May 2019 Archives by thread
Starting: Wed May 1 07:14:54 BST 2019
Ending: Fri May 31 23:23:45 BST 2019
Messages: 723
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11627/signing-party assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3805/wildfly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3894/wildfly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5429/filezilla
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim jquery
Brian May
- [Git][security-tracker-team/security-tracker][master] Reference commits for CVE-2019-10650 as needed for ImageMagick6
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-5429/filezilla
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11631/moodle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3561/hhvm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11627/signing-party fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for CVE-2019-11627
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark all Apport related entries as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-7306/byobu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] next-point-update.txt fix spacing in one entry
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove hurd-i386, kfreebsd-{i386,amd64} from architectures in sid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1753-2 for proftpd-dfsg
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20834,node-tar: no-dsa for Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim filezilla and signing-party in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1773-1 for signing-party
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Update CVE-2019-10124 information
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11636/zcash
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-116{37,38,39,40}/recutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11675/groonga
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2019-11578 in dhcpcd5 for jessie LTS; vulnerable authentication code introduced later.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Drop dhcpcd5; the two outstanding CVEs are not present in jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] jinja2 sandbox escape: no-dsa in jessie/stretch
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] dla-needed: update liblivemedia notes
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] dla-needed: remove axis entry
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] dla-needed: claim graphicsmagick
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] 3 commits: Remove uneeded reference to intent to work on CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11683/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-1136{5,6}/atftp fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3839/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1774-1 for otrs2
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10066,CVE-2019-10067,otrs2: Jessie is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim phpbb3 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim drupal7 and symfony in data/dla-needed.txt
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-8035
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-1000073/jruby via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three new CVEs for MariaDB 10.3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for mariadb-10.3 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add mariadb-10.1 entries for CVE-2019-2627 and CVE-2019-2614
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-2503 for DSA-4341-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Record kernel mitigations for CVE-2019-6133
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] CVE-2019-6133: sort entries per source package in list file
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-9500/linux as not-affected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-6133: Mark first released version in stretch as fixed version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add wpa to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference commits for CVE-2018-5743/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11037/php-imagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11036/php*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11037/php-imagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11036/php7.3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10247/jetty
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10246/jetty
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10241/jetty
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1775-1 for phpbb3
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9826,phpbb3: Link to fixing commit
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add ghostscript to dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11037,php-imagick: Jessie is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2019-10246,jetty,jetty8: Mark as unimportant for Jessie
Markus Koschany
- Processing 828f51e366f55c5acb9604821d6d95b98566b2f5 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] if it only affects the Windows version, it might be <not-affected> ...
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-10246/jetty
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2019-10247/jetty9 as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for two jetty9 issues (CVE-2019-1024{1,7})
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2016-1585,appamor: Requested more information from upstream.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add commit references for CVE-2019-11236/python-urllib3
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Re-add dhcpcd5 for jessie; code is likely vulnerable.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim dhcpcd5.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] LTS/python3.4, python2.7 status updates
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS/Claim ghostscript
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add and claim symfony
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11766/dhcpcd5
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2016-1585/apparmor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-108{7,8,9}/teeworlds fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update urgency to low for CVE-2016-1585/apparmor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new CVE-2019-11767 in phpbb3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] imagemagick triage for jessie
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-0223/qpid-proton
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: claim imagemagick
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0187,jakarta-jmeter: Mark as no-dsa for Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2016-1585,apparmor: Follow advise from the Debian maintainers.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Track fixing version for otrs2 via buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Added information on qpid-proton.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] 3 commits: Mark CVE-2019-9892/otrs2 as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19105,librecad: All Debian versions are vulnerable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-19105,librecad: Debian bug reported
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0192,lucene-solr: vulnerable code is not present
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-11578 in dhcpcd5 for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9956 and CVE-2019-10650 fixed in unstable for imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1776-1 for librecad
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add explicit reference to apparmor maintainer on CVE-2016-1585
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim some weeks in lts-frontdesk.2019.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-1000014,rebar: Debian is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Track fixes for CVE-2019-1024{1,7}/jetty9 via experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1777-1 for jquery
Brian May
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0226/apache-karaf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gitlab issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync fixed version for some CVEs for src:linux with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] org/lts-frontdesk.2019.txt: Swap weeks with permission from Thorsten.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2019-11498 as not-affected in Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10912 as not-affected in Jessie
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1778-1 for symfony
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] dla: add and claim firefox-esr
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] stretch triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] libcaca spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1779-1 for 389-ds-base
