August 2020 Archives by thread
Starting: Sat Aug 1 06:09:50 BST 2020
Ending: Mon Aug 31 23:59:27 BST 2020
Messages: 790
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-16094 as no-dsa. Move zabbix, lib-phpmailer to dla-needed
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add Debian bug referenc for CVE-2020-15953/libetpan
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-6829 and CVE-2020-12400 for nss
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-12401/nss
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Replace aliased reference to bugzilla with bugid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 36 commits: Track removal of janus from buster in 10.5
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-4739-1
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] Track af fix for mailutils issue which got included additionally in 10.5
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-10744/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream pull request for CVE-2020-1736/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-1736/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-14344/libx11 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for CVE-2020-15954
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add proposed pull request for CVE-2020-14332/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14332/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2304-1 for libpam-radius-auth
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2305-1 for transmission
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Take ruby-zip
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2306-1 for libphp-phpmailer
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim xrdp
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Readd net-snmp for regression update
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2307-1 for ruby-zip
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] LTS: Unclaim samba, update notes
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2308-1 for libopenmpt
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Take pillow
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Track fix for CVE-2020-15569/milkytracker via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take evolution-data-server
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] dla: Add note to libx11 that the emacs crashes might be related to the CVE fix
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] dla: take libx11
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add notes for libx11
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-14344/libx11 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference regression fix for CVE-2020-14344/libx11
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2309-1 for evolution-data-server
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2310-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] LTS: claim sqlite3 in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] NFUs, concludes external check
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2008-4392/djbdns
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2311-1 for zabbix
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Sync release date for DSA-4739-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-12522
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15133/ruby-faye-websocket
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15134/ruby-faye
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15133/ruby-faye-websocket
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15134/ruby-faye
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-15586/golang-1.14 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15395/libmediainfo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16269/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-15586/golang-1.15 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take net-snmp update prepared by maintainer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17638/jetty9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes for gupnp
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] secmaster.py: update security-master hostname
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Revert "secmaster.py: update security-master hostname"
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2312-1 for libx11
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] bts-update: don't print number of tags changed
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16131/tikiwiki
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take gupnp
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim net-snmp.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2313-1 for net-snmp
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2020-10232/sleuthkit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2016-10228/glibc via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ffmpeg fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-12695 as no-dsa for buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-15011/mailman as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-12108/mailman as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2020-15503/libraw
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20505/sqlite3 does not affect stretch
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20506/sqlite3 in jessie was fixed along in DLA-1613-1 (same upstream...
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Correct retrospectively addition of additional CVE for DLA 1613-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-10775 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-12656/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update fixed version for CVE-2019-18808
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update fixed version for CVE-2019-19054
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ppp n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-13692 is fixed in libpgjava 42.2.12-2
Christoph Berg
- [Git][security-tracker-team/security-tracker][master] libssh no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Android NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] more NFUs from pixel advisory
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-0255
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 5 commits: sectracker.diagnostics: use isstring for py3 compatibility
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] report-vuln: uses python2 still, make this clear
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one more NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17353/lilypond
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] .gitlab-ci.yml: Add python3 and python3-apt as preparation to move
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for golang-github-unknwon-cae issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add lilypond to dsa-needed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16253/ruby-pghero, itp'ed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16192/limesurvey
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13819 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] json-c DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] bin/contact-maintainers: don't redefine get_maintainers
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2314-1 for clamav
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: take inetutils
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15709/software-properties
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Properly sort suites entry top down
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove older entry as the fix was actually not complete and got fixed with DLA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: bin/report-vuln: split imports
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-13921 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-202-1748/wildfly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-15708/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10718/wildfly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] test_parsers.py: compare using isinstance
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 6 commits: update-nvd: convert values to a list
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: update-db: switch to Python 3
