December 2020 Archives by thread
Starting: Tue Dec 1 04:14:57 GMT 2020
Ending: Thu Dec 31 20:58:31 GMT 2020
Messages: 762
- [Git][security-tracker-team/security-tracker][master] Update CVE-2020-15257 and CVE-2020-15157 info
Shengjing Zhu
- [Git][security-tracker-team/security-tracker][master] Fix fixed version of CVE-2020-15157 in docker.io
Shengjing Zhu
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27218/jetty9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-25667 also n/a for sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2475-1 for pdfresurrect
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim brotli, update notes
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] glibc fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry which got an update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-28916/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-27218/jetty9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new xorg-server issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add temporary descriptions for xorg-server issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-29394/dlt-daemon
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-29394/dlt-daemon
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-29394/dlt-daemon
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-25659/python-cryptography as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] brotli DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2476-1 for brotli
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26970/thunderbird
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27816/NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note to check for CVE-2020-27819
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 10 commits: CVE-2008-7002/php5: add missing status
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2477-1 for jupyter-notebook
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2478-1 for posgresql-9.6
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Fix package name
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tags for issues fixed in DLA-2478-1
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] lts: take xorg-server
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2020-14360 and CVE-2020-25712
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add patch refs for CVE-2020-16846 CVE-2020-17490 CVE-2020-25592
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Mark older php entry als removed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for postgresql-11 via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] mongodb: stretch triage
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Move note down in listing
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-27766/imagemagick: reference fix, stretch triage
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-27766
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference partial mitigation for CVE-2020-14145
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track information for CVE-2020-27752 according to discussion in upstream issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track (ancient) software-properties issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-2910/r-cran-readxl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: add thunderbird
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Mark golang-github-dgrijalva-jwt-go not-affected in buster and stretch
Brian May
- [Git][security-tracker-team/security-tracker][master] 3 commits: add openjpeg2
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] dla: take thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27818/pngcheck
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27786/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add libxstream-java as DSA candidate
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-26970/thunderbird fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-27818/pngcheck
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17527/tomcat*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Shuffle several non-candidates for 10.7 to the end
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for several for spice-vdagent
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27820/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27821/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-28588/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-28588
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-29534/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25265/libappimage
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-29562/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark one poppler issue as ignored
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 5 commits: sectracker.parsers: unconditionally import intern
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2479-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-28916/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2020-27616/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-28916/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: CVE-2020-25723: Add upstream tag information
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-27818/pngcheck as no-dsa for buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-7774/node-y18n
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-29562/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-19668 as no-dsa for stretch
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] node-y18n fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2480-1 for salt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2481-1 for openldap
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] remove libsixel, ref: 6d85937
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] xen, xorg-server DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2483-1 for debian-security-support
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] fixup previous commit
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] Track proposed update fornode-y18n via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-29565/horizon
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] webcit removed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark rust-failure as removed from the archive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-14355/spice-gtk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-27818/pngcheck
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-506{3,4}/opencv via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 23 commits: Track linux issues fixed in 10.7
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-27776
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-26237/highlight.js
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14198/bitcoin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-26237/highlight.js fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-12695/minidlna
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-28348/nomad
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-28926/minidlna
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark minidlna issues as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27822/wildfly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new roun chromium CVEs (fixed in 87.0.4280.88)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert "Mark rust-failure as removed from the archive"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2483-1 for linux-4.19
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Revert "Mark minidlna issues as no-dsa"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add minidlna to dsa-needed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-29573/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two consul issues via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream pull request to adress CVE-2019-10221/dogtag-pki
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-10221/dogtag-pki via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add slurm-llnl to dsa-needed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-17521
Henri Salo
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-17521
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for opensc issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 6 commits: mark CVE-2020-27818 as no-dsa for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: add tomcat8
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Take tomcat8
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] take slurm, minidlna
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add php-pear to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1750{8,9}/trafficserver
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add trafficserver to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim golang-golang-x-net-dev
Brian May
- [Git][security-tracker-team/security-tracker][master] dla: add note
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] lts: update notes
