April 2019 Archives by thread
Starting: Mon Apr 1 05:56:27 BST 2019
Ending: Tue Apr 30 21:59:03 BST 2019
Messages: 767
- [Git][security-tracker-team/security-tracker][master] Put descriptions in [] brackets for temporary description
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1743-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Take pdns (CVE-2019-3871)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] remove entries from next-point-release for spu bugs which were closed as inactive
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1744-1 for tzdata
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1745-1 for libdatetime-timezone-perl
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add tracking for obs-build update via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add note to libav, about triaging status.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: re-add wordpress
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] claim poppler
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1746-1 for drupal7
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: take qemu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2019-8934/qemu no-dsa on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-1798/libclamunrar n/a in jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2016-9180/libxml-twig-perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two CVE's for domoticz, itp'ed, #899058
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO for gpsd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] use no-dsa entries for clamav interim entries (fixed in SUA)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0757,nuget: No package in Debian is actually affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Remove nuget from dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] robocode no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] gpac NMUed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] mark gpsd no-dsa following discussion with maintainer
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1747-1 for firmware-nonfree
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Add new gitlab issues (fixed in versions 11.9.4, 11.8.6, and 11.7.10)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-10108/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10672/libmysofa fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0211/apache2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0217/apache2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Correct description for CVE-2019-0217
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0197/apache2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0196/apache2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0220/apache2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add apache2 to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9193/postgresql
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1740-2 for libssh2
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: Revert "Reserve DLA-1740-2 for libssh2"
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/DLA/list: Drop CVE-2019-3859 from regression update DLA-1730-2 (thanks to...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add apache2 to dla-needed.txt and claim it
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update apache2 CVEs CVE-2019-0217, CVE-2019-0220 and CVE-2019-0211
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Wrap notes for CVE-2019-0220
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to commit for CVE-2018-17189
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to commit for CVE-2019-0196/apache2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream commit for CVE-2019-0211/apache2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0217: Indent by tabs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update CVE-2019-0220 reference according to the packaging information
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for zziplib via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Tentatively take apache2 from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove two no-dsa tagged entries for apache2 which will be included in DSA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup entry for CVE-2018-1000999
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO item for CVE-2019-9193
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] take putty
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add evolution-data-server for jessie to (at least) match...
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Mark fixed version for various libssh2 issues via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO item for CVEs which waere not assigned by CNA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10714/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add todo item for CVE-2019-10714/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for apache2 security update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage golang for jessie.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim golang.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3882/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-9633/glib2.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1748-1 for apache2
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1749-1 for golang
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] putty DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add new tryton-server issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20505/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-20505/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20506/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-2050{5,6}/sqlite3 as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10723/libpodofo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5421/ruby-devise
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-5421/ruby-devise
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2018-20505 for sqlite3 in jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] "new" linux issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2019-5953/wget
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add temporary description for CVE-2019-5953
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4424-1 for pdns (CVE-2019-3871)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2019-5953/wget
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20449/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for ghostscript issues in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference upstream statement on CVE-2019-9193
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3886/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-3886/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2019-10856/jupyter-notebook
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3892/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10868/trython-server assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream fix for CVE-2019-10868
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tryton-server to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new teeworlds, poppler, neutron issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-10868/tryton-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixing commit for CVE-2019-5953/wget
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add related commit for wget update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Two audiofile issues fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-18068 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: Triage CVE-2019-10877 in teeworlds for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2018-10243/libhtp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional information reference for CVE-2018-10243
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10242/suricata
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10244/suricata
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for wget security update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for open-vm-tools via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for gitlab issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-17937/gpsd fixed in unstable upload as 3.17-6
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9948 and CVE-2019-9636 adressed in unstable for python2.7
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10876/neutron
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-12545/jetty9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qemu spu (in preparation)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove doubled entry for CVE-2018-7726
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add Debian bug reference for CVE-2019-10871/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-7305/extplorer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] claim wget
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Adding myself to triaging work in May.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-10876/neutron
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update affected status for CVE-2019-10876/neutron
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10904/roundup
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage roundup for jessie.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim roundup.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] mark CVE-2019-9151 unfixed instead of undetermined
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] mark CVE-2019-8397 unfixed instead of undetermined
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] update hdf5 dla-needed entry
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] tryton DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1750-1 for roundup
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] dla-needed: update faad2 entry
