March 2019 Archives by thread
Starting: Fri Mar 1 04:51:47 GMT 2019
Ending: Sun Mar 31 22:38:38 BST 2019
Messages: 749
- [Git][security-tracker-team/security-tracker][master] LTS/symfony status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1699-1 for ldb
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4401-1 for wordpress
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-8337/{mpop,msmtp}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional references for CVE-2019-9187/ikiwiki
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9215/liblivemedia
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 5 commits: Add CVE-2018-18499/{firefox,firefox-esr,thunderbird}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-800{4,5,6,7}/file fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] "new" squirrelmail issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker] Pushed new branch tracker-tables
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker] Deleted branch tracker-tables
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Remove temporary entry for squirrelmail
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: tracker-service: don't repeat the package link
Salvatore Bonaccorso
- Processing 3b03db0217c5f77ef007df19c99092e1a969fb83 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1700-1 for uw-imap
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-6111/openssh in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take libsndfile
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9545/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9543/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9545/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9543/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1701-1 for openssl
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20679/busybox fixed in unstable via new upstream version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update CVE-2019-5747/busybox information
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gdb 7.5 fixed CVE-2011-4355
Paul Wise
- [Git][security-tracker-team/security-tracker][master] CVE-2011-4355: Track first version in unstable with the fix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-19516/kf5-messagelib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-6260/nvidia-graphics-drivers-legacy-390xx
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2019-5747/busybox as not-affected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Replace reference to secure-testing-commits with debian-security-tracker-commits
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for bubblewrap issue: #923557
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] allocate DSA revision for openssh
Yves-Alexis Perez
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0200/qpid-java
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-8943/wordpress
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes for r-other-x4r for the mebedded copy of gSOAP
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-14036/accountsservice: reference primary git repository url
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for bubblewrap issue (#923557) via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add ikiwiki to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Triage edk2 for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9210,advancecomp: Link to fixing commit
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim advancecomp in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Switch back to local mirror at debian.csail.mit.edu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVe-2019-5786/chromium
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1702-1 for advancecomp
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim poppler in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] LTS/claim imagemagick
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add zabbix to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1056,advancecomp: Remove no-dsa tag for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-92{08,09,14}/wireshark fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference commit for CVE-2018-6484/zziplib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2018-6542/zziplib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-6541/zziplib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2018-6540/zziplib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update severity for CVE-2018-6542/zziplib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track poposed update for linux via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-6540/zziplib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2018-6381/zziplib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for various zziplib CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-7727/zziplib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2017-5975
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2009-5155,CVE-2019-9169,glibc: no-dsa for Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Triage spice-xpi for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1002100/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-1002100/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-7251/asterisk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2018-7726/zziplib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-7251/asterisk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gdb 7.3.50~cvs20110627-1 fixed CVE-2006-4146
Paul Wise
- [Git][security-tracker-team/security-tracker][master] CVE-2006-4146/gdb: Track first version which entered unstable with the fix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19759/libsixel
Henri Salo
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage drupal7 for jessie.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] liblivemedia fixed in experimental
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: add some notes
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2019-7251/asterisk n/a on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] new option, --elts, to act on ela-needed.txt
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] dla: claim nettle
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1703-1 for jackson-databind
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Revert "new option, --elts, to act on ela-needed.txt"
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] LTS/claim nss
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] dla: remove drupal7 and systemd
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: libsolv: fix timestamp
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: Replace file() with open() for Python 3 compatability
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sort order of commits
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1704-1 for nss
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-11793/apache-mesos
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new gitlab issues from 2019-03-04 release
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] accountsservice fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2017-113{32,58,59} and -15371: add upstream fixes
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] reserve DLA-1705-1 for sox update
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] mumble DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new xen issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-20164/uap-core
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0187/jakarta-jmeter
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-2024/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-2025/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream commit reference for CVE-2019-2025
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9213/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9578/libu2f-host
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9578/lubu2f-host
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1543/openssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-5741
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] openssl postponed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Claim ikikiwiki
Brian May
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-1543 in openssl for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9624/webmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0191/apache-karaf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add proftpd-dfsg issue as reported in #923926
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note on koji update for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note on nss update for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-20662,poppler: Link to correct fixing commit.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim zabbix in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim rdflib
Brian May
- [Git][security-tracker-team/security-tracker][master] asterisk fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-1680{8,9}/dolibarr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] contact-maintainers: lts: upgrade remaining references to wheezy
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] lts: mark CVE-2018-16868/CVE-2018-16869 as no-dsa
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16868: fix package/distros ordering
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-9578/libu2f-host
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-14498/libjpeg-turbo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add TODO item for CVE-2018-14498/libjpeg-turbo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-14038/binutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20710/yaml-cpp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-7175/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new PHP issues (fixed in 7.3.3, 7.2.16 and 7.1.27) with needed CVE
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-20662,poppler: Remove no-dsa tag for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove PHP entries which actually do not need a CVE
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] PHP DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] LTS/imagemagick, status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9641/php assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9640/php assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9639/php
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9638/php assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9637/php assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9636/python