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add note for lemonldap
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim spip
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Triage (postpone) three issues in Imagemagic, similar to CVE-2020-19667.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] libssh2 fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: claim imagemagick
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] imagemagick: more stretch triage + clarifications
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] CVE-2019-13115: Reference commit at it landed in the repository
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-29562/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13945
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8554/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for mysql-8.0 update via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] minidlna, ATS DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27828/jasper
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27830/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-29600/awstats
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-29600: Add reference to upstream commit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track new moodle issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new rust-miow, rust-memmap, rust-net2, rust-image issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage awstats for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] new gitlab issues (blog posting lists more, but w/o CVE IDs so far, will trickle in via CVE feed)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] "new" node-stringstream issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new golang-github-hashicorp-go-slug issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new audacity issue, NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage sqlite3 for stretch LTS (CVE-2019-20218).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] remove CVE-2019-20218 from DLA list
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] LTS: claim sqlite3 in dla-needed.txt (regression was reported against update I prepared previously)
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1971/openssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for openssl update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-image issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-memmap issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-net2 issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-miow issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking Debian bug for CVE-2020-29565/horizon
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-29529/golang-github-hashicorp-go-slug
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-11867/audacity
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-29565: Add reference to upstream commit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2485-1 for golang-golang-x-net-dev
Brian May
- [Git][security-tracker-team/security-tracker][master] CVE-2020-1971: Mark fixed in unstable via openssl 1.1.1i-1
Tianon Gravi
- [Git][security-tracker-team/security-tracker][master] Track fixed version via new upstream version for CVE-2020-27195 and CVE-2020-28348 (nomad)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17530 (Apache Struts 2)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27824/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8284/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8285/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8286/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Several qemu issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qemu: Reference some final commits relenvant for four CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new aptdaemon issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new gdk-pixbuf issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Assign awstats to Sylvain Beucler on request.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 4 commits: Triage CVE-2020-11867 in audacity for stretcn LTS (Minor issue).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Take openssl
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add note for openssl1.0
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2486-1 for xorg-server
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] mruby fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] lts: take openssl1.0
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] LTS: take curl in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] k8s fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-29600/awstats: fix appears still incomplete
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add upstream commit in 2.1.2 release for CVE-2020-15866/mruby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27350/apt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27351/python-apt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: Add apt/python-apt and note that maintainer prepared updates
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for apt update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for python-apt update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take {python-}apt + coordination
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2487-1 for apt
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2488-1 for python-apt
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-28086/password-store
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-29661/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-29660/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-0444/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-0465/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-0466/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-0465: Correct fixing version for sid upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27067/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27068/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-29651/python-py
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add todo item for CVE-2020-3702
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-29599/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add python-apt for regression fix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25627/moodle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27826
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27832
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27835/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1752{8,9} as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26257/matrix-synapse
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16600/mupdf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU, concludes external check
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-28241/libmaxminddb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2020-16600 in mupdf for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] lts: take openssl at Utkarsh's request
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2340-2 for sqlite3
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2020-27350: Mark fixed in unstable via apt 2.1.13
Tianon Gravi
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-27351/python-apt via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add LP references for CVE-2020-2735{0,1}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-26257/matrix-synapse fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-29668/sympa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new binutils issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Consider CVE-2019-20218 fixed with 3.16.2-5+deb9u3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16589/openexr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16588/openexr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16587/openexr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2489-1 for minidlna
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2490-1 for x11vnc
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Remove webcit from dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Follow up on webcit security issues in Stretch.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Cleanup CVEs which were withdrawn by its CNA (checked)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35132/phpldapadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage sympa for stretch LTS (CVE-2020-29668).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add a missing "h" to an https:// URL for CVE-2020-16587 [openexr]
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2020-16587 in openexr for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-29529/golang-github-hashicorp-go-slug
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-2894{8,9}/php-pear
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Correctly assign sympa to beuc.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Consider CVE-2018-