December 2019 Archives by thread
Starting: Sun Dec 1 04:08:07 GMT 2019
Ending: Tue Dec 31 23:12:20 GMT 2019
Messages: 791
- [Git][security-tracker-team/security-tracker][master] Add note for libexif
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Claim some frontdesk weeks
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry which got an update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-18813
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-18812
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Update gnome-font-viewer and gnome-sushi; have written a...
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add tracking for CVE-2019-13566 via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-15961/clamav
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2017-2 for asterisk
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2019-13566/ros-ros-comm via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2019-14857/libapache2-mod-auth-openidc via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2019-9656/libofx via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove listing of CVE-2019-1316 in DLA 2017-1 entry
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2019-9278/libexif
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9278/libexif
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10768/angular.js fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] dia unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Sync state of some linux CVEs with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: add and claim exiv2
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] telnets no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-14906 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2019-6477 as not-affected for jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5163/shadowsocks-libev
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add second shadowsocks CVE
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Adjust upstream issue reference for TALOS-2019-0958 report
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19492/freeswitch (itp'ed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-194{79,80,81}/opensc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Patch for gnome-font-viewer and gnome-sushi accepted/landed upstream.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2019-19308
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] new librabbitmq issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add ruby to dsa-needed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage python-django for jessie
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim python-django.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-0053 in inetutils, netkit-telnet and netkit-telnet-ssl for jessie.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19118/python-django
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove note referring only to the upstream Changelog.md
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes on mitigation for shadowsocks-libev issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] TALOS-2019-0958 report has CVE-2019-5164 assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug for CVE-2019-19118 in python-django.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add information around introducing issue for CVE-2019-19118
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] stretch/buster triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2019-1 for exiv2
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS/add and claim opensc
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Annotate CVE-2019-19480/opensc as not affecting jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Annotate CVE-2019-19481/opensc as not affecting jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-17402/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-17402/exiv2 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add information on CVE-2019-19481
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new luajit issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add and claim luajit
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-19480/opensc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Expand slightly reasoning on the not-affected status for CVE-2019-19480
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug tracker reference for CVE-2019-19391/luajit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track CVE fixes for linux upload via buster-pu (4.19.87-1)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status of OpenJDK 7 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add Debian bug tracking information for CVE-2019-3866/python-oslo.utils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage python-oslo.utils for Jessie
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add note for python-oslo.utils
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19203/libonig: jessie ignored
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] new firefox issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Android NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Adjust codename for CVE-2019-19203/libonig
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add myself for front desk assignment.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-19118 in python-django for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19537/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage gnome-sushi and gnome-font-viewer for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19536/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19535/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19534/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19533/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19532/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19531/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19530/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19529/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19528/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-19527/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19525/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19524/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19523/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync more pending CVEs for buster-pu for src:linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage firefox-esr for jessie
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19543/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Demote severity for CVE-2019-19391/luajit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix references to DLA regression updates on website
Brian May
- [Git][security-tracker-team/security-tracker][master] Revert "Fix references to DLA regression updates on website"
Brian May
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix references to DLA regression updates on website
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-10732/kf5-messagelib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-149{09,10} as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add fixed version for CVE-2019-11745/nss
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr via unstable for mfsa2019-37
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-13722/firefox{,-esr}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: claim firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-13161 in asterisk for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] age CVE-2019-11287 and CVE-2019-11291 in rabbitmq-server for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2020-1 for libonig
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-18849/tnef as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for stretch-pu for CVE-2019-18197/libxslt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-18247/libav: jessie ignored
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9689/axtls
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Convert some older NFUs for axTLS to the (now) present itp bug for axtls
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19555/fig2dev
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1834{5,6,7}/davical
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed firefox issues for mfsa2019-36 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19555/fig2dev
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19331/knot-resolver
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] smplayer non issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19555/fig2dev fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19331/knot-resolver
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19332/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update list of CVEs for linux/4.19.87-1 upload to buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fig2dev update for buster-pu and stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15099/linux for pending via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19579/xen (XSA-306)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19553/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] wireshark postponed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2019-19553 in wireshark for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-19260/gitlab-workhorse as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19590/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-12614/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19602/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] libav: jessie triage update
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2021-1 for libav
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Triage davical for Jessie
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] LTS/claim davical in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1933{3,4}/libyang
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2019-1933{3,4}/libyang
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15897
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19317/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage sqlite3 for Jessie
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Claim sqlite3
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] new openslp issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19617/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUsProcess NFUsProcess NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage phpmyadmin for Jessie
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19317/sqlite3: < 3.31.0 not-affected