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add references for CVE-2018-3832/libsndfile
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference(s) for CVE-2019-9636/python
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage python2.7 for jessie.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1707-1 for symfony
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Michael Gilbert
- [Git][security-tracker-team/security-tracker][master] LTS/Claim python2.7, python3.4
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Track proposed pending update for vips via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add upstream commit references for libmation issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libmatio issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-12181/edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2019-6445/ntpsec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-8936/ntp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug number for CVE-2019-8936/ntp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9631/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] DSA-4405-1 openjpeg2
Luciano Bello
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry which got update in DSA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry for openjpeg2 issue which got DSA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for systemd via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for openjpeg2 issues in via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-100023{1,2}/ldns fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add source package tracking for CVE-2019-9675/php
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: claim sqlalchemy
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add reference to upstream commit for CVE-2017-11608/libsass to adress issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2018-11499/libsass
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim systemd in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] hadoop ITP issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] qemu fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9633/glib2.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1708-1 for zabbix
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2017-2826,zabbix: Remove no-dsa tag for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2019-5736/runc as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9633/glib2.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9628/xmltooling
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9628/xmltooling
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: sqlalchemy: waiting upstream feedback
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add temporary items for three cron issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9656/libofx
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove one temporary entry which is only hardening but not a vulnerability
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Clarify one older issue note for CVE-2017-2826 / TALOS-2017-0327
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] various bugs filed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-9656/libofx
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes for zziplib via unstable for several issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-6260 via experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-12447/gdk-pixbuf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9706/cron assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9705/cron
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9704/cron assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Expand note and be consistent with three cron issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync fixed version for sid for 5 CVEs for linux with kernel-sec status
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1709-1 for waagent
Bastian Blank
- [Git][security-tracker-team/security-tracker][master] cron update
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Process (IBM) NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0804/waagent
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: sqlalchemy: new upstream 0.9 patch WIP
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Claim xmltooling in dla-needed.txt
Ferenc Wágner
- [Git][security-tracker-team/security-tracker][master] dla-needed: claim liblivemedia
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9215: add link to reporter advisory/analysis
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] ntp n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add note on further needed work for CVE-2019-9036
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] waagent DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-6260/nvidia-graphics-drivers
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process Joomla! NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] xmltooling DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9718 and CVE-2019-9721 for ffmpeg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9687/libpodofo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9687/libpodofo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-3815,systemd: Remove not-affected tag for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for gitlab issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove trafficserver from dsa-needed list, minor issue in experimental plugin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3816/openwsman, itp'ed, #754501
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update NFU entries for CVE-2008-223{3,4} and associate with openwsman
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3833/openwsman
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new nuget issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Replace note with unaliased bugzilla reference
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] tcpreplay fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1710-1 for xmltooling
Ferenc Wágner
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1711-1 for systemd
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Fix fixed jessie version for xmltooling
Ferenc Wágner
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-9636/python3.7
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1712-1 for libsndfile
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Fix CVE list for DLA-1712-1
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1713-1 for libsdl1.2
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1714-1 for libsdl2
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2017-12447/gdk-pixbuf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: update libsdl* reference
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 5 commits: CVE-2019-7638: reference to upstream vcs commits
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9735/neutron
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mpg321 fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9735/neutron
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9740/python*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9750/iotivity, itp'ed, #824155
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9644/jupyter-notebook
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9644/jupyter-notebook
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-541{8,9}/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5420/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-541{8,9}/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-5420/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/triage and claim python-urllib3
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0816/cloud-init
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-0816/cloud-init: mark as unfixed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add external reference for CVE-2019-0816
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9752/otrs2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9751/otrs2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20800/otrs2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-9735/neutron via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add (temporary) entry for wordpress issue without CVE: #924546
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Several gitlab issues fixed in experimental upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2019-9208 as not-affected for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] xmltooling fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla-needed: update liblivemedia entry
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Revert "mark CVE-2019-9214 as not-affected for Stretch"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVEs associated with LibreDWG (old itp'ed package)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9658/checkstyle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9787/wordpress assigned (#924546)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add references to commit and information for CVE-2019-9787/wordpress
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add wordpress to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9658/checkstyle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] evolution/edk2 bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1715-1 for linux-4.9
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Correct list of CVEs for DLA-1715-1
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Add additional commit for CVE-2018-19876/cairo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track evolution-data-server under CVE-2018-15587 and add upstream references
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-9741/golang*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference review patches for CVE-2017-17689
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-9741/golang-1.11
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Cleanup trailing whitespaces
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0192/lucene-solr, keep it undetermined
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-19876/cairo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] claim rsync
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add fixed version for rsync (CVE-2016-984{0,1,2,3})
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Additional upstream bug reference for CVE-2019-0740/python{3.7,3.6,3.5,3.4,2.7}
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16323/imagemagick is <not-affected> instead of <ignored>
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20467/imagemagick, sync jessie status to stretch status and add link...
