June 2019 Archives by thread
Starting: Sat Jun 1 00:03:22 BST 2019
Ending: Sun Jun 30 22:10:41 BST 2019
Messages: 609
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add doxygen (and claim it).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1812-1 for doxygen
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim libgd2 and sqlite3 from data/dla-needed.txt
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] CVE-2017-15377/suricata: wheezy not affected
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] LTS/python3.4, python2.7, python-urllib3 status updates
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-0976/nuget
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-12300/buildbot in stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12300/buildbot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1248{1,2,3} and start tracking with src:gpac
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11245/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2016-5007/libspring-java, update notes
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 2 commits: Wrap one long note line for readability
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] DLA-1634-1/wireshark: CVE-2018-926{5,7} not fixed
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2018-926{5,7}/wireshark: no-dsa triage
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12495/tcc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12495/tcc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-12495/tcc as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-961{6,7}: add commit links
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2017-93{43,45,46,50,52,54}/wireshark: add commit links
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-3885 as not-affected for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] firefox uploaded to unstable including fixes for mfsa2019-13
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-0221/tomcat9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12312/libreswan fixed in experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12312/libreswan
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12589/firejail assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference upstream commit for CVE-2019-12499
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: update ruby-omniauth note
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-12495 in tcc for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] new linux issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-16871/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16871/linux: Track first version fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1813-1 for php5
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12308/python-django
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12308/python-django
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add new gitlab issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take DSA release prepared by maintainer for heimdal
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-6461/cairo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-6462/cairo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2013-1752 got rejected and remove source tracking entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9753/otrs2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for heimdal update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-7733
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Replace some linux commit URLs with shorter variant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-11460 via experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-1145{4,5}/monit fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12312/libreswan fixes via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10154/moodle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10153/fence-agents
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1261{4,5}/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-12450/glib2.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11460/gnome-desktop3 fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove todo for CVE-2019-11461
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-8943 in wordpress for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 3 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10149/exim4
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-12300/buildbot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-12308/python-django as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] linux: Sync some not-affectes status for CVEs for stretch and jessie
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2016-1585/apparmor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2016-7151/capstone
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for xen issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for gitlab issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-7308 as not-affected for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12616/phpmyadmin
Henri Salo
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12730/ffmpeg
Henri Salo
- [Git][security-tracker-team/security-tracker][master] django, zookeeper fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Correct version number of linked commit for CVE-2019-12308 (python-django)
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1814-1 for python-django
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Fix syntax for phpmyadmin entry
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2019-12616/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Remove compare selection, as it includes way to much commits
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12617/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-122{09,10}/pam-u2f
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add oss-security reference for pam-u2f issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for pam-u2f
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add temporary item for vim/neovim issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference patches for vim/neovim issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Slightly change prefix for patch references
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-1244{7,8,9}/gvfs fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gitlab issues fixed in experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10126/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12735/{vim,neovim} assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update severity/status for some linux CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for exim4 update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on exim4 issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim phpmyadmin in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-15587/evolution fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12728/grails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9642/extplorer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11768/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-12735/neovim
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add neovim to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add vim to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Use https transport protocol for advisory url for exim4
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-1137{2,3}/libmediainfo fixed via expeirmental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10156/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take vim
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11768/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for miniupnpnd issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12360/xpdf
Henri Salo
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-12360
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add two new otrs2 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Claim otrs2 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] triage poppler issues on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1815-1 for poppler
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10156
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim evolution (CVE-2018-15587, #924616)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for qemu "regression" update (actually missaplied backport)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix DSA number for the regression update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add some new CVEs for mediawiki
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add mediawiki for CVE-2019-11358 as embedding jquery and using it
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference qualys report for exim4 issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add mediawiki references, add to dsa-needed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2019-12312/libreswan
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync some kernel stati with kernel-sec decisions
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12761/pyxdg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-12761/pyxdg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11356/cyrus-imapd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4457-1 for evolution (CVE-2018-15587)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-12735/neovim as unfixed yet
