.5 fixed in unstable via new upstream version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add patches to temporary xml-security-c CVE
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Take care of releasing DSA for roundcube prepared by maintainer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for pdns via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1593-1 for phpbb3
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add php5 to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] LTS/Claim php5
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19217,ncurses: Add a comment
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19416,sysstat: Jessie is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Sort entries for CVE-2018-19416
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-19416/sysstat in stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19517/sysstat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19517/sysstat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for roundcube
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] DLA 1594-1 for xml-security-c
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] xml-security-c: Add tracking information for fixed version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] no security impact on gnuplot5 as well
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-17953/pam
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Update status for CVE-2018-19517/sysstat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16790/mongo-c-driver fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix typo in temporary description for CVE-2018-16789
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add information for CVE-2018-19149/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: org/lts-frontdesk.2019.txt: Add empty file from "./lts-frontdesk.py 2019".
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2018-19364/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19364/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19149/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2018-18954/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-18954/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add uw-imap to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] claim some weeks in 2019
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2017-8315,eclipse,apktool: Eclipse is not affected but apktool
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] LTS/claim uw-imap
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-19518/uw-imap
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim libarchive in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Track fixes for CVE-2009-347{4,5,6}/opensaml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes for re-introduced src:shibboleth-sp package
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for CVE-2018-1950{2,3,4}/faad2 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-8017/tika
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1595-1 for gnuplot5
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add new CVE-2018-195{39,40,41,4,2,43}/jasper issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19489/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1596-1 for squid3
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add fixing commits for sysstat issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-6942 fixed in unstable now
Mattia Rizzolo
- [Git][security-tracker-team/security-tracker][master] new pdns-recursor issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19489/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] apktool no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-14646/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track the first version which entered unstable as fixed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2018-19518/php*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lts; do not unclaim packages matching prefix, but complete package name
Antoine Beaupré
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1597-1 for gnuplot
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add new samba issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add samba to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] samba issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for samba update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19497/sluethkit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] harfbuzz n/a in jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11766/hadoop
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19532/libpodofo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19591/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19591/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19519/tcpdump
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-19591/glibc on stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1647{6,7}/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct overall status for CVE-2018-16477/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-16476/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18397/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19134
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-13794/catimg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-18385/asciidoctor fixed via unstable and new upstream version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16476,rails: Jessie is not affected
Lucas Kanashiro
- [Git][security-tracker-team/security-tracker][master] Sort entries for CVE-2018-16476
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1598-1 for ghostscript
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] salt: Add note about unidentifiable patches in upstream Git that are supposed to…
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 3 commits: readd ghostscript
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] new nodejs issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] DLA was on its way
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] add tcpdump
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 21 new gitlab issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: take samba
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] fix nodejs blog link
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2018-1000802/python2.7
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct NFU CVE for keycloak
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2018-19591/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new wireshark issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1599-1 for qemu
Santiago R.R.
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tags for qemu issues fixed in DLA-1599-1
Santiago R.R.
- [Git][security-tracker-team/security-tracker][master] nodejs patch references
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1562-2 for poppler
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2015-8915,libarchive: Fix broken link.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tags from libarchive issues.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1600-1 for libarchive
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim libav in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19516
Felix Geyer
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2018-19532 as no-dsa for jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: add qemu
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] wireshark fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18311/perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add perl to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18312/perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18313/perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18314/perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for perl issues in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix references to upstream issues for src:perl issues (CVE-2018-1831{1, 2, 3, 4}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for perl update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] tiff triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19665/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Add missing attribution/date to note..
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19764/mxml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO from two (now checked) REJECTED CVE entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-19764/mxml as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19764/mxml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19755/nasm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19755/nasm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take perl
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Process CVE-2018-19630 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2018-19764 as no-dsa for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19655/{ufraw,dcraw}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: org/lts-frontdesk.2019.txt: Put myself into available time slots for frontdesk duty.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: co-claim libav.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1601-1 for perl
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Sort entries for CVE-2018-1575{0,1}/salt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] [libav triaging] data/CVE/list: Add ffmpeg upstream commit that fixes CVE-2015-6761.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Revert "[libav triaging] data/CVE/list: Add ffmpeg upstream commit that fixes CVE-2015-6761."
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] drop three <postponed> entries for openssl
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new libsndfile issues (probably dupes)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new kfreebsd issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Add more <date> fields to the notes.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] [libav LTS triaging] data/CVE/list: Add ffmpeg upstream commit that fixes…
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: [libav LTS triaging] data/CVE/list: Add ffmpeg upstream commit that fixes…
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2018-19760/confuse
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-19764/mxml as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Assign myself some frontdesk weeks in 2019.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19607/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for CVE-2018-19607/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19535/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/CVE/list: fix for prev commit
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19777/mupdf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19535/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] [libav LTS triaging] data/CVE/list: Tag CVE-2015-8217 for libav in jessie with <not-affected>.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] [libav LTS triaging] data/CVE/list: Tag CVE-2015-8219 for libav in jessie as…
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] [libav LTS triaging] data/CVE/list: Tag CVE-2015-8363 for libav in jessie as…
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2015-8217: Sort entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-19777/mupdf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] [libav LTS triaging] data/CVE/list: Tag CVE-2015-8364 for libav in jessie as…
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Mark several CVEs for gitlab as fixed via the new upstream version in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: [libav LTS triaging] data/CVE/list: Tag CVE-2015-8661 for libav in jessie as…
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] [libav LTS triaging] data/CVE/list: Tag CVE-2015-8663 for libav in jessie as…
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] openssl, tiff DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Ad CVE-2018-878{4,5,6,7,8,9}/freerdp issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1602-1 for nsis
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] [libav LTS triaging] data/CVE/list: Tag CVE-2016-10190 for libav in jessie as…
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] [libav LTS triaging] data/CVE/list: Tag CVE-2016-10191 for libav in jessie as…
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Two additional CVE IDs for tiff DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19764 has been withdrawn by its CNA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] [libav LTS triaging] data/CVE/list: Work on CVE-2016-10192 and CVE-2016-5115.…
Mike Gabriel
Last message date:
Fri Nov 30 23:09:21 GMT 2018
Archived on: Fri Nov 30 23:09:24 GMT 2018
This archive was generated by
Pipermail 0.09 (Mailman edition).