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for CVE-2019-10904
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-3886/libvirt via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO for CVE-2019-3886/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed: add suricata entry and claim it
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10906/jinja2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10906/jinja2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process CVE-2019-10905 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add various CVE fixes for apache2 via 2.4.38-3 upload to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] update note for putty
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-10740/roundcube
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new claws issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 3 commits: dla-needed.txt: Update notes for proftpd-dfsg.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-3882/linux reference to upstream fix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add second needed commit for CVE-2019-3887/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: add jinja entry and claim it
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Claim libvirt
Brian May
- [Git][security-tracker-team/security-tracker][master] Reference Debian bug for CVE-2018-3750/node-deep-extend
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add notes to CVE-2019-10906/jinja2 entry
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10906: add links to str.format fixes
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DSA-4427-1 for samba (CVE-2019-3880)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] 2 commits: Put temporary description in [] brackets
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Mark jessie as not affected by CVE-2019-3870 (samba)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-3886 as not affecting (old)stable
Guido Günther
- [Git][security-tracker-team/security-tracker][master] Add jessie version for CVE-2018-0496/freedink-dfarc
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: add samba
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10244: mark jessie not-affected
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] 2 commits: clamav: link recent lts discussion
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Revert "Add jessie version for CVE-2018-0496/freedink-dfarc"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3842/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9619/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Merge information for systemd/232-25+deb9u10 into CVE list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-10745/jinja2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-3750/node-deep-extend
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Adjust source package name from jinja to jinja2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-3890: Add reference to upstream issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] bwa spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new unimportant lrzip issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] LTS/python2.7, python3.4, python-urllib3 status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10196/graphviz fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry for CVE-2018-10196/graphviz
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: libpodofo/CVE-2019-10723: ignored
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: poppler in jessie: not affected by CVE-2019-10873
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Mark poppler in jessie as not affected by CVE-2019-9903.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] ffmpeg, podofo bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-0542/node-xterm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove TODO item for CVE-2019-9631/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] update fixed status for a number of older nodejs and node-foo packages
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1751-1 for suricata
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11010/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11009/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11008/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11007/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11006/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11005/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some IBM specific NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for systemd update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Setting CVE-2019-10018 (poppler) to ignored for jessie (agreeing with security team's evaluation).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] claim samba
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1752-1 for poppler
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Re-add poppler.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Drop jessie/no-dsa tags for all currently open samba issues....
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1753-1 for proftpd-dfsg
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Mark open proftpd-issues as fixed in 1.3.5e-0+deb8u1
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim graphicsmagick in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-2054{4,5,6,7,8,9}/libcaca fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-3897 as NFU (redhat-certification)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3893/foreman, itp'ed, #663101
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add wireshark issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-11018 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-17234/hdf5: add bug entry and commit
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1743{4,7}/hdf5: add bug entry and commit
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2018-17233/hdf5: add bug entry and commit
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] add CVE-2018-17437 follow-up fix
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Revert "add CVE-2018-17437 follow-up fix"
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-11025/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11025/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim evolution* in data/dla-needed.txt
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Don't use funding as part of no-dsa/ignored rationale, cf. debian-lts@
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] claws-mail: add Debian bug
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: add systemd
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: add cacti
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: add wireshark
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] evolution-ews/CVE-2019-3890: Debian bug
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: kgb-bot/CVE-2015-1554: note last ping
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-10898/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-3890: Reference upstream commit related to upstream issue 27
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: claim wireshark
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-10898/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2014-7954: mark NFU (previously adb)
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-10900/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for wireshark issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11026/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11026/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] exiv2/CVE-2018-11037: jessie not-affected
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11023/graphviz
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: re-claim ghostscript
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] wireshark postponed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] take ruby2.3
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11023/graphviz
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1754-1 for samba
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Track gpac proposed update via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-10906/jinja2 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] claim systemd
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reference webkit2gtk as well for CVE-2019-6251
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add teporary entry for spip issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for spip issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9901, NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9900, NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-7108 (NFU, Adobe)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim cacti.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] dla-needed: systemd is not claimed by systemd
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add and claim spip (#926764)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] 2 commits: spip 3.0 not affected in Jessie
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4429-1 for spip (#926764)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] twitter-booststrap/CVE-2019-8331 (v2): no-dsa minor like v3 and v4
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] ncurses/CVE-2018-19217: semi-duplicate bug report has working POC
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa entry for CVE-2019-8331/twitter-bootstrap
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add multiple vulnerabilities in src:wpa
Yves-Alexis Perez
- [Git][security-tracker-team/security-tracker][master] add bug # for wpa vulnerabilities
Yves-Alexis Perez
- [Git][security-tracker-team/security-tracker][master] gitlab n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove explicit unfixed marking for stretch for wpa issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Revert "Remove no-dsa entry for CVE-2019-8331/twitter-bootstrap"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19217: add note on secondary bug which is potentially a duplicate