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Mark ntp as not affected by CVE-2019-8936 (for the same reason as given for stretch).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add package cron and claim it.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/{dla-needed.txt,CVE/list}: Triage open otrs2 issues for jessie.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add glib2.0.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9215: add Debian bug number
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2019-7314: add Debian bug number
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark libjpeg-turbo 1.5.2-2 and earlier as not affected.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 3 commits: Revert "data/CVE/list: Mark libjpeg-turbo 1.5.2-2 and earlier as not affected."
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Lower version including fix for CVE-2018-10113
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2009-5155/gnulib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add poppler.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Track fixes for several gitlab issues after upload to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2018-1664{7,8}/mupdf in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for three edk2 issues fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2018-12029/passenger
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: Mark CVE-2018-12029/passenger as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20806/phamm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new libssh2 vulnerabilities
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16838: jessie not-affected
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-20806/phamm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9837/ruby-doorkeeper-openid-connect
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9837/ruby-doorkeeper-openid-connect
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: update kde4libs entry
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] dla-needed: claim mysql-connector-python
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2018-1279/rabbitmq-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take passenger from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-11490/giflib fixed in experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark CVE-2019-2435 ignored in jessie
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] upstream fixes for golang-golang-x-net-dev
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] liblivemedia DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] update status
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] advancecomp fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1716-1 for ikiwiki
Brian May
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1717-1 for rdflib
Brian May
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-2659/dropbear
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process CVE-2017-7510 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2017-18009/opencv
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1951{6,7}/sysstat fixed in experimental upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] tintin++ fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 3 commits: add checkstyle to dla-needed
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1718-1 for sqlalchemy
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] new qemu issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1719-1 for libjpeg-turbo
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: Adapt parsing of MITRE master list according to new layout in html
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9857/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] release DLA-1720-1 for liblivemedia
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-14498 as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] neutron DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1721-1 for otrs2
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add back for now source package tracking and separate bug for CVE-2018-15889
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-5801 as not-affected for chromium
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed versions for chromium via unstable for serveral CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-2422/openjdk-8 fixed in unstable via 8u202-b26-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim wordpress
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update information for libssh2 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3871/pdns
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libssh2 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-3871/pdns
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim checkstyle, libmatio
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] dla-needed: update faad2 and kde4libs entries
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2018-12029 and CVE-2017-16355 for passenger fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: hdf5: mark CVE-2019-9152 unfixed (i.o undetermined)
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-8375/webkit2gtk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFU for IBM issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new qt, tcc issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new firefox issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-19872: Add upstream bug reference
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix references to advisory for CVE-2019-9788/firefox*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9754/tcc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3874/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark CVE-2019-7443 no-dsa in jessie
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] dla: take firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] firefox-esr issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] various spus
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Adjust rsync version for stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new drupal7 issue (no CVE assigned yet) associated with SA-CORE-2019-004
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add drupal7 to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for easier tracking for drupal7 issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] drupal, firefox, openjdk DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9866/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] firefox issues from mfsa2019-07 fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3878/libapache2-mod-mellon
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9866/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-3878/libapache2-mod-auth-mellon
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9893/libseccomp got assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark libsseccomp as unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add new putty issues (fixed upstream in 0.71)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1722-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: add CVEs for firefox-esr update
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Fix (now) not working references to fixing commits for putty issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add TODO item for putty and CVE-2019-989{4,5,7,8} issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 7 commits: add libssh2
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2019-989{4,5,7,8}/putty fixed with the 0.70-6 upload to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3835/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3838/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update commit ids for CVE-2019-3838
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add ghostscript to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1723-1 for cron
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9755/ntfs-3g
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry which got an update in DLA-1723-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs for IBM specific issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ntfs-3g update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9866/gitlab fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Mark CVE-2019-890{5,7}/file as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add temporary description for CVE-2019-9755/ntfs-3g
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-3838/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-8936/ntp via experimental upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9903/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2019-9903/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9903/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9755/ntfs-3g fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] LTS/python2.7, python3.4, python-urllib3 status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Use the dfsg version for ntp uploaded to experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-3830 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct association of morgan node module issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3830/ceilometer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new sqlite, tar, bash, graphviz issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: take ntfs-3g