Emilio Pozuelo Monfort
- Processing 80a2e2a24dd219347aa531cef24f075e53d76fbf failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] check-syntax: switch to Python 3
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] security_db: don't encode debsecan data
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add temporary description for CVE-2019-14560/edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-14560/edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for gupnp via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2315-1 for gupnp
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1736{7,8}/firejail
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] .gitlab-ci.yml: Drop installation of python{,-apt}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add firejail to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark golang-github-unknwon-cae as removed from unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for firejail update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Temporarily track openexr fixes via experimental for CVE-2020-1530{4,5,6}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14353/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16845/go
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9490/apache2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11984/apache2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11993/apache2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11985/apache2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15138/node-prismjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15907/mahara
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commits for apache2 issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track unstable fixes for apache2 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Correct a typo in compare-nvd-cve
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15138/node-prismjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9479 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take apache2 and wpa
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-15708/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-11538/pillow as not-affected for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2316-1 for ruby-kramdown
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim qemu
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2317-1 for pillow
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-10378/pillow as not-affected for jessie
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Strip no-dsa entry which will recieve an update
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Track fixes for chromium via experimental (for later merge)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2318-1 for wpa
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2319-1 for xrdp
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Process some gitlab related CVEs from Aug 5, 2020 advisory
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-17402/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-13732 EOL, Add note in dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Associate two JetBrains Kotlin CVEs with src:kotlin (itp'ed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-16845/golang-1.14 fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-16845/golang-1.15 fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking item for CVE-2020-16248
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: update
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-15705 with (hopefully enough) detailed clarification
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lts: update note in firefox ESR 78
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-16845/golang-1.11 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: credit ongoing work for imagemagick
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: claim sane-backends
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-6070 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-14001: Add reference to GHSA advisory
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ruby-kramdown update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17478/libcrypt-perl-perl (itp'ed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15647/firefox
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15648/firefox
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16145/roundcube
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add roundcube to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-16145/roundcube: Add reference to 1.2.12 commit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-16145/roundcube
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process CVE-2020-1710 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] sane-backends: link upstream patches
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2321-1 for firmware-nonfree
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] web_support: fix memory leak with Python 3
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: tracker_service: use with statement
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-16145/roundcube via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2322-1 for roundcube
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS: update status of CVE-2019-19603/sqlite3
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2020-16092/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11976 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track some fixes for CVEs for gitlab (was uploaded source wise to unstable)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for roundcube update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix typo in product name
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17380/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new batch of chromium issues (fixed in 84.0.4147.125)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17487/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference Debian bug for CVE-2018-5392
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new dovecot issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add dovecot to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2020-12674
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2020-12673
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add patch series for CVE-2020-12100
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] sane-backends: stretch already mitigated
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for dovecot update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-232{3,4}-1 for linux-4.19 and linux-latest-4.19
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17495/python-django-celery-results
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17489/gnome-shell
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-17495
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for dovecot issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix fo CVE-2020-14001 moved to unstable via 2.3.0 based version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync several gitlab issues with advisory from May 27, 2020
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-13277/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add DEbian bug reference for CVE-2020-17489/gnome-shell
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17497/iwd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16266/mantis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: add and take dovecot
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-17489/gnome-shell
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add some new Jenkins and Jenkins Plugins CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-17639 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14354/c-ares
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14356/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 7 commits: show-debsecan: port to Python 3
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: update-nvd: don't chdir
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: secmaster.py: move to bin/
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2325-1 for openjdk-8
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add two new postgresql issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-14349