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2019-9494
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2019-9495
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2019-9496
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-949{4,6}: Add note on when CONFIG_SAE=y was enabled
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2019-949{7,8,9}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-0229/airflow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] allocate DSA for wpa
Yves-Alexis Perez
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11071 assigned to spip
David Prévot
- [Git][security-tracker-team/security-tracker][master] Add assigned CVE for DSA 4429-1/spip
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2019-11071/spip
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup sip advisory url
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-949{4,5,6,7,8,9}/wpa fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-7125 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: wpa/CVE-2019-9494,CVE-2019-9496: ignore SAE-related vulnerabilities
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] new gradle issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Correct "Credativ" typo.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20{194,362}: add pull-request links
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] ncurses/CVE-2018-19211,CVE-2018-19217: de-dup, jessie triage
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] webkit2gtk/CVE-2019-6251: not supported in jessie; epiphany-browser: not affected in jessie
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] wget fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: add libspring-security-2.0-java
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] new webkit issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track fixed version for wireshark issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-11025/cacti via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] historic glibc issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Record that #926764 (spip) is fixed in 3.1.4-4~deb9u2 in stretch (DSA-4429-1)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Remove explicit stretch version setting for spip
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add reference for CVE-2006-7254/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11072/lighttpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add Debian bug reference for CVE-2019-11072/lighttpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] some qt4 issues pending
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11068/libxslt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11068/libxslt: Add reference to upstream issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11068/libxslt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] audiofile spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] igraph spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-8936/ntp fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0227/axis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20{362,194}: replace PR by commit links
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11191/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11190/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-17237/hdf5: add commit link
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2018-112{02,04,06}/hdf5: add commit links
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] webkit2gtk: security support limited in all suites
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2018-112{03,07}/hdf5: add commit links
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] dla: add gradle
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: add qt4-x11
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: add libxslt
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] gradle/CVE-2019-11065: add Debian bug
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: add axis
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] axis/CVE-2019-0227: additional info
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] mark axis as unimportant, only in example code not shipped in the binary packages
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2017-1000379/linux with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-20449/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync information on CVE-2019-10125/linux with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track further CVEs for src:linux update for stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11222/gpac
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11221/gpac
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11222/gpac
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11221/gpac
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-1122{1,2}/gpac as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qt4 fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] sleuthkit fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2019-8943/wordpress
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-19872/qt4-x11 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3891, NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove references for CVE-2017-7775
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3883/389-ds-base
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10732/kmail
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10732/kmail
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] axis/CVE-2019-0227: wait for info on SSRF fix
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: add gpac
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libssh2 update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] libical removed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1628-2 for jasper
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Work on these DLAs is still ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2017-10799,graphicsmagick: Remove Jessie no-dsa tag.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reference Debian bug for graphicsmagick issues.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Two vulnerabilities (VE-2019-1122{1,2}) for gpac fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] AddCVE-2019-1122{8,9}/gitea
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0228 in Apache PDFBox (libpdfbox{2,}-java)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert ncurses dedup
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-8943/wordpress as unfixed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-14550/libpng: reference fixing upstream commit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-0231 as NFU (Apache MINA project)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: update note
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] ncurses/CVE-2018-19217: remove jessie/not-affected pending upstream statement
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-3883/389-ds-base
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track jabref update proposed via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for vcftools via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ncurses: clarification progress
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update CVE-2018-19211 information
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1756-1 for libxslt
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reference Debian bug for Teeworlds issues.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Re-claim it with a note.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] More notes about clamav.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Remove notes on CVE-2018-20710
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove association with python-urllib3 for CVE-2019-9740
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO item for CVE-2019-11236
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Proces some more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-110{0[5-9],10}/graphicsmagick fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1123{4,5}/freeradius
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-3737/node-sshpk fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for libvirt
Brian May
- [Git][security-tracker-team/security-tracker][master] tomcat n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2018-3774/node-url-parse fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove remaining "not used by any sponsor" justification for Jessie LTS
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1757-1 for cacti
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] dla-needed: jinja2, liblivemedia and sox updates
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add mariadb-10.1 proposed updaate tracking via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9500/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9503/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ghostscript update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ruby DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] drop unimportant status for remaining node-* issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove tracking of src:epiphany-browser for CVE-2019-6251
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new Java issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new vbox issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] libsixel non issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new nouveau issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11034/php
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11035/php
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dsa-needed.txt note I am working on znc
Santiago R.R.