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage librabbitmq for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim librabbitmq.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Update CVE-2019-19317 for up to unstable version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-19244/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track note for CVE-2019-14899
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2022-1 for librabbitmq
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] tnef fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] thrift fixed in experimental
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] sqlite3 in Jessie is not affected by any CVE(s)
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] new openssl issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove bogus file
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] nss DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new puma issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add upstream commit references for CVE-2019-1551/openssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new thunderbird issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2019-16770/puma
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-16770/puma
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Minor bug in luajit
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add and claim openssl
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2019-9466
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage thunderbird for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage jruby for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage openslp-dfsg for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Mark CVE fixes for linux/5.3.15-1 upload to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19624/opencv
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19601/texlive-bin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Change annotation for CVE-2019-11921
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-119{30,34,35}/hhvm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1002102/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-15151/adplug
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add commit references for CVE-2019-1834{5,6,7}/davical
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-17402/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional commit reference for CVE-2019-1834{5,6,7}/davical
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19246/libonig
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for davical issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-19270
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update status of squid3 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-1551 unaffected for Jessie
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2024-1 for phpmyadmin
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add note for ruby-rack-cors
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Claim jruby in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim openslp-dfsg
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2025-1 for openslp-dfsg
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] mark limnoria CVE as fixed
Mattia Rizzolo
- [Git][security-tracker-team/security-tracker][master] Revert "mark limnoria CVE as fixed"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix indentation for CVE-2019-1551 entry
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry which has update via DLA-2025-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync status for linux CVEs with kernel-sec triage
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1944{7,8,9}/linux (sync from kernel-sec)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-19553/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19630/htmldoc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new libsixel issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] waiting for feedback from slurm maintianer
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim python-oslo.utils
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2019-19624 in opencv for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Mark phpmyadmin as still pending release.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Sponsored phpmyadmin 4:4.2.12-2+deb8u7 to security-master.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-12094 and CVE-2019-12095
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-19269 and CVE-2019-19270 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] update note otrs2
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt/date correction
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] dla: still ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add upstream commit to adress CVE-2019-19630/htmldoc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] thrift moved to unstable with 0.13.0-2 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update notes for ibus
Brian May
- [Git][security-tracker-team/security-tracker][master] Add and claim htmldoc
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Update not for CVE-2019-1551
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2026-1 for htmldoc
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Lamby sponsored the upload of htmldoc
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] htmldoc no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: claim thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: update notes, reclaim clamav, freeimage and reportlab
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2019-15845,jruby: Jessie is not vulnerable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19648/yara
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] firefox DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14861/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14870/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-11065/gradle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2027-1 for jruby
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2028-1 for squid3
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Readd squid3 to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim jackson-databind in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19338/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2029-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2019-14892,CVE-2019-14893,jackson-databind were fixed in 2.4.2-2+deb8u9
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2030-1 for jackson-databind
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2031-1 for freeimage
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14889/libssh
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new git issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for git update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add version fixed for CVE-2019-1352
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-14889/libssh
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] buster/stretch triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] New git issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes for REJECTED entry
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/add and claim git
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17357/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17358/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2017-15298/git
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1962{8,9}/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2019-19604
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19646/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19645/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add src:heimdal for CVE-2019-14870
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues (79.0.3945.79 release)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark some issues for envoy proxy as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-19338
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for clamav via stretch-pu un buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track proftpd-dfsg update via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-19617/phpmyadmin as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2019-17357 in cacti for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim cacti.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2032-1 for cacti
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/DLA/list: Correct reference to CVE-2019-17358 in cacti.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19583/xen
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1958{1,2}/xen
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: Remove doubled note
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] heimdal no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Three davical issues fixed in unstable (CVE-2019-1834{5,6,7})
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-15681/libvncserver fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19720/yabasic
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19603/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update entry for intel-microcode
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-12095/php-horde-trean as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-1209{4,5}/php-horde as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove obsolete WIP note
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19725/sysstat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19645/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19687/keystone
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2019-14870 as no-dsa for jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19687/keystone
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19339 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Several chroimium issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19746/fig2dev
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19746/fig2dev
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new snakeyaml issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new mediawiki issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-19687 in keystone for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11805 and CVE-2019-12420 for spamassassin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update spamassassin entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: take xcftools
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19725/sysstat: jessie not-affected