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2278-2 for squid3
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed.txt: Update status of imagemagick
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17538/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17448/telegram-desktop
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17446/asyncpg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-16843 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16310/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16309/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16308/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16307/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16306/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16305/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16304/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16303/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16302/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16301/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16300/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16299/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16298/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16297/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16296/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16295/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16294/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16293/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16292/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16291/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16290/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16289/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16288/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16287/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for dovecot issues via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] openjdk-8 issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17498/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for postgresql-11 via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: update sane-backends status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: take postgresql
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add missing imports
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8689/iwd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-13272/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-2433{0,1,2}/trousers
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-13817 as not affecting ntpsec source wise
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Drop notes from CVE-2020-14353
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-14352 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: claim ghostscript
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Two tcc issues fixed with unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-0255 as REJECTED (confirmed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process new NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Add asyncpg.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add eclipse-wtp (and add upstream fix to data/CVE/list).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add f2fs-tools.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add firefail
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add gnome-shell (and claim it).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Take asyncpg
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark icinga2/stretch as not affected by CVE-2020-14004.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for net-snmp update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add guacamole-client and internally announce its EOL for...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add htmlunit
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: blessed are those who know the order of letters in the alphabet...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Attribute my comments with my nickname.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add jetty9
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim jupyter-notebook
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add and claim libvncserver (as maintainer)
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove TODO item for source package not anymore present in supported suites
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add libetpan
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add libjackson-json-java (and add PR reference for CVE-2019-10172)
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add ndpi
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add tomcat7
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] dla: take 2
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] dla: take libjackson-json-java
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-17448/telegram-desktop as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-17507/qtbase-opensource-src
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: data/CVE/list: wireshark/stretch not affected by CVE-2020-17499
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: re-order packages
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add software-properties
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add qt4-x11 and qtbase-opensource-src.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add openexr
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add netty and netty-3.9
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2326-1 for htmlunit
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] CVE-2017-17742 is also in JRuby, and not yet fixed in unstable
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2327-1 for lucene-solr
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2328-1 for dovecot
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2019-15845 is not in JRuby
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] CVE-2020-15953 needs fixes from two upstream pull requests
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2329-1 for libetpan
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2330-1 for jruby
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2331-1 for posgresql-9.6
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage ruby-kaminari for stretch LTS (CVE-2020-11082)
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage ruby-json-jwt for stretch LTS (CVE-2019-18848)
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim ruby-kaminari.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage ruby-doorkeeper for stretch LTS (CVE-2020-10187)
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage ruby-rack-cors for stretch LTS (CVE-2019-18978)
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Take ruby-*
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Unclaim apache2 for the moment & add notes
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] LTS: update status of sqlite3
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] ghostscript: add upstream version, distinguish CVEs in common patch
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2332-1 for sane-backends
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] LTS: Update status of CVE-2019-19645/sqlite3 for stretch
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2333-1 for imagemagick
Markus Koschany
- Processing 150174dbc2efc09a92a505d5b51880d9e66bf310 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] CVE-2019-13305,imagemagick: Fixed in 8:6.9.7.4+dfsg-11+deb9u8
Markus Koschany
- Processing 66a90d93e3c781b25d725f9f4c3f56e80a05f5c1 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Fix DLA/list entry for imagemagick. Whitespace was missing.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa entries for upcoming imagemagick release.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] LTS: Update status of CVE-2020-9327/sqlite3 for stretch
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS: Update status of CVE-2020-13631/sqlite3 for stretch
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] dla: take 3
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage golang-go.crypto for stretch LTS (CVE-2019-11840, CVE-2019-11841).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-16845, CVE-2020-15586 and CVE-2020-7919 in golang-1.7 and...