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add one more CVE fixed with the libcaca upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9215 and CVE-2019-7314 for liblivemedia fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10255 and CVE-2019-9644 in jupyter-notebook fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11690/u-boot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] u-boot no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1780-1 for firefox-esr
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for CVE-2018-1320 via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking Debian bug for CVE-2019-11690/u-boot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim qt4-x11
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Tag CVE-2018-1972/qt4-x11 as <no-dsa> for jessie, for now.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add two new chromium CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for atftp update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dhcpcd5 issues fixed in unstable (CVE-2019-1157{7,8,9} and CVE-2019-11766)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11811/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11810/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20836/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Proces some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10742/node-axios
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-970{8,9}/mahara
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10742/node-axios
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-10742/node-axios
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-384{3,4}/systemd fixed in experimental, track fixing version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark gradle no-dsa for Jessie
Brian May
- [Git][security-tracker-team/security-tracker][master] Add links with information concerning CVE-2017-1000600 in wordpress
Brian May
- [Git][security-tracker-team/security-tracker][master] 3 commits: Remove filezilla from dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] cleanup rejected moodle entry
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] pacemaker fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5432/node-mqtt-packet
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new snapd issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add reference to upstream issue for CVE-2019-7303
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-5432/node-mqtt-packet
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11815/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-5432/node-mqtt-packet fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-11675/groonga as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11458/cakephp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add source package name for tracking in CVE-2019-2054
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new drupal7 issue (#928688)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream pull request for CVE-2019-11458/cakephp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two more CVEs for chromium (CVE-2019-582{5,6})
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] drupal CVEfied
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-11458/cakephp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new postgres issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add advisory information for CVE-2019-10129 and CVE-2019-10130
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] two n/a postgres issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Adjust tracking for drupal7 issue related to Phar Stream Wrapper interceptor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NMUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1183{4,5}/cjson
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11675/groonga fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix for CVE-2019-11675/groonga proposed for stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking Debian bug reference for cjson issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove postponed tags from qemu CVEs handled in jessie update
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1781-1 for qemu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-11842/matrix-synapse
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct tracking of CVE-2019-8379/advancecomp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct tracking of CVE-2019-8383/advancecomp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-8383/advancecomp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-8379/advancecomp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2019-8383/advancecomp as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] bind, postgres DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11323/haproxy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update information on CVE-2019-11323/haproxy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triaging results. Two CVEs ignored for jessie following stretch decision.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Row security was not introduced in 9.4 so CVE-2019-10130 cannot be a problem for jessie.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Triaged advancecomp for jesise. Marking two CVEs as ignored following decision for stretch.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-1280{5,6}/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: take sox
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-11801 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4441-1 for symfony
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5018/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove one no-dsa tagged entry for stretch for CVE-2018-14773
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-11800 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo
- [Git][security-tracker-team/security-tracker][master] Process one NFU for WordPress plugin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take ghostscript from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11596/memcached fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-5018/sqlite n/a on stretch and jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1782-1 for openjdk-7
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-5018
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Add status of dhcpcd5.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11884/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-6470/isc-dhcp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: add notes related to CVE-2019-11598
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] dla-needed: update hdf5 entry
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-6470/isc-dhcp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed: update liblivemedia entry
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] dla-needed: update faad2 entry
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9847/libreoffice
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-12839/mpg123, older issue in mpg123
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-11059/u-boot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11598/imagemagick: update notes concerning patch
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11059/u-boot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-773{2,3}/liblivemedia: no-dsa in jessie
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Reference additional needed commit for CVE-2019-11598
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2015-9284/ruby-omniauth
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-12839/mpg123 as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Ignoring CVE-2019-6470 following decision for stretch.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Adding openjdk-7 to the list of packages to fix for jessie. Sounds serious enough.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] CVE-2019-773{2,3}/liblivemedia: add upstream fix
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Two u-boot issues fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-7732 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-1280{5,6}/imagemagick as no-dsa/ignored
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-1280{5,6}: no-dsa in jessie
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11597/imagemagick: add followup fix
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed: update {graphics,image}magick entries
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Adding ruby-omniauth to the list of packages to fix for jessie.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-11766 in dhcpcd5 for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] libmatio is ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] At least the jessie version is vulnerable to CVE-2018-19969 and since it is...