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] yabasic unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track upstream fix for CVE-2019-12420
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5841/chromium (fixed in 75.0.3770.80 upstream)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5843/chromium
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14317/wolfssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug tracking items for CVE-2019-12420 and CVE-2018-11805
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add temporary tracking item for spip issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: add yara
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19242/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-19687/keystone
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19725/sysstat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19767/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19768/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19769/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19770/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add spamassassin to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: re-claim tightvnc
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] giflib fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new npm/sixel issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new radare issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new dovecot issue (n/a)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add references
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs, one imagemagick dupe by Android
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] spip n/a for older releases
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] sysstat unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] spip, davical DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve follow up DSA number for intel-microcode update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-6519/avahi fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2017-14062/libidn as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2019-12095/php-horde-trean and CVE-2019-12094/php-horde as <no-dsa>
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS/remove php-horde-trean, which has no remaining open issues
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2033-1 for php-horde
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2034-1 for davical
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2019-2228/cups
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track php-horde update via {stretch,buster}-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1934{1,2,3} as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19796/yabasic
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] annotate CVE-2019-19604/git as not affecting jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream issue for CVE-2018-11805
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for spamassassin update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2019-19778 and CVE-2019-19777 as no-dsa for jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-12922 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-19969 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2019-15845/ruby2.5
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take ruby2.5 from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2019-16201/ruby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2019-16254
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-14889/libssh fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-17531/jackson-databind fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-2228/cups
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-14870/heimdal
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2019-17632 as not affected in Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Additional upstream commit for CVE-2019-1352/git
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Annotate second commit for CVE-2019-1352
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19807/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19797/fig2dev
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-19797 rather as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19783/cyrus-imapd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-11459/atril
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take spamassassin
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2036-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] freeimage/jessie: postpone CVE-2019-1221{4, 2}
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2037-1 for spamassassin
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add entry for debian-edu-config issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] samba, freerdp2 fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Looked a little into libjpeg-turbo.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Looked into libexif and noted the results.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Added my own name so people know who added the note.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Add cyrus-imapd to dsa-needed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19797/fig2dev
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] debian-edu-config fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] atril spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14607
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-15681/libvncserver fix proposed via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix for CVE-2019-15681/libvncserver proposed via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for CVE-2019-17177/freerdp2 via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Four ssvnc issues fixed via unstable (CVE-2018-2002{0,1,2,4})
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs in Apache Superset
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-18806 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19830/spip assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add some CVE synced from kernel-sec for linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ruby2.5 update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ruby2.3 update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new golang-github-miekg-dns issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10773/node-yarnpkg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take libssh
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2038-1 for libssh
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] new excon issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Jenkins plugins NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10773/node-yarnpkg fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4588-1 for python-ecdsa (CVE-2019-14853, CVE-2019-14859)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-16779/ruby-excon
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for new wordpress issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: CVE-2015-8947 postponed until now
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2040-1 for harfbuzz
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19241/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19847/libspiro
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new chromium issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add note for slurm in dla-needed
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19724/singularity-container
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2019-19724
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Two CVEs for roundcube fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add debian-edu-config and claim it.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark libspiro/jessie as not affected by CVE-2019-19847
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Manually expand entry for CVE-2019-19844 whilst I have the links/bug etc.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage python-django for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Adjust brackets for temporary description
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commits for CVE-2019-19844
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18389/virglrenderer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take ibus
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-18389/virglrenderer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DLA-2041-1 for debian-edu-config
Dominik George
- [Git][security-tracker-team/security-tracker][master] Track CVE-2019-3467 id for debian-edu-config issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update note for intel-microcode needed DLA
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Correct date for my note in dla-needed.txt
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add ruby-excon
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2042-1 for python-django
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19844/python-django fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5152/shadowsocks-libev
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-16782/ruby-rack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-16782/ruby-rack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19880/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark sqlite3 for CVE-2019-19880 as not-affected for stretch and earlier
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] debian-edu-config DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add clarifying note for CVE-2019-5152
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18391/virglrenderer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: For npm/jessie mark CVE-2019-1677{5,6,7} as ignored.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add new php issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add ruby-rack
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/{dla-needed.txt,CVE/list}: triage transfix/jessie regarding CVE-2019-19797
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Correct source package name
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim libjpeg-turbo
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Two CVEs CVE-2019-5870 and CVE-2019-13720 are associated as well with qtwebengine-opensource-src
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new issue in nethack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert "Two CVEs CVE-2019-5870 and CVE-2019-13720 are associated as well with...