- [Git][security-tracker-team/security-tracker][master] axis/CVE-2019-0227: add patches links
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] poppler updates
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Adjust commit for CVE-2019-11026/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some Oracle MySQL CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more Oracle MySQL CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-2692/mysql-connector-java
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more CVEs specific to Oracle MySQL 8.x
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2018-3123/mysql-5.7 (already fixed in 5.7.25)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-11072/lighttpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference and upstream reference for src:mysql-5.7 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2018-1687{7,8} and CVE-2019-3885 for pacemaker
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-9890/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove information on CVE-2018-1000643
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] openjdk-11 fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new dovecot issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-10691/dovecot fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fix for CVE-2019-9787/wordpress via buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add drupal7 issue (SA-CORE-2019-006)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-109{09,10,11}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] node-superagent fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add note that I still work on evolution{,-data-server} to dla-needed.txt
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] faad2 fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] symfony fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2018-17438/hdf5: add bug and commit links
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Mark rails issues as no-dsa (as they will be fixed via point release)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] hdf5 undetermined issues: add links to bug entries
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] 5 commits: Add reference to advisory for CVE-2019-10913
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-1750{5,6,8,9}: add commit links
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2019-3886/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-10746/libvirt (for similar issue than CVE-2019-3886)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for node-superagent via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track jquery under same temporary item as drupal
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for jquery issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2018-14550/libpng1.6 via experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2018-14048/libpng1.6 via experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2019-7317/libpng1.6
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixing version for jquery issue #927385 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-3902/mercurial
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3901/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-3899/heketi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11324/python-urllib3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11236/python-urllib3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark jquery as minor issue and no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug number for CVE-2019-11324/python-urllib3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add source package tracking for CVE-2018-20200/libokhttp-java
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ncurses/CVE-2018-19217: mark unfixed
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Track jquery stretch-pu upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gitlab fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-20200 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new ffmpeg issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5008/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-5008/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-11358/jquery assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add new wpa issue (EAP-pwd message reassembly issue with unexpected fragment)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-11358 as affecting node-jquery as well
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11358/node-jquery
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11359/i-librarian
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11351/teamspeak-client
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take drupal7 from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for drupal7 update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1758-1 for debian-security-support
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-12179 CVE-2018-12182
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1136{5,6}/atftp issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for atftp issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-0218 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new libmediainfo issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-18009/opencv as unfixed for unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-3830/ceilometer fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] node-ws fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] mark two libpodofo CVEs as fixed
Mattia Rizzolo
- [Git][security-tracker-team/security-tracker][master] node-mixin-deep fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] update comment
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add new modsecurity-crs issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11428/i-librarian, track ITP bug
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1759-1 for clamav
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Drop lts-alt-cve-triage.sh script
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1760-1 for wget
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark nodejs CVE as ignored
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11449/i-librarian
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2015-1340/lxd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1145{4,5}/monit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2011-1830/ekiga
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-1145{4,5}/monit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-1123{4,5}/freeradius via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2011-3147/nova
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-1585 tracking of source package
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-11445 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add projectzero issue references for CVE-2019-{3842,9619}/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Update metadata on currently open systemd issues.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] libarchive n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add note for CVE-2019-5428/jquery
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11461/nautilus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2013-7470/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ncurses/CVE-2018-19217: already fixed
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-11461/nautilus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1761-1 for ghostscript
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11460/gnome-desktop3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20230/pspp fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update notes on evolution in data/dla-needed.txt
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11459/{atril,evince}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11358/node-jquery fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for CVE-2019-11459/{atril,evince}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11474/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11473/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11472/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11471/libheif
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11472/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11470/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11470/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-3868 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Start tracking source package for CVE-2019-0223/qpid-proton
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11487/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11486/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark CVE-2019-9895 as ignored in Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] ignore CVE-2019-5008/qemu on jessie as well
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: reclaim qemu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2018-15587 in data/CVE/list
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Do not track evolution-data-server under CVE-2018-15587
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-1123{4,5}/freeradius
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixing commits for CVE-2019-835{4,5,6,7}/sox
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1762-1 for systemd
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-1123{4,5}/freeradius as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11498/wavpack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11498/wavpack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1763-1 for putty
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-208{19,20}/lepton
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-20819/lepton
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-20820/lepton
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-6468/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-6467/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-5743/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-5743/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2018-20433