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ghostscript update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] update NOTE
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1783-1 for atftp
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Triage imagemagick: CVE-2017-18211,CVE-2017-18209,CVE-2017-12434
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11065/gradle: link rationale for jessie/no-dsa
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: front-desk duty for 2019-07-01->2019-07-07
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: re-add axis with proper justification as it was removed with declared confusion
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] DLA-1784-1: postgresql-9.4 9.4.22-0+deb8u1
Christoph Berg
- [Git][security-tracker-team/security-tracker][master] dla: clarifications
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: claim phpmyadmin
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add ghostscript to dsa-needed for regression test
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add launchpad bug reference
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12046/lemonldap-ng
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-2697/openjdk-7: clarification in progress
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage imagemagick for Jessie. Remove no-dsa/ignored tags for upcoming DLA
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19969/phpmyadmin: jessie ignored
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: add and claim dns-root-data
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add description and Debian bug reference for CVE-2019-12046
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: dns-root-data typo + reference
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add lemonldap-ng to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10050/suricata
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12046/lemonldap-ng fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-2697 is Oracle specific
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for regression update related to ghostscript update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove ghostscript entry for dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reassign CVE-2019-10732 to kf5-messagelib source package instead of kmail
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-10740/roundcube
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10050/suricata: Add upstream references
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10050/suricata as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1786-1 for qt4-x11
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged enties which got an update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-16860/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update CVE-2018-16860: heimdal is affected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-16860/heimdal
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: drop openjdk-7 following not-affected
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for samba update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new linux issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference merge commit for new linux issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take intel-microcode and linux from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] reference MDS advisory by Intel
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add xen to CVE lists for MDS issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] MDS vulnerabilities fixed in unstable via 4.19.37-2 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11815/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10053/suricata
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: claim samba
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Mark CVe-2018-16860/heimdal as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16860/samba fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for linux update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] drupal, lemonldap DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new rust issue (n/a)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9917,znc: Change status from not-affected to no-dsa
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] intel-microcode DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1787-1 for linux-4.9
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] dla: update notes on sox
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Track fixed version for intel-microcode in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Clear NFU entry for CVE-2018-8812.
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11833/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11328/singularity-container
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark CVE-2018-16860 as no-dsa for jessie in heimdal
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11328/singularity-container
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1788-1 for samba
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-11328
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim intel-microcode in dla-needed.txt
Henrique de Moraes Holschuh
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1789-1 for intel-microcode
Henrique de Moraes Holschuh
- [Git][security-tracker-team/security-tracker][master] cjson fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12098/heimdal
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-12098/heimdal
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug for CVE-2019-12098/heimdal
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-12098/heimdal as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2016-9840 was fixed as well in stretch via point release
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new miniupnpd issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12106/minissdpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 5 commits: follow security team with no-dsa for CVE-2019-12098 in Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] add lemonldap-ng
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim jruby, again
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19105,librecad: Fixed in unstable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] new kernel issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] maintainer provided a patch for Jessie LTS
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1790-1 for lemonldap-ng
Xavier Guimard
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-11328/singularity-container
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11085 use shorter redirect URL
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-11085
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-20821/libsass
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-20822/libsass
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add potential issue with nuget for CVE-2019-0976
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1777-2 for jquery
Brian May
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20839/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-20839/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-7191/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-11888/golang* as not-affected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20839/systemd fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three new webkit2gtk issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5883/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-8937/hoteldruid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-8937/hoteldruid as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian Bug reference for CVE-2019-8937/hoteldruid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qemu needs DSA for intel MDS bugs, too
Stefan Fritsch
- [Git][security-tracker-team/security-tracker][master] Add libvirt tracking for MDS vulnerabilities as well
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking Debian bug for libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track Debian bug for xen (XSSA 297)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-8937 as fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12086/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: add systemd
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12086,jackson-databind: Fixed in unstable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim jackson-databind in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0221 for tomcat{9,8,7}
Salvatore Bonaccorso
- Processing 48d1af2ab90f847c1df3208e92f3d15530cfc1d9 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10139 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/python-urllib3 status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11506: unmark no-dsa in jessie
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2019-1147{3,4}/graphicsmagick: add third fix
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] dla-needed: update graphicsmagick entry
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add fixed version for libvirt via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] reserve DLA-1791-1 for faad2
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10895/wireshark: add followup fix
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for 1.9.x branch for CVE-2018-1002100/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-1002101/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-1002100/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-18443/openexr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark some ffmpeg issues as fixed
Sebastian Ramacher
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1792-1 for ghostscript
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1793-1 for dhcpcd5
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-11766/dhcpcd5 as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1007{6,7,8}/jspwiki
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2019-11833/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11324/python-urllib3 does not affect jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1792-2 for cups-filters
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS/claim libspring-security-2.0-java
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim ruby-omniauth
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1794-1 for libspring-security-2.0-java
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 2 commits: add libvirt
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] add qemu
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Track poposed update for mariadb-10.1 via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] jruby not affected by CVE-2019-8320
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: dns-root-data discussion stalled, no rdeps, dropping
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1795-1 for graphicsmagick
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1796-1 for jruby
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11474: remove no-dsa in jessie
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] dla: claim systemd
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0227/axis: reference debian bug