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add cyrus-imapd to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10158 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-11356/cyrus-imapd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] minipupnpd fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note on znc update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9929/cfengine3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-9839/mantis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage pyxdg for jessie.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim pyxdg.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2018-1000026 for jessie with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/libspring-java, status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Track proposed update for node-growl via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-12735/vim via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update version informations for CVE-2019-11471/libheif
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for qemu via buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] check-new-issues: Adapt path to actually used one on soriano.d.o
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three new aubio issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark aubio issues as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2019-9636/python*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10160/python*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for aubio issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20101 and track with src:linux for further investigation
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for cyrus-imapd update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12760/parso
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12779/libqb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-9969/libwebp (fixed a long time ago with 0.5.2 import)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9858/php-horde-form
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-1137{2,3}/libmediainfo fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-19800, CVE-2018-19801 & CVE-2018-19802 in jessie LTS for aubio.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2016-9969 as unaffected in jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Correct package name in previous commit.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10160/python2.7 for stretch as not-affected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note re. CVE-2019-12761 against pyxdg.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-11037/php-imagick in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new vlc issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for vlc (collecting) issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] DLA: Status update
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2017-1000600 and CVE-2018-1000773 are for the same underlying problem in wordpress.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Investigated CVE-2019-9858 and determined that Debian is vulnerable but
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Revert "CVE-2017-1000600 and CVE-2018-1000773 are for the same underlying problem in wordpress."
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert "Investigated CVE-2019-9858 and determined that Debian is vulnerable but"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-1000773 and CVE-2017-1000600
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Switch temorarily to wikimedia mirror
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Link to now-filed upstream bug for CVE-2019-12761 in pyxdg.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] dla-needed: update and reclaim faad2 and hdf5 entries
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-9858/php-horde-form
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Expand TODO item for CVE-2019-9929/cfengine3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Several chromium CVEs fixed via unstable upload of 75.0.3770.80-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2019-9858/php-horde-form
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] reclaim tomcat8
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9858
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark miniupnpd issues as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-{5018,8457}/sqlite3 fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Add sqlite3 for CVE-2019-5827 for further checks
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12790/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12790/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10155/libreswan
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3888/undertow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-3888/undertow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11768,phpmyadmin: Jessie is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1816-1 for otrs2
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-8339/sysdig: jessie triage
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: claim kdepim
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] new faad, rdesktop issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2019-12111/miniupnpd as not-affected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12749/dbus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1817-1 for libgd2
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-11038/libgd2
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Track proposed update for node-url-parse via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for rdesktop issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11027/ruby-openid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug tracking reference for CVE-2019-11027/ruby-openid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12387/twisted
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12387/twisted
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12749/dbus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-12749/dbus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream issue reference for CVE-2019-12749/dbus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new HHVM issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] zookeeper, vlc, mediawiki DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs, two apcupsd issues n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track fixed version for vlc in DSA-4459-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-7845 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3875, NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-10899 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take dbus
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12795/gvfs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12795/gvfs Debian bug reference
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version in unstable for CVE-2019-12795/gvfs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add dbus to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0174 (RamBleed HW vulnerability)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes about CVE-2019-8457/sqlite3
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-10155/*swan
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-5827/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track CVE-2019-5439 for vlc issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11702/firefox
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take dbus from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for dbus update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-7321/mupdf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-7321/mupdf as not-affected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-7321: Add upstream tag information for commits
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new thunderbird issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add references for mfsa2019-17
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5842/chromium
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0221/tomcat9 fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12818/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12819/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12802/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-1170{3,4,5,6}/thunderbird fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12802/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10159 (NFU, CFME)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1818-1 for dbus
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Claim vlc in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12816/znc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference full commit id for CVE-2019-12735/vim
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add wordpress to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add ansible to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Take znc from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for znc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-543{5,6}/curl via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Assign myself another frontdesk week in June