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/{dla-needed.txt,CVE/list}: CVE-2019-2201/libjpeg-turbo only gets...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] add mediawiki reference
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Claim packages and update notes
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: mark CVE-2019-2201/libjpeg-turbo as already fixed in experimental
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add note for ruby-rack
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] 2 commits: issues fixed now
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19905/nethack assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19906/cyrus-sasl2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: mark currently open CVEs for libjpeg-turbo as resolved in experimental
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/CVE/list: for CVE-2019-15681, also apply <no-dsa> tags to italc and vino
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: tightvnc also affected by CVE-2018-7225
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add cyrus-sasl2 to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19907/kopanocore
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track new CVEs for Backdrop CMS (itp'ed as #914257)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: tightvnc also affected by CVE-2018-20021
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: tightvnc also affected by CVE-2018-20020
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: tightvnc also affected by CVE-2018-20022
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add cyrus-sasl2 and claim it
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add php5
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] claim php5
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] cyrus-imapd DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add and take mediawiki
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add missing CVE ID
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19906/cyrus-sasl2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mediawiki fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] jessie and stretch are not affected. strutils.py in oslo.utils is
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2043-2 for gdk-pixbuf
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Properly sort suites top-down
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-3866
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new undertow issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add nethack (minor issue)
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2044-1 for cyrus-sasl2
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim nethack
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add references for gitlab which should hopefully help tracking fix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for cyrus-sasl2 update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: data/CVE/list: tightvnc is affected by CVE-2014-6053, too.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2019-18389 and CVE-2019-18391 for virglrenderer fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12418/tomcat*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17563/tomcat*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update notes on CVE-2019-16787
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17571/apache-log4j1.2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15584/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove some TODOs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1991{7,8}/lout
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19919/node-handlebars
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-1991{7,8}/lout
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark CVE-2019-15680 as unimportant; as requested by the security team.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] mark CVE-2019-11049 for Jessie as not-affected
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-17571/apache-log4j1.2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Vulnerable code added in a later version. Jessie version has different
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] CVE-2019-18180: Sort suites top-down
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2045-1 for tightvnc
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/DLA/list: replace CVE-2018-20020/libvncserver by CVE-2019-8287/tightvnc
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2019-15680: add italc and libvncserver (both: unimportant).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add x2goclient and claim it (regression fix for recent libssh upload needed)
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for npm issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add note for CVE-2019-14889 breaking reverse dependencies
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to Debian bug for x2goclient regression caused by libssh update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add apache-log4j1.2 (with suggestion to eol it).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add (orphaned package) lout (with comment)
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: add tomcat{7,8}
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2046-1 for opensc
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-1991{7,8}/lout as no-dsa for stretch and buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-3866/python-oslo.utils via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-3866 as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Slightly reshuffle entries for next-point-update.txt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-3866/python-mistral-lib fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2019-5429/filezilla via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim tomcat8
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-19630/htmldoc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1923{2,4}/sudo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim apache-log4j1.2 with the intention to investigate EOLing it.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-14870/heimdal
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim intel-microcode in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-19920/sa-exim
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Clarify that sa-exim issues are documented in README.greylisting.gz
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync pending CVEs for src:linux via buster-pu with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19922/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Several libonig issues fixed in untable via new upstream version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed fixed for npm via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2038-2 for x2goclient
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2047-1 for cups
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2019-16787 confirmed REJECTED and remote notes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19791/lemonldap-ng
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Several tightvnc issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-1923{2,4}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2019-19926/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim otrs2 again
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-19791/lemonldap-ng via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-19847/libspiro
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18388 and CVE-2019-18390 for virglrenderer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10222/ceph fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19725/sysstat fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU, now clarified/fixed by MITRE
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19847/libspiro
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new imagemagick issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new linux issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] "new" chromium issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-1678{5,6}/waitress
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19948/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19949/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19953/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19951/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19950/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19953/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-2228/cups fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19907/kopanocore
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19956/libxml2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19925/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19953/graphicsmagick fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2019-19923/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19966/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19965/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19954/signal-desktop
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19963/wolfssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19962/wolfssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19960/wolfssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove postponed entry for CVE-2019-1551/openssl1.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-10214/singularity-container
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-17357/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-17358/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-18610/asterisk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-18790/asterisk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19479/opensc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/git status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19977/libesmtp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Reference upstream commit for CVE-2019-19647/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2019-19794/golang-github-miekg-dns
