November 2019 Archives by thread
Starting: Fri Nov 1 08:10:28 GMT 2019
Ending: Sat Nov 30 21:09:36 GMT 2019
Messages: 727
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] mark CVE-2019-17673 as not affected for jessie
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] libofx spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add version info of webkit2gtk CVEs already fixed in buster
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] add webkit CVEs retroactively to DSA/list entry
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new jupyter-notebook issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dsa-needed: add cacti and take it
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Associate 943929 with CVE-2019-14690/adplug
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-13508/freetds
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-13508/freetds
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes for thunderbird via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-16167/sysstat fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-019-16748/wolfssl fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-6439/wolfssl fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-13508/freetds
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ncurses spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2013-0180/redis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream advisory for CVE-2017-18638/graphite-web
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct reference to upstream issue for CVE-2019-10212/undertow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2015-8559/chef: Reference upstream pull request fixing the issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove note for CVE-2016-9596 which does not belong to the CVE
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17534/vips fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2019-12417 with airflow (itp'ed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add originally reported bug for CVE-2019-11043/php7.3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] modsec-crs fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-18197/libxslt as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-15682,rdesktop: Mark as fixed in Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add proftpd-dfsg to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim openafs in dla-needed.txt. Update status of OpenJDK 7
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: Revert "CVE-2019-15682,rdesktop: Mark as fixed in Jessie"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Move tracking of fixed version for CVE-2019-15682 to D[SL]A list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-13464,modsecurity-crs: Jessie is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-17382,zabbix: Link to upstream bug report
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-17382,zabbix: Mark as no-dsa for Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add back status for CVE-2019-17382/zabbix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for CVE-2019-18197/libxslt via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-17382 for unstable, buster and stretch as well
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] claim proftpd
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add libgig to dla-needed.txt to document ongoing triaging work.
Markus Koschany
- Processing b3559643ee6fdc2a29d20acd045bf1fe28e4aee2 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] dpic now in the archive
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add notes for claimed packages
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] LTS/reclaim ampache, update notes
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2019-13989/dpic: Reference upstream issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-13989/dpic
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lz4 fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9658/checkstyle fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA 4558-1
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] dla: claim libav
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] nova spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed.txt: Add timestamp for tiki entry
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reference upstream fix for CVE-2019-14866/cpio
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18683/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3465/simplesamlphp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18684/sudo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for some chromium issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-5873 is iOS specific for src:chromium
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18680/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] modsecurity-crs spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-5881/chromium is adressed as well in 78.0.3904.87-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14824/389-ds-base
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-14824/389-ds-base
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10084 (NFU in Apache Impala)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Expand note on ibus fix uncovering glib2.0 issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark two older simplesamlphp issues as no-dsa
Thijs Kinkhorst
- [Git][security-tracker-team/security-tracker][master] Remove check item from REJECTED entries (The respective CNA has withdrawn the CVEs)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] buster/stretch triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new freerdp issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: take back thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1980-1 for wordpress
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1981-1 for cpio
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] 3 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-17177 in freerdp for jessie LTS
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Track golang-1.12 as removed and dispaered from every supported suite
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17221/phantomjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1982-1 for openafs
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] proftpd DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add note for wordpress
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2007-2841
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18786/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: claim sudo
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5068/mesa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix version for CVE-2019-9656/libofx
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add reference for mesa issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] fix simplesamlphp
Thijs Kinkhorst
- [Git][security-tracker-team/security-tracker][master] Track phpmyadmin as proposed via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs and some generic issues from current Android release
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-9466
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add information from CVE-2019-2214
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1879{7,8,9}/libsass
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] org/lts-frontdesk.2020.txt: Take one week per month (except October 2020).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reference upstream advisory for CVE-2019-3465
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track status for tiff
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-18684 as unimportant (as non-(security)-issue)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Apache CFX NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup trailing whitespaces
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs for WordPress plugins
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18804/djvulibre
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2014-3180/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1984-1 for gdal
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-5068/mesa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: remove sudo following discussion with reporter
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: claim mesa
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage gdal for jessie
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Revert "data/dla-needed.txt: Triage gdal for jessie"
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage djvulibre for jessie
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim djvulibre.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18805/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18806/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18807/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18808/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18809/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18810/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18811/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18812/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18813/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18814/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] firefox stretch update
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] djvulibre no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18397/fribidi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-18397/fribidi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for fribidi update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim ansible