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20839/systemd: reference regression
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1797-1 for drupal7
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-3890 as minor-issue (no-dsa) for jessie
Jonas Meurer
- [Git][security-tracker-team/security-tracker][master] Remove some no-dsa tagged entries which got an update in DLA-1796-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: jruby in jessie not affected by CVE-2019-8320
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-20839/systemd as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim tomcat7,8
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim minissdpd.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Fix for CVE-2018-19105/librecad proposed for stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] remove qemu and libvirt from the tracker, while they are needing changes
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Fix typo in note related to mc-clear passthrough for qemu + libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0201/zookeeper
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-0201/zookeeper
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-12215/matomo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1221{1,2,3,4}/freeimage
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process three NFUs for njs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new webkit issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Revert CVE-2018-12270 back to check
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add initial tracking of some new SDL issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] claim qemu
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark qemu in jessie as not affected by CVE-2019-5008.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Patch for fixing qemu/CVE-2018-15747 requires higher versions...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] LTS/claim libav
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] dla-needed: claim wireshark
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add bug for minissdpd/CVE-2019-12106.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0221/tomcat: affects debug channel
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] dla-needed: add modsecurity-crs pull requests
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] new ironic-inspector issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track mariadb issues in jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1798-1 for jackson-databind
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] mariadb, libsass fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1753-3 for proftpd-dfsg
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] sqlalchemy fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10132/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10141/ironic-inspector
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10132/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-10132/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-5421/ruby-devise
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new firefox-esr issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage firefox-esr for jessie.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Fixes for mfsa2019-14/firefox-esr adressed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5436/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5435/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-5436/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-5435/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] new thunderbird issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] ironic-inspector fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12155/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12155/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12269/enigmail
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: update note
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] libvirt fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] libsass fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12269/enigmail
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12247/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12247/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim curl in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-5435/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage zookeeper for jessie.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim zookeeper.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] modsecurity-crs unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] firefox DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-10750/hazalcast (itp'ed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10142/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ffmpeg DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update status for wpa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1799-1 for linux
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage freeimage for jessie.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-12217, CVE-2019-12219, CVE-2019-12220, CVE-2019-12221 and...
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Track fix for firefox via experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-5984/libav
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12293/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream commit for CVE-2019-12293/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12293/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1800-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12295/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new linux issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add patch reference for zk acl issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-20509
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12295/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] poppler fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for advancecomp issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10143/freefradius
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10143/freeradius
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11873/wolfssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-8901/b2evolution
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-15652/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tag information for CVE-2017-15652/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12269/enigmail EOL on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11873
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-12269/enigmail
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1801-1 for zookeeper
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] freeradius unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove one ignored status for buster for poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] allocate DSA for wpa
Yves-Alexis Perez
- [Git][security-tracker-team/security-tracker][master] dla-needed: add sysdig and claim it
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] reserve DLA-1802-1 for wireshark
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Remove libvirt from dla-needed.txt.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18375/ampache
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-10752/serendipity
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird, jackson-databind DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12312/libreswan
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-17432/hdf5: mark unfixed
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] dla-needed: update faad2, hdf5 and wireshark
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Unmark CVE-2018-20839/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Maintainer will take care of Jessie's freeimage update.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1803-1 for php5
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed: add libsdl* and claim them
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Correct source package tracking for CVE-2019-12221
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1804-1 for curl
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-11811/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-20510
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2019-10143/freeradius
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: update note for bind9
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-12886/gcc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1805-1 for minissdpd
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] libmatio is still ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] heimdal fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1806-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: drop axis following #929266
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: systemd no-dsa
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add bug reference for freeimage issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2015-8818/qemu does not affect qemu in Debian jessie, problematic commit...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Update status info on libav.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2019-12106/minissdpd as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-11802/lucene-solr for jessie LTS. No lucene-solr version in...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Triage CVE-2019-0976/nuget for jessie LTS.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark mariadb-10.0 in jessie LTS as not affected by CVE-2017-15365.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2017-15365: group source package entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-12295/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add mupdf (and claim it).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Triage CVE-2019-12216 and CVE-2019-12218 (both...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] vcftools CVEs will be taken care of
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2017-17128/libav does not affect jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reference fix for CVE-2018-11802 from the branch_6_6
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: CVE-2016-7151 not affecting capstone in jessie LTS.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2017-5984/libav does not affect jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Add miniupnpd.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-11802
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update upstream reference for CVE-2019-0976
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-9917 once more, vulnerable code is not present in jessie's znc.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] LTS/unclaim libav
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1807-1 for vcftools
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add libspring-java (with comment).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add simplesamlphp.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] claim miniupnpd
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Revert "Triage CVE-2019-9917 once more, vulnerable code is not present in jessie's znc."