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for znc issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10165 as NFU (OpenShift)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12795: Make branch information next to upstream commits
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add znc
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-12779,libqb: Add links to fixing commits.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim php-horde-form in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Expand note for pull request
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add php-horde-form to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12829/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12829
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for libqb in jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add note from ~6 days ago re pyxdg.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1819-1 for pyxdg
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12840/webmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1820-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2017-11746/tenshi via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference commits for CVE-2019-10740/roundcube
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tags for phpmyadmin,Jessie because of upcoming DLA
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12855/twisted
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12855/twisted
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1822-1 for php-horde-form
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12802,radare2: Mark as no-dsa for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim ansible
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Track pending version for CVE-2019-1145{4,5}/monit in tpu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes regarding CVE-2019-5827/sqlite3 to dla-needed.txt
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] LTS/python2.7, python3.4, python-urllib3 -- reclaim
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] dla-needed: update libsdl2 entry
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add three new linux issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1823-1 for linux
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1824-1 for linux-4.9
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2016-6629,phpmyadmin as postponed
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-12779/libqb as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark libqb as unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add tracking item for CVE-2017-11746/tenshi via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3896/linux (old issue)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12380/linux: Fix typo in NOTE: So -> No
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1825-1 for kdepim
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2019-10735/claws-mail postponed on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add fixed version for various linux CVEs in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10153/fence-agents n/a on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: claim glib2.0
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: add note on vim
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] libqb: Fix regression link for CVE-2019-12779
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11707/firefox-esr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9858/php-horde-form fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert "Switch temorarily to wikimedia mirror"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1826-1 for glib2.0
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11707/firefox
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2012-6711/bash
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12865/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12865/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12874/vlc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] firefox, vim DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add epoch for vim version in DSA-4467-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12436/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12435/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12881/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add link to my mailing list post on libqb
Brian May
- [Git][security-tracker-team/security-tracker][master] mark CVE-2019-12874 for vlc as end-of-life
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] new vlc issue fixed already
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] change CVE-2019-9917 from no-dsa to not-affected
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Revert "change CVE-2019-9917 from no-dsa to not-affected"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Several xen issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1827-1 for gvfs
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Remove gvfs from dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Adjust suite for CVE-2019-9740
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-6471/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-6471/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Expand note on CVE-2019-9917/znc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12435/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12814/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12384/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for two jackson-databind issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim jackson-databind in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1828-1 for python-urllib3
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add vim for regression update in dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference another vim regression bug
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-12435/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12904/libgcrypt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1829-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12900/bzip2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 5 commits: mark CVE-2019-9917 as ignored so that nobody else will have a look at it
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] add libgcrypt20
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] bind9 n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 3 commits: add bzip2
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-11693: Reference the commits as merged into upstream repository
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-11694: reference commit in libsass repository itself
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-11695: Reference commit from master and 3.5-stable series
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Three aubio issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim intel-microcode in dla-needed.txt
Henrique de Moraes Holschuh
- [Git][security-tracker-team/security-tracker][master] new postgres issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-10164/postgresql-11
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add entry for DSA-4447-2/intel-microcode
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11708/firefox-esr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1830-1 for znc
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 3 commits: Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1587{8,9}/libgd2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update association of CVE-2019-9834: there is src:netdata in the archive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1789-2 for intel-microcode
Henrique de Moraes Holschuh
- [Git][security-tracker-team/security-tracker][master] Add four libvirt issues (CVE-2019-10161 CVE-2019-10166 CVE-2019-10167 CVE-2019-10168)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10168/libvirt as not-affected in stretch and below
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Four CVEs for libvirt fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add libvirt to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track CVE-2019-11708/firefox for mfsa2019-19
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11246/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for php-horde-form
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reference fixing commit for CVE-2019-6471/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1016{2,3}/pdns
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1831-1 for jackson-databind
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-6471/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs from external check
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add and take pdns
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove TODO item for CVE-2019-0199
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10072/tomcat*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark tomcat8 as removed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-1016{2,3}/pdns