Brian May
- [Git][security-tracker-team/security-tracker][master] new mistral issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new matrix synapse issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark openrpt as removed (from unstable)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new libvpx issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] blast from the past
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new mariadb issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9444/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-18835/matrix-synapse
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] matrix-synapse fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-17539/libav: jessie not-affected
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1985-1 for djvulibre
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-18810 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark libgig CVE as unfixed in unstable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12523/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-21526/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18676/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18677/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18678/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18679/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-11027 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note of 389-ds-base
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-16892/ruby-zip via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove polarssl from dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10093,tika: Mark as not-affected for Jessie
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove tika from dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1986-1 for ruby-haml
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18840/wolfssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes for linux via unstable with 5.3.9-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/ampache status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS/claim libqb
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Michael Gilbert
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-15903 as unimportant for chromium
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1987-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-18397/fribidi via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-17666/linux fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add note for libssh2-1
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE for libgig. Mark as no-dsa for Jessie.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Track fixed versions for phpmyadmin via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-18840/wolfssl fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-12922/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] squid fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla-needed: This is still ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] 2 commits: Unclaim ansible
Brian May
- [Git][security-tracker-team/security-tracker][master] reclaim packages
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18849/tnef
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: add and claim libvpx
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2019-18841 with src:chartkick.js
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new libexif issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1988-1 for ampache
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add and claim tnef
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add and claim libexif
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-12179/edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Adjust edk2 version fix which entered unstable first
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/libqb status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] additional references for jpeg-turbo and libc++
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2019-2201/libjpeg-turbo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Unclain ansible and claim libjpeg-turbo.
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18862/mailutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Start tracking source package name for CVE-2019-18853
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-2974 with newly upstream one
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18874/python-psutil
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-14553/edk2 fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] webkit2gtk upstream advisory WSA-2019-0006
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-4563-1
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-14818/dpdk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add dpdk to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync linux status with kernel sec for three CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-18874/python-psutil
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-14818/dpdk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: Add CVE-2018-12207/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Allocate DSA numbers for linux, intel-microcode and qemu (buster only)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix URL to advisory for CVE-2018-12207
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18848/ruby-json-jwt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version in unstable or linux upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync some linux CVEs with Ben's triage in kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1989-1 for linux
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] dpdk DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1990-1 for linux-4.9
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Update information for intel-microcode fixes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: List CVE-2019-11139 as well for DSA 4565-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1991-1 for libssh2
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim slurm-lnll
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Process CVE-2019-14886 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-17075
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add missing webkit2gtk CVEs from DSA-4563-1
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] Intel NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Three Ubuntu-specific Linux issues in shiftfs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-14553/edk2 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new symfony issues fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Provide more information for symfony issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: status update
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add notes and claim 389-ds-base
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] imagemagick n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14869/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-3466/postgresql-common
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/add and claim ghostscript and symfony
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2019-14371/libav: fixed through CVE-2018-11102
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18885/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9717,CVE-2019-9719,CVE-2019-9720/libav: unimportant/undetermined
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Revert broken libav commits
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] postgresql-common DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ghostscript update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-14869/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Regroup entries by the one already accepted an likely for 10.2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1992-1 for ghostscript
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Annotate CVE-2019-11325/symfony as not affecting jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Claim intel-microcode in dla-needed.txt
Henrique de Moraes Holschuh
- [Git][security-tracker-team/security-tracker][master] Reserve DSA 4565-2 for intel-microcode 20191113
Henrique de Moraes Holschuh
- [Git][security-tracker-team/security-tracker][master] Fix package versions in DSA 4565-2
Henrique de Moraes Holschuh
- [Git][security-tracker-team/security-tracker][master] Add note for intel-microcode followup (missing CFL-S/Coffe Lake Desktop) support in 3.20191112.1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18928/cyrus-imapd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix tab characters in the middle of the annotation
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] new ruby-rack-cors issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: leopton removed from unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove trailing whitespaces
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1993-1 for mesa
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2019-3466/postgresql-common: jessie not-affected
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2019-16995/postgresql: jessie actually affected, I tested the fixed version before DLA was out
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] DLA-1994-1 postgresql-common
Christoph Berg
- [Git][security-tracker-team/security-tracker][master] 2 commits: Revert "CVE-2019-16995/postgresql: jessie actually affected, I tested the...