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] [elisp] Make sure emacs doesn't highlight quoted strings by default
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Various CVEs for libmatio fixed via the unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-3877/libapache2-mod-auth-mellon
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9917/znc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for tracking for CVE-2019-9904/graphviz
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9917/znc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9923/tar
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-9937/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1724-1 for ntfs-3g
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-993{6,7}/sqlite3 fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-3830/ceilometer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-17937/gpsd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove note on maintainer update for koji
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream commit for CVE-2018-17937/gpsd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-3968/u-boot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new twig issue ("twig sandbox information disclosure")
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-17937/gpsd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2019-34{59,60}/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2019-9857/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2019-9857/linux with kernel-sec update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mod auth mellon jessie no dsa
Thijs Kinkhorst
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-9942/twig assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add putty to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove postponed tags for wireshark as update is planned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: also parse CVE's enclosed in square brackets
Thijs Kinkhorst
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-5360/tiff fixed version in stretch and onwards
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9942/twig fixed in unstable
David Prévot
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10910: Add note on fixing version for upstream version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-10743/wpa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9970/signal-desktop, itp'ed, #842943
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9960/limesurvey, itp'ed, #472802
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9947/python
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9948/python2.7
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9956/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-915{1,2}, -8397: add upstream tracker links
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9956/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-981{0,3}/firefox-esr (mfsa2019-10)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-981{0,3}/firefox (mfsa2019-09)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-981{0,3}/firefox-esr fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-981{0,3}/firefox fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark fixed version for CVE-2018-12029/passenger in stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] take firefox
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update CVE-2019-7635 with information from upstream
Felix Geyer
- [Git][security-tracker-team/security-tracker][master] 2 commits: Wrap long CVE descrptions for the vulnerability report template
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9837/ruby-doorkeeper-openid-connect fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for wireshark update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 5 commits: mark CVE-2019-9904 as no-dsa for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] firefox DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1725-1 for rsync
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 5 commits: add bash
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry for rsync which got update in DLA-1725-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0160/edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] fix rsync entry
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track update for r-cran-igraph via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take bash
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-0160/edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: claim glib2.0
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: mark glib2.0/CVE-2019-9633 as no-dsa
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] lts: precise and date poppler notes
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] lts: add myself to front-desk in 2 weeks
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: claim ghostscript
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2016-9401/bash: remove no-dsa tag for jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1726-1 for bash
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-9258 has been already fixed in DLA-1634-1
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2018-7332 has been already fixed in DLA-1634-1
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: claim libssh2
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1727-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1728-1 for openssh
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2019-6341/drupal7 assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-383{5,8}/ghostscript via experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0204/apache-mesos
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mysql-connector-net removed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] lts: fix chris' timestamp
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] follow security team with CVEs for libsolv
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2019-5747: fix typo in source package name
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] List pnp4nagios is list of removed packages
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2012-3457: Mark pnp4nagios as removed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-3879 as NFU (ovirt-engine)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-7612/logstash
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-7611/elasticsearch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-76{08,09,10}/kibana, itp'ed as #700337
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2017-9349 and CVE-2017-9344 will be fixed
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove nariadb-10.1 from dsa-needed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-8320/rubygems
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Slightly clarify target versions for rubygems patches
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove information from CVE-2018-1000061
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Fix patch URL for CVE-2019-3859.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9917/znc fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1730-1 for libssh2
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2018-5809 as not afffected for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Fetch packages files for backports suites only for $(STABLE)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lib/debian-releases.mk: Correctly remove $(OLDSTABLE) for backports
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1731-1 for linux
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] dla: take tzdata and libdatetime-timezone-perl
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10063/flatpak
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10063/flatpak as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-16395/ruby-openssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Delete two issues from DLA-1731-1
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-38{48,49,50,51,52}/moodle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10061/node-opencv
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-19856/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-832{0,1,2,3,4,5}/ruby2.5 fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10061/node-opencv
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track experimental fixed version for CVE-2019-2422/openjdk-7
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-10063/flatpak (via unstable)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-10061/node-opencv