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix inconsistent leading ident before if statement
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19794/golang-github-miekg-dns
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-19906/cyrus-sasl2 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19232,CVE-2019-19234,sudo: Mark as no-dsa for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] libyang fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] mediawiki DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12422,shiro: Link to fixing commit
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference advisory for CVE-2019-13611/python-engineio
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12422,shiro: Mark as no-dsa for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Group source and NOTEs for CVE-2019-12422
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1569{1,2,3,4,5}/tigervnc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs for theme(s) for WordPress
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1311/xerces-c
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-1569{1,2,3,4,5}/tigervnc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-16785,CVE-2019-16786,waitress: Mark as no-dsa for Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-1311/xerces-c
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Splitup temporary entry for Wordpress into two assigned CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5108/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-19952,imagemagick: Jessie is not affected.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 3 commits: Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-7621/kibana
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-16789/waitress
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2019-19882
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add tigervnc and claim it
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17006/nss
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-2002{2,3,4}/libsixel
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20021/upx-ucl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new libredwg issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new set of libmatio issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20016/libmysofa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] otrs fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-20016/libmysofa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-20016/libmysofa as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three more CVEs assigned for wordpress (for issues in 5.3.1 release)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-20021/upx-ucl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: take imagemagick, update notes
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Clone bug for CVE-2019-1221{2,4}/freeimage to separate bugs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] track CVE-2019-3467 also for debian-lan-config
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for debian-lan-config issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add debian-lan-config to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add old CVE (CVE-2012-3462) for sssd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two new gitlab issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] two liblivemedia issues fixed in experimental
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4593-1 for freeimage
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] tomcat8, debian-lan-config, openssl1.0 DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] ezxml (not packaged) is embedded in some sources
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] wolfssl fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20054/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20053/upx-ucl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-20053
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20052/libmatio
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20051/upx-ucl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dsa-needed: take xcftools, add note to cacti
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] 4 commits: data/dla-needed.txt: Triage waitress for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1972{7,8}/slurm-llnl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-17571 as EOL in Jessie LTS, adding reference in src:debian-security-support.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Track CVE fixes for linux upload to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim apache-log4j1.2 and nss in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2048-1 for libxml2
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage sqlite3 for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add fixed version for wordpress issues via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-1735{7,8}/cacti via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-20055 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: take libexif
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] fix cross ref for debian-lan-config
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 4 commits: Remove one unused NOTE
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-3811/sssd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2049-1 for imagemagick
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Fix source package name entry for CVE-2019-3866
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10086 as no-dsa for stretch and buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-12173/sssd as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for sqlite3 issues via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2017-12173/sssd via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2050-1 for php5
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Track proposed roundcube update via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track tightvnc update via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track tightvnc update via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20096/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20095/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-20095/linux as not-affected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20094/libsixel
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20093/libpodofo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20079/vim
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20063/libmysofa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-17357/cacti: stretch not-affected
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Mark tightvnc issues as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Mark CVE-2019-19919/node-handlebars as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correctly indent entries with tabs for consistency
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-19919 as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference upstream fix for CVE-2019-19590/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] this had been fixed
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2016-1000021 confirmed to be rejected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixing commit for CVE-2018-1000825/freecol
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2051-1 for intel-microcode
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19590/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Several tigervnc issues fixed in unstable via new upstream version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20140/libsixel
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-13465/ros-ros-comm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] sixel no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2052-1 for libbsd
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry as libbsd got an update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update tracking for CVE-2019-17534/vips
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14864/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19927/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20175/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20056/libsixel
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track several new gpac issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Re-add libgcrypt20 for jessie LTS as I think the fix for...
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] liblivemedia fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] cups spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19921/runc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark for now CVE-2019-19921 as undetermined
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add proposed update for cups via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-7733 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2053-1 for otrs2
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19791,lemonldap-ng: Mark as no-dsa for Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Triage libsixel for Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add graphicsmagick to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add debian-lan-config to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add xerces-c to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-20093,libpodofo: Mark as no-dsa for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2054-1 for jhead
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-20349 has been fixed
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries wich got update in DLA-2054-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim debian-lan-config
Utkarsh Gupta
Last message date:
Tue Dec 31 23:12:20 GMT 2019
Archived on: Tue Dec 31 23:12:22 GMT 2019
This archive was generated by
Pipermail 0.09 (Mailman edition).