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference blog post from the reporter for CVE-2019-3466/postgresql-common
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Situation around CVE-2017-573{1..5} was clarified with the involved CNAs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20001,CVE-2018-19130/libav: postponed, not reproducible, requested more info from finders
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-14857/libapache2-mod-auth-openidc as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-14441/libav: postponed
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9720,CVE-2019-9717/libav: unimportant
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9719/libav: undetermined
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] For now remove advance reservation of intel-microcode followup
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add intel-microcode to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19010/libmnoria
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track CVE-2019-11043 for unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Check pending updates for buster against changelog for 10.2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-18978/ruby-racks-cors
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-18848/ruby-json-jwt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-18849/tnef
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-11779/mosquitto for stretch and buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add mosquitto in dsa-needed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19129,CVE-2019-14441/libav: duplicates, upstream unresponsive, sent...
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Track proposed update for limnoria via {stretch,buster}-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-19130,CVE-2017-17127/libav: duplicates, upstream unresponsive, sent...
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reference upstream blog entry for CVE-2019-1177{8,9}/mosquitto
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] take thunderbird/symfony
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Give more detailed explanation on CVE-2019-11779/mosquitto
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for mosquitto security update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10070 (NFU)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19035/jhead
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19012/libonig
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-19035/jhead
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Annotate CVE-2019-18889/symfony as not affecting jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-12779/libqb: jessie end-of-life
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1995-1 for angular.js
Brian May
- [Git][security-tracker-team/security-tracker][master] reclaim samba
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update status of OpenJDK 7 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19043/linux (triage will be done first in kernel-sec)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync two CVEs with kernel-sec additions
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19046/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: claim libonig
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19047/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19048/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2019-14847 CVE-2019-14833 and CVE-2019-10218 as no-dsa for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Add jhead.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark mailutils in Debian as not affected by CVE-2019-18862. The...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add python-psutil.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: re-claim vino and tightvnc.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add ruby-rack-cors
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-18862/mailutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19049/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19050/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19051/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19052/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19053/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: Claim ruby-rack-cors, unclaim libexif, and add notes
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1997-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19054/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19055/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19056/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19057/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19058/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19059/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1998-1 for python-psutil
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19060/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19061/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19062/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19063/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10222/ceph fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19064/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19065/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19066/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19067/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19068/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19069/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19070/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19071/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19072/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19073/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19074/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19075/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19076/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19077/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19078/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19079/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19080/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19081/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19082/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19083/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove one now unnecessary TODO item
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18890/redmine
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference relevant change needed for CVE-2019-18890/redmine
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2019-17427/redmine
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] slurm, symfony DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] one symfony issue n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1999-1 for symfony
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS/claim php-horde-groupware, status update on php-horde-trean
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12094/php-horde add upstream commit
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2019-12094 with php-horde
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12422/shiro
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9371,CVE-2019-9325: jessie not affected
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] record upstream fix for mesa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Claim wordpress
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] LTS/change php-horde-groupware to php-horde to reflect CVE reassignment
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18934/unbound
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] redmine DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-18886/symfony
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert "CVE-2019-10222/ceph fixed via unstable upload"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process three NFUs in Apache NiFi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Change GIT_DEPTH to 1 to reduce the use of resources in salsa-ci
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-18841/chartkick.js
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-18804/djvulibre
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-2974/{mysql,mariadb}*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2019-18928/cyrus-imapd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-18928/cyrus-imapd as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-14891 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14892/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14893/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-16201/ruby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-16255/ruby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-16254/ruby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15845/ruby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for cyrus-imapd via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new glibc issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2019-19126/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10768/angular.js
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] nothing needs to be done for libapache2-mod-auth-openidc
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-6477/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2018-10842