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 3 commits: claim firejail
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2020-16299/ghostscript: reference missing commit
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage ruby-actionpack-page-caching for stretch LTS (CVE-2020-8159).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2020-7919: Correct reference to stretch [LTS] (!).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage golang-golang-x-net-dev for stretch LTS (CVE-2019-9512, CVE-2019-9514).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Update investigation for CVE-2020-11082 in ruby-kaminari.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage ruby-websocket-extensions for stretch LTS (CVE-2020-7663).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2334-1 for ruby-websocket-extensions
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] fix typo in DLA-2331-1 package name
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add notes describing the fix for ruby-kaminari
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Take ruby-kaminari
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] CVE-2020-16304,CVE-2020-16309/ghostscript: reference PoC/vector limitation
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2335-1 for ghostscript
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: claim software-properties
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] new snmptt issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new etcd issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new routinator issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] etcd bugnums
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] qt, gs fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new bind9, shiro, etcd, nss, tinymce issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new fossil issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new lua issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] lts: postgresql-9.6 was already announced
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage lua5.3 for stretch LTS (CVE-2020-24371).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage shiro for stretch LTS (CVE-2020-13933).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] fix CVE-2020-8624 URL, add debian BR
Martin Zobel-Helas
- [Git][security-tracker-team/security-tracker][master] new qemu, tinymce, netxcloud-desktop, chromium, edk2 issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new nim, dolibarr, ros-actionlib issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new wolfssl, curl issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new lua, icingaweb2 issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] bugs for curl, icingaweb2
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-24394/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-24394/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-24394: Canoninalize URL used in kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Switch some http://git.ghostscript.com URLS
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2020-22720
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2020-17447
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2020-16186 (withdrawn by its CNA)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Move tracking from CVE-2019-13305 to DSA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix typo in source package name: nextcloud-desktop
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for CVE-2020-15900
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add information for CVE-2020-14367
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-12403/nss fixed in unstable with 3.55 upstream version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional forum reference for fossil issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-24368/icingaweb2 fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2020-24368/icingaweb2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream pull reference for CVE-2020-10289/ros-actionlib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-24585/wolfssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2020-12457/wolfssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add pull request reference for CVE-2020-8231
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-10289/ros-actionlib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed versions fixed in unstable for openexr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-15138/node-prosmjs via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2018-8043
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference commit for CVE-2020-15890/luajit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version of CVE-2018-6353/electrum
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2020-15473 as not affected for stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for CVE-2020-10289/ros-actionlib via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark CVE-2019-12499 and CVE-2019-12589 as not-affected for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 5 commits: Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-15954/kmail-account-wizard
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-15709/software-properties as no-dsa for buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15709/software-properties
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-8621
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-8620/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2020-8620
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2020-8621
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2020-8622
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2020-8623
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commits for CVE-2020-8624
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: data/dla-needed.txt: Triage ros-actionlib for stretch LTS (CVE-2020-10289).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage chrony for stretch LTS (CVE-2020-14367).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2336-1 for firejail
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: remove no-dsa and postponed tags that are fixed in latest python2.7 upload
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Remove CVE-2019-10160 from listing for DLA-2337-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark golang-x-text as removed from unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa, proftpd-dfsg memory leak issue from 2019. Upload is pending.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2339-1 for software-properties
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] proftpd-dfsg, memory leaks fixed in 1.3.5e+r1.3.5b-4+deb9u1
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2020-15954/kdepim-runtime fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-13776
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference second commit for CVE-2020-13776/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-13776/systemd fixed in unstable via 246-2 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-24352/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-11048/php7.4 as fixed with last unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7068/php for tracking
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information including minimal backport for CVE-2020-14367/chrony
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: update issues which are to be fixed in stretch
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2340-1 for sqlite3
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS: claim tomcat7
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: triage tomcat7 CVEs in stretch; none affect libservlet3.0-java, which is...
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2020-12430/libvirt fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2020-14339/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-14339/libvirt via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage php7.0 for stretch LTS (CVE-2020-7068).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim php7.0.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage mongodb for stretch LTS (CVE-2020-7923).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Track CVE fixes for sid upload of src:linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-19448/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2020-14314/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-19816 in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-19813/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-19039
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync information for CVE-2019-19036 with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2019-19813
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2019-19039
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2019-19816
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2019-19036
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add icingaweb2 to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Replace git.php.net HTTP URLs with HTTPS URLs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference bugs.php.net URLs with HTTPS transport
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] icingaweb2 DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-11880/kmail via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Replace nonworking https://cgit.kde.org referenes with github commits
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track CVE fixes for adns issues in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-13124/sabnzbdplus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7711/golang-github-russellhaering-goxmldsig
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15811/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15810/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13941/lucene-solr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-7711
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: ATI VGA emulation introduced in...