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5427/c3p0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-4527/c3p0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tag for CVE-2019-0816/cloud-init
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-3883/389-ds-base
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3900/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 9 commits: add 389-ds-base
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2017-16119/node-fresh fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11506/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11505/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: claim openjdk-7
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim mercurial.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add some revision links etc. for CVE-2019-3902 in mercurial.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1764-1 for mercurial
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9928/gst-plugins-base*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2018-11987/linux with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status CVE-2018-17977/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Ignore CVE-2018-20449/linux for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark gst-plugins-base0.10 as removed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2017-9778/gdb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup notes for CVE-2019-5428 (REJECTED; duplicate)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9928/gst-plugins-base1.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-11503/snapd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18367/golang-github-seccomp-libseccomp-golang
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1765-1 for gpac
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 6 commits: Mark CVE-2019-11191 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2017-18367/golang-github-seccomp-libseccomp-golang
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 5 commits: add drupal7
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] glibc fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5817/chromium
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5816/chromium (n/a as Android specific)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5812/chromium (n/a as iOS specific issue)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-2025/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] bind fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1762-2 for systemd
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Correct Debian bug reference for wpa issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] wpa isssue ("EAP-pwd message reassembly issue with unexpected fragment") fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove evolution-data-server from data/dla-needed.txt
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] mark binutils as unimportant following recent debian-security-support upload
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1766-1 for evolution
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] 2 commits: add atftp
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Remove CVE reference for regression update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-1109/node-braces
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] First round of verification for 9.9 point release
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1851{2,3}/thunderbird
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2018-1851{2,3} for DSA-4392-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1767-1 for monit
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11555/wpa assigned ("EAP-pwd message reassembly issue with unexpected fragment")
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: add symfony
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add source package tracking for CVE-2018-11802
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/unclaim imagemagick
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libpng1.6 update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Merge changes for stretch and linux/4.9.161-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Merge changes for stretch and linux/4.9.168-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Merge accepted changes from 9.9 point release into stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add fixed version for CVE-2018-6260/nvidia-graphics-drivers
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11244/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11243/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim 389-ds-base
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3844/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3843/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-384{3,4}/systemd as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-835{4,5,6,7}/sox fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-384{3,4}/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11576/gitea
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-18510/firefox
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three new dhcpcd5 issues (#928056, #928104, #928105)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix short description of one dhcpcd5 issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update support end date for jessie in LTS
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update libmatio status
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] 3 commits: config.json: Add next known codenames up to bookworm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] security_db: Make source code comment independent of codename for distribution
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVEs assigned for dhcpcd5 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1768-1 for checkstyle
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2019-11577 as not affected for jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-384{3,4}/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] imagemagick DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] mark two systemd issues as ignored after followup with maintainer
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1769-1 for gst-plugins-base0.10
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1770-1 for gst-plugins-base1.0
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Makefile: Remove leftover wheezy_ARCHS list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: add dhcpcd5
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11498 fixed in wavpack/5.1.0-6
Sebastian Ramacher
- [Git][security-tracker-team/security-tracker][master] LTS/python-urllib3, python2.7, python3.4 status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9892, CVE-2019-10066 and CVE-2019-10067 for otrs2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream otrs2 security advisory references for OSA-2019-{04,05,06}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup trailing whitespaces in CVE list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update details for libvirt in dla-needed.txt
Brian May
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim dhcpcd5.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: NFU
Henri Salo
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2016-10749/cjson
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take atftp from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Expand TODO for CVE-2019-11599
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11596/memcached
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11596/memcached
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-11596/memcached
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gst-plugins-base1.0 DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11598/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11597/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11598/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11597/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] edk update
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dhcpcd5 no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1771-1 for linux-4.9
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11471/libheif
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new gilab issues (fixed in 11.10.2, 11.9.10, and 11.8.9)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9826/phpbb3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for new gitlab issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: reclaim faad2 and hdf5
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1772-1 for libvirt
Brian May
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo
- [Git][security-tracker-team/security-tracker][master] CVE-2019-3892 was rejected in favour of CVE-2019-11599
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2019-11599/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10124 as invalid
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] golang-golang-x-net-dev, golang-github-seccomp-libseccomp-golang fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Add upstream commit that fixes CVE-2019-3884, CVE-2018-16878...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-11499/dovecot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-1149{4,9}/dovecot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] pacemaker CVEs: reference pull requests as whole
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for gpg-key2ps shell injection vulnerability
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim otrs2 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-1149{4,9}/dovecot fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-021{3,4} as NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10131/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10131/imagemagick as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20835/node-tar-fs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20834/node-tar
Salvatore Bonaccorso
Last message date:
Tue Apr 30 21:59:03 BST 2019
Archived on: Tue Apr 30 21:59:07 BST 2019
This archive was generated by
Pipermail 0.09 (Mailman edition).