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-6477/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-6477/bind9 as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process IBM specfic NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-16200/serveez
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-15902/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream commit for CVE-2015-1197
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-14866/cpio via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-19049/linux as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12409/lucene-solr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new otrs issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add three new CVEs for linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] chromium fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-18804/djvulibre
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: add bind9
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] mark CVE-2019-10768 as not-affected for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2009-5047 was found to be a duplicate of CVE-2009-4611
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10768/angular.js
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update classification for CVE-2019-10768/angular.js for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update commit information on CVE-2019-19126/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update affected status for CVE-2019-19126/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19126: Remove reference to the proposed patch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19126/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-181{79,80}/otrs2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: add and claim libofx
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim otrs2
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] new libarchive, onig, shib issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] three new linux issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-19191/shibboleth-sp as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19221/libarchive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15961/clamav
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: update libonig status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19035/jhead fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Refer to upstream commit for CVE-2019-19203/libonig
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2019-19204/libonig
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19203/libonig
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19204/libonig
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19227/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-508{6,7}/xcftools
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-508{6,7}/xcftools
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: reclaim pam-python and freeimage
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18622/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15593/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-13566/ros-ros-comm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-18622/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2000-1 for pam-python
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2001-1 for libofx
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed: update freeimage
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] libav: tidy updated vulnerabilities
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: update libav status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2019-18622,phpmyadmin: Mark as not affected for stable and oldstable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2019-13390 fixed in ffmpeg 7:4.2.1-1
Sebastian Ramacher
- [Git][security-tracker-team/security-tracker][master] Correct entry for CVE-2019-18622/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream references (ticket + and fixing commit) for CVE-2019-13390/ffmpeg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-15593 fixed in gitlab 12.0.8 upstream
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Replace source-package name for CVE-2019-2212
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-13566/ros-ros-comm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add link to commit for fix of CVE-2019-16255 in ruby2.5
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2019-19221 as no-dsa for jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] no point release in jessie anymore but issue will be fixed
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2002-1 for libice
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-13566/ros-ros-comm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for tracking tightvnc issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-1020001/yard as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-1020001/yard
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-11010057/nfdump as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-17206/openvswitch as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-17205 as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-17205/openvswitch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18790/asterisk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18610/asterisk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18976/asterisk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-11037/php-imagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11037/php-imagick: Reference full set of commits needed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-18635/novnc as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14898/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11745/nss
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: take clamav
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-15961/clamav as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: take xcftools
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2019-2212 for Jessie as no-dsa
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2018-2053{2,3,4}/libsolv
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2003-1 for isc-dhcp
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] mark CVE-2017-7607 as not-affected for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] dla-needed: still ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2004-1 for 389-ds-base
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] LTS/add and claim nss
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2005-1 for tnef
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add notes to the claimed packages
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] dla-needed: libvpx is ongoing
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] add note for slurm in dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] new libjackson-json-java issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] python2.7, asterisk fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 3 commits: update notes
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] phpmyadmin fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Correct ordering
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Remove buster entry for CVE-2019-18976 (s already on 16.x)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking for php7.0 and php7.3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18675/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for php-imagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14855/gnupg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference potential related commits for CVE-2019-14855
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2013-4224 got now confirmed REJECTED (as duplicate of CVE-2013-418)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19252/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19246/libonig
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19242/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14901/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: will be fixed in next upload
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2007-1 for ruby2.1
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] some chromium stragglers
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2008-1 for nss
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] new proftpd issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new n/a grub issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2018-12900 will be fixed soon
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] LTS/php-horde, php-horde-trean status updates
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] embedded-code-copies: reference php7.0 and php7.3 bugs
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla-needed: Take yard
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19244/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit references for CVE-2019-192{69,70}/proftpd-dfsg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-19271/proftpd-dfsg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-19272/proftpd-dfsg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19206/dolibarr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-16195/centreon-web (itp'ed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Replace occurences of NFU for Centreon web UI with the ITP entry