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add another squid issue (SQUID-2020:9)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add squid to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15811/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for SQUID-2020:9/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15810/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add apache2 to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for CVE-2019-0193 via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix for CVE-2020-15503/libraw moved to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2341-1 for inetutils
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2342-1 for libjackson-json-java
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Correct data/DLA/list due to syntax error in the changelog
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2020-24361/snmptt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] curl fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: drop notes about CVE-2020-4046
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14364/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove one spurious whitespace in temporary description
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: claim chrony, mongodb
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14364/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2020-14364
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark CVE-2020-24352 as unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Drop some trailing whitespaces
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] tracker_service.py: Source: more: Link to vendor information via HTTPS
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2020-11061/bareos
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2020-4042
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference upstream commit for CVE-2020-11061/bareos
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-4042/bareos
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track CVE-2020-11061 as well for bacula
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Three squid issues fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Replace Debian bug reference for CVE-2020-11061/bareos
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-4042/bareos rather as ignored than no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-11061/bareos as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2020-11061/bacula status with bareos
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add ghostscript to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bind9 to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-14367/chrony as non-issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-24606/squid assigned for SQUID-2020:9 issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: remove chrony from dla-needed.txt, no remaining open issues
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS: claim icingaweb2
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-16117/evolution-data-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2343-1 for icingaweb2
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS: claim netty, netty-3.9
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark nim CVEs as no-dsa
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2344-1 for mongodb
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 3 commits: Track fixes for CVE-2020-8622 in older branch for backports
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-14369 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take bind9 from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take nginx from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2020-8619/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-8619/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-24613/wolfssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-15103/freerdp2 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-14330/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] References changes for fossil symlink issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add p0 reference for one apache issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14347/xorg-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert "LTS: update issues which are to be fixed in stretch"
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Slightly reword explanation for CVE-2020-7238 not-affected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-24614/fossil assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-17353
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: add snmptt
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-17497/iwd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-17497/iwd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-19665/qemu: use canonical URL + bluetooth subsystem removed
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-13253/qemu: reference reproducer
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2020-15469/qemu: update patch status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: take libx11 for a regression update
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-14347/xorg-server as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2338-2 for proftpd-dfsg
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] ghostscript DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2020-8184
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-8184/ruby-rack as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-24240/bison
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tag information for CVE-2020-24240
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Assign severity for CVE-2020-24240/bison
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14363/libx11
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new xorg-xserver issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-15941/lemonldap-ng as not-affected for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Revert "Mark CVE-2019-15941/lemonldap-ng as not-affected for stretch"
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference upstream advisory for CVE-2020-14363
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17376/nova
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dsa-needed: Add note that yadd prepared debdiff for review
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-24242/nasm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-2424{1,2}/nasm were already fixed in 2.15.04-1 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Use HTTPs for repo.or.cz git repository references
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] nasm: Active git repository moved to GitHub
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14363/libx11
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2020-36
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new firefox-esr issues from mfsa2020-37
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2345-1 for php7.0
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-14028/wordpress: no-dsa->postponed
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2017-1000600/wordpress: update stretch status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2020-13132 and CVE-2020-13131 as not-affected in Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for firefox-esr update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2020-15475 as not-affected for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for nginx update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-5238/ruby-commonmarker fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-521{6,7}/ruby-secure-headers fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-17376/nova as no-dsa for buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-17376/nova
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take squid from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-24661/geary
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-24616/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2346-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2020-17376/nova fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for squid update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2020-24241 and CVE-2020-24242 for as no-dsa for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for bind9 update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and take xorg-server from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2020-24616 as no-dsa for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take xorg-server from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14338/wildfly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-14371 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process three NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Pick new lts frontdesk slot
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add new thunderbird issues from mfsa2020-40
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track darktable embedding photoswipe
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference bug in Debian BTS for issue related to CVE-2020-14356
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for npm via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed fixes for asterisk via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new rust-rgb issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add upstream issue reference for rust-rgb issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/CVE/list: Go over open CVEs for libvncserver (stretch+buster) and tag...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] take thunderbird
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2019-20840
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark several libvncserver issues as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark gnome-shell/stretch and gnome-shell/buster as not affected by CVE-2020-17489.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Drop gnome-shell, nothing to be done (see prev commit).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19499/grafana
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert "data/dla-needed.txt: Drop gnome-shell, nothing to be done (see prev commit)."