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] two poppler issues fixed, one ignored
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] LTS/claim libspring-java
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2014-3578/libspring-java, issue and commit URLs
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] openjdk-8 reuploaded to unstable and three CVEs fixed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-15664/docker.io
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-15664/docker.io
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1808-1 for sox
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] qemu fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add initial source package status tracking for CVE-2019-123{78,79,80,81,82}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-12886/gcc ignored on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] octavia n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] pacemaker: Link to necessary commits for backport of security fixes.
Markus Koschany
- Processing 0b775112910e7527b844d5205ebdf59ab78a9453 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] fix syntax
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim libav
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] dla: retake poppler
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: take php5
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] mercurial fixed in tpu
Julien Cristau
- [Git][security-tracker-team/security-tracker][master] 4 commits: data/dla-needed.txt: update status of qemu.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-9721/libav as removed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-9718/libav as removed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-11338/libav as removed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12222: affects libsdl-image, not libsdl
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark libav in jessie as not affected by CVE-2019-1000016,
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] dla-needed: update regarding sdl issues
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12220: affects libsdl-image, not libsdl
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12219: affects libsdl-image, not libsdl
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-1000016/libav as removed
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-15822/libav as removed, but unresolved in jessie.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Drop simplesamlphp
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Remove unecessary unfixed entry
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tagged entries for heimdal
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add zookeeper to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-9154/jasper
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-10854 as NFU (CloudForms)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10138 as NFU (python-novajoin)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark CVE-2016-8675/libav as resolved since 6:11.9-1~deb8u1 (for...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1809-1 for libav
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Re-add libav.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] new golang-go.crypto issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] jruby fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add tags information for CVE-2019-1543 for upstream fixing versions
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-3204/golang-go.crypt: Setup from <no-dsa> to <ignored> according to NOTEs.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-11461/nautilus via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: remove modsecurity-crs entry, unimportant issues
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12217: affects libsdl-image, not libsdl
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Update status of qemu and mupdf (including upload candidate URLs).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] new buildbot issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] remove no-dsa for a number of qemu CVEs which were initially scheduled for
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] openjdk DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2017-{15189, 13764}: wheezy not-affected
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12295/wireshark: postponed in jessie
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] dla-needed: remove wireshark, no more issues
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Remove tracking for qemu via stretch-pu, the upload will happen via DSA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1810-1 for tomcat7
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12439/bubblewrap assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-7549/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9177/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9218/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add TODO note for CVE-2019-11461 with respect to src:gnome3-desktop
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3846/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two new firejail issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove wordpress for now: Patching CVE-2019-8942 makes CVE-2019-8943
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-12454/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-8029/hadoop
Henri Salo
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12456/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12450/glib2.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three new gvfs issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-9928/gst-plugins-base1.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12450
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-1244{7,8,9}/gvfs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2017-1000494 fixed in recent upload
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] qemu DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add and take golang-go.crypto
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Update severity for CVE-2019-12247/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove note for CVE-2019-12396
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-10245/doxygen
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-8457/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9732/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian tracking bug for CVE-2019-8457/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add glib2.0 and claim it.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12449/gvfs, CVE-2019-12448/gvfs, CVE-2019-12447/gvfs: jessie's version not affected.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-1543/openssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three new rkt issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-105152 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-6469/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rkt issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12447..12449/gvfs: Update justification for gvfs in jessie.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12499/firejail assigned for #929733
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-11036/php7.3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11040/php
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add prefix for reference to PHP bug
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11039/php
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11038/{php,libgd}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add PHP bug reference for CVE-2019-11038
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11038/libgd2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add sqlite3.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add libgd2.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark CVE-2019-12300/buildbot in jessie as <not-affected>.
Mike Gabriel
Last message date:
Fri May 31 23:23:45 BST 2019
Archived on: Fri May 31 23:23:48 BST 2019
This archive was generated by
Pipermail 0.09 (Mailman edition).