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track assigned CVE for CVE-2019-14842/libnbd (#942215)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track two new freeipa issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2019-14867/freeipa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2019-10195/freeipa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2009-1 for tiff
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: the time for an upload has come
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2012-1 for libvpx
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-14824/389-ds-base
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-14869/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track source package for CVE-2019-17402/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and claim haproxy
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Mark jessie and stretch as not affected by latest haproxy vulnerability
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] new python3-typed-ast issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] old openslp dupe got rejected
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove doubled NOTE
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new jetty issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Recent haproxy vulnerability is CVE-2019-19330
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] new rabbitmq issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11287/rabbitmq-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-11291/rabbitmq-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10220/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two new CVEs for centreon-web, itp'ed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19308/gnome-font-viewer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-1927{4,5}/python3-typed-ast
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: these will be fixed
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18660/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1490{4,5}/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new gitlab issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2019-19262
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4577-1 for haproxy (CVE-2019-19330)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1931{8,9}/linux for futher tracking via kernel-sec first
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Change older kannel ID to n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] veyon [libvncclient bundled]: Add Veyon to CVEs reported against src:pkg...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] italc [libvncclient bundled]: Mark iTALC as fixed (by putting the fixed...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add epoch to version string for italc versions
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage libvncserver related issues hidden in bundled libvncserver of the vino...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] recent triage on vino: add "<unfixed>" after the pkg name.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add fixed version for unstable for CVE-2019-10220/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] libvpx DSA
Moritz Muehlenhoff
- Processing 2dc608e52ba7e91340b6074f52c7b9e37678e75e failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] one gitlab CVE ID also in gitlab-workhorse
Moritz Muehlenhoff
- Processing f4a6ebef469e5ee5afa03636664a63830b12000f failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] fix libvpx entry
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] fix version
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18276/bash
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove todo for CVE-2019-18276/bash
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/add and claim bash
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2019-18276
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-18276/bash as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-19221/libarchive as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-0219 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-15681, CVE-2018-7225, CVE-2014-6053: add bug number for issues found in src:pkg vino
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2014-1 for vino
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17007/nss
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2019-15681 for later merge
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-18874/python-psutil
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking for gitaly for CVE-2019-19260
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking of gitlab fixes via experimental for later merge
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: libvncserver triaging: add ssvnc to CVE-2018-{20020, 20021, 20022, 20024}.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add ssvnc and claim it.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/CVE/list: Mark asterisk/jessie as not affected by CVE-2019-18976.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: add nss and claim it.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add gnome-font-viewer (with comment, requires waiting for an upstream fix)
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add gnome-sushi (same issue as in gnome-font-viewer)
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: mark CVE-2019-14855 as ignored for gnupg{,2}/jessie.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add libjackson-json-java
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add proftpd-dfsg
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for ssvnc issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/CVE/list: Mark sqlite3/jessie as not affected by CVE-2019-19244.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] dla-needed: take
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: drop sqlite3 again. Nothing to do for jessie.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Drop extra 'x' from libjackson-json-java entry.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim gnome-sushi and gnome-font-viewer.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] two mcrouter issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2015-1 for nss
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2016-1 for ssvnc
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] qemu fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] GPG no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update status for CVE-2019-19058/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/Mark CVE-2019-18276/bash as no-dsa
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Remove information on CVE-2019-17110
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1937{7,8}/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/remove bash from dla-needed.txt, no open vulnerabilities
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-19059/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-19072/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for stretch and older for CVE-2019-19077/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-19082/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Snip broken subject when I added CVE-2019-17007 to tracker
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-13566/ros-ros-comm as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix up CVE-2019-0053, reported by polynomialspace on IRC, thanks!
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-0053: Add src:netkit-telnet
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2019-0053
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-14855/gnupg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-0053/inetutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19462/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19451/dia
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-19451/dia as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19451/dia
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add original reference for issues leading to CVE-2019-0053
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12827: Vulnerable code is not in jessie
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] proftpd CVEs introduced with the OpenSSL 1.1 support in 1.3.5c do not affect jessie or stretch
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] CVE-2019-1020001 was introduced in yard 0.9.6
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] dla-needed: take jhead
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add information on introducing commit for CVE-2019-1927{1,2}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-7525 and CVE-2017-15095 are also in libjackson-json-java
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add information on introducing commit for CVE-2019-19270
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add information on introducing commit for CVE-2019-1020001
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-1698-2 for file
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2017-1 for asterisk
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] 2 commits: Move the libjackson-json-java CVE-2017-7525 note to the correct CVE
Adrian Bunk
Last message date:
Sat Nov 30 21:09:36 GMT 2019
Archived on: Sat Nov 30 21:09:40 GMT 2019
This archive was generated by
Pipermail 0.09 (Mailman edition).