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 3 commits: data/dla-needed.txt: Add various php-horde-* components and claim them.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] dla: take thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Sync note for CVE-2020-17489
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove two no-dsa tagged entries which will be contained in update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-rgb for tracking (given no CVE assigned)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for mupdf update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-11984 and add uwsgi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2348-1 for php-horde-core
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2349-1 for php-horde
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2020-25016/rust-rgb assigned for RUSTSEC-2020-0029 issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-11984/apache2 as not-affected and add uwsgi
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Regroup entries by source packages
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird, lilypond, openexr DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry for CVE-2020-14347
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take apache2 from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark CVE-2020-5818 as fixed by php-horde-data 2.1.5-1 (uploaded in 07/2020).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2350-1 for php-horde-kronolith
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2351-1 for php-horde-kronolith
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2352-1 for php-horde-gollem
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Typo fix in pkg name.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add note for gnome-shell.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add notes for CVE-2019-12095/php-horde-trean.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2353-1 for bacula
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2354-1 for ndpi
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2355-1 for bind9
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Ola claims ceph.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Revert the idea of EOL'ing freerdp. The Ubuntu security...
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2356-1 for freerdp
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: re-add freerdp and claim it, more issues to look at in more depth
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark freerdp/stretch as not affected by CVE-2020-15103.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Restore severity asssignment and mark source as removed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-769{4,5}/uvicorn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct source package name for python-uvicorn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream issue for CVE-2020-7695/python-uvicorn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional upstream reference for the original report upstream
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-7695/python-uvicorn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2357-1 for ros-actionlib
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-7694/python-uvicorn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-12066,teeworlds: Fixed in unstable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2020-769{4,5}/python-uvicorn as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2020-24661 as no-dsa for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] openexr: The #873885 CVEs were fixed in 2.2.1-4 (2.2.1-1 in experimental)
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] openexr 2.5.3 fixes CVE-2018-18443 and CVE-2018-18444
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] openexr: The complete #873885 upstream fixes were actually later
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2358-1 for openexr
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] CVE-2020-14340,jboss-xnio: Stretch is not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim samba.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] CVE-2020-14340,jboss-xnio: Link to fixing commits
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim jetty9 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim lucene-solr in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2020-14340,jboss-xnio: Correct link description
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add notes for apache2
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-14347 has been fixed in latest upload to stretch-security
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Update status of squid3 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Readd imagemagick to dla-needed.txt for the upcoming update.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add notes for ruby-* packages
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-14380 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8244/node-bl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8244/node-bl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/CVE/list: Mark CVE-2019-12094/php-horde as ignored for all releases of Debian.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: re-claim guacamole-client
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] refpolicy n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-13941,lucene-solr: Mark as ignored for Stretch and Buster.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] lts: retake firefox-esr, update notes on ESR 78 progress
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for CVE-2020-11061/bacula via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-8244/node-bl as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update hashbang for remaining python2 scripts
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2360-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] gen-DSA: require DEBFULLNAME env variable
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for apache2 update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] asyncpg is uploaded, announcement is left
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] xorg-server issues fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-8244/node-bl fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for CVE-2020-8244/node-bl via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for CVE-2020-14367/chrony via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25032/python-flask-cors
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25031/checkinstall
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13828/dolibarr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13655/collabtive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Clarify slirm comment in dla-needed.txt
Brian May
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-8244/node-bl as no-dsa for Stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add note for qemu
Utkarsh Gupta
Last message date:
Mon Aug 31 23:59:27 BST 2020
Archived on: Mon Aug 31 23:59:30 BST 2020
This archive was generated by
Pipermail 0.09 (Mailman edition).