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add thunderbird for CVE-2019-1170{7,8} (mfsa2019-20)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Relax extraction for CVE description from allitems.txt file
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] jackson-databind,CVE-2019-12384,CVE-12814: fixed in unstable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libvirt update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim rdesktop from data/dla-needed.txt
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Add pdns to data/dla-needed.txt and claim it
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Add upstream issue reference for CVE-2019-12760/parso
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: add libvirt here as well
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-15664
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add fixed version for CVE-2019-10153/fence-agents
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] pdns, vim DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] still ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] curl n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim libvirt.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] re-claim qemu and mupdf
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] LTS/Reclaim libspring-java
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12817/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream commit for gpac issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Drop information on CVE-2018-15878 and CVE-2018-15879
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1832-1 for libvirt
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Process three NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO item for CVE-2019-12900/bzip2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2016-3189 has been fixed
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20843/expat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-12900/bzip2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-20843/expat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20843/expat fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1834-1 for python2.7
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1835-1 for python3.4
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Sync python2.7 jessie entries (remove no-dsa tagged entries, add one not-affected)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1836-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] claim gpac
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1837-1 for rdesktop
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1835-2 for python3.4
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add workaround entry for rdesktop issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] libsass fixes
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Slightly change order of source package entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim expat in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] mod-crs fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add new issue in lemonldap-ng
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for lemonldap-ng issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for lemonldap-ng via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10072/tomcat9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12983/linux (this is a duplicate of CVE-2019-11884)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12984/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some IBM specific NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1298{0,1,2}/ming
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1013{3,4}/moodle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process four NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-12735/neovim in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes on CVE-2019-12983
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12979/imagemagik
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12978/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12977/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct entry for CVE-2019-12977/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-12976/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for imagemagick issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on rdesktop
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12974/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add glib-2.0 and claim it (with comment)
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12972/binutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add lemonldap-ng to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2018-18443/openexr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Typo fix (glib-2.0 -> glib2.0).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: add and take openssl/expat
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim lemonldap-ng.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add update for ruby-openid.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for expat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1838-1 for mupdf
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 3 commits: data/DLA/list: Manually correct one of the CVEs of DLA-1838-1. Package upload...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9929/cfengine: Add upstream fixes.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9929/cfengine2: Add assessment about STATEDIR file permissions in...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-7165 and CVE-2019-12594 for dosbox
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: data/dla-needed.txt: add cfengine3 and claim it.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add imagemagick and claim it.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for dosbox issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for rdekstop issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-13012/glib2.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fix in experimental for CVE-2019-13012
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-13012/glib2.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup CVE-2019-0034 information
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup CVE-2017-1745{6,7} entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process CVE-2019-10175 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process CVE-2019-10177 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add assigned CVE for lemonldap-ng
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Simplify note for CVE-2019-10175
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-13032/flightcrew
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-13032/flightcrew
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track the assigned CVE for lemonldap-ng
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track CVE fixes for linux 4.9.184-1 upload for stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1839-1 for expat
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add and claim dosbox in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Update status of xen in Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Track older chromium-browser issue (CVE-2017-5028)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-16064 and CVE-2018-17460 for chromium-browser
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-13045/irssi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream pull and commit references for CVE-2019-13045/irssi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-13045/irssi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-13038/libapache2-mod-auth-mellon
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-13038/libapache2-mod-auth-mellon
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2019-12904 for libgcrypt as not-affected in jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Sort libgcrypt source package entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-13072/zoneminder
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-13068/grafana
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bzip2 to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove not-affected traige for CVE-2019-10153/fence-agents in stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-13045,irrsi: Jessie is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1840-1 for golang-go.crypto
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] CVE-2019-13038,libapache2-mod-auth-mellon: Mark as no-dsa for Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12973/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20845/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12973/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20846/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20847/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-20847/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1841-1 for gpac
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Claim openjpeg2 in dla-needed.txt
Markus Koschany
Last message date:
Sun Jun 30 22:10:41 BST 2019
Archived on: Sun Jun 30 22:10:45 BST 2019
This archive was generated by
Pipermail 0.09 (Mailman edition).