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3847/moodle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3869 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add twig (CVE-2019-9942) to dsa-needed, and take it
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10125/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10124/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for firmware-nonfree via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for flatpak via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1732-1 for openjdk-7
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: ghostscript: document current pending status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] link upstream fix
Mattia Rizzolo
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9942,twig: Mark as no-dsa for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add ruby2.1 to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9917,znc: Jessie is not affected.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim wpa in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Remove information on CVE-2018-14038
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-7637: add link to committed fix
Felix Geyer
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-38{29,36}/gnutls28
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20815/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim ruby2.1
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0199/tomcat* with preliminary information
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: triage thunderbird 60.6 CVEs
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: take drupal7
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] fix thunderbird version for CVE-2018-18506
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1733-1 for wpa
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim proftpd-dfsg in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-7524/dovecot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-3830,ceilometer: Jessie is not affected.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add dovecot to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gnutls28 issues fixed in experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2019-9735 as not-affected for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] claim putty
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0816,cloud-init: Jessie is not affected.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim dovecot in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] gnutls uploaded to sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for dovecot update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] phamm fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-12183/edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2019-7524/dovecot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVEs have been fixed
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10255/jupyter-notebook
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-7655/mosquitto
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10255/jupyter-notebook
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2017-7655/mosquitto
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-12179/edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0161/edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list - mark CVE-2019-8321 as <not-affected> for ruby2.1
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Properly sort ruby entries per source package
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1002101/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup trailing whitespaces
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1735-1 for ruby2.1
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add and claim jruby
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10269/bwa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0222/activemq
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: claim pdns
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1736-1 for dovecot
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0212 as NFU (Apache HBase)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-12183,edk2: Mark as EOL for Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0160,CVE-2019-0161,edk2: Mark as EOL for Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add new open-vm-tools issue, #925959
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1737-1 for pdns
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] add NOTEs with links to fixes
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0222,activemq: Jessie is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0222,activemq: bug report sent
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4419-1 for twig (CVE-2019-9942)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for jruby issues CVE-2019-832{0,1,2,3,4,5}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add further Debian bug reference for CVE-2018-1000073/jruby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2019-9658/checkstyle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Demote severity for open-vm-tools issue to unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Three CVEs fixed for hdf5 in experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-10269,bwa: Jessie is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0199,tomcat8: Jessie is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim rails in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2017-7655,mosquitto: Mark as postponed for Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim gpsd in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0757,nuget: Link to upstream bug report.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Mark remaining edk2 issues for Jessie as EOL.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1738-1 for gpsd
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10269/bwa fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1002162/skopeo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-5420,rails: Jessie is not affected
Markus Koschany
- Processing 9126ab66386d45e266e4bf9e98d8d20205893f51 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Fix wrong CVE list syntax
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add initial information on CVE-2019-9946
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3884 (atomic-openshift)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3867 (NFU)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] pound fixed in experimental
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10649/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10650/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1740-1 for libav
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] new libclamunrar, clamav issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry which got update in DLA-1740-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10648/robocode
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10648/robocode
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add clamav to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-3871/pdns fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add libclamunrar to dla-needed.txt (tentatively)
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10648,robocode: Mark as EOL for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1741-1 for php5
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Claiming clamav.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] CVE-2019-3829,CVE-2019-3836,gnutls28: Jessie is not affected.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] xpdf triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-0757,nuget: Add bug reference
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1742-1 for wordpress
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Marked three CVEs as not-affected since they were introduced in 0.101.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-10672/libmysofa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10672/libmysofa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Three CVEs for clamav and libclamunrar not affecting stretch version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] clamav issues adressed via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add blog reference for clamav issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Corrected CVE entry.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10018/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Readd libav to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Add notes that checkstyle and libmatio are ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add a CVE description to the recent clamav/libclamunrar entries
Sebastian Siewior
Last message date:
Sun Mar 31 22:38:38 BST 2019
Archived on: Sun Mar 31 22:38:43 BST 2019
This archive was generated by
Pipermail 0.09 (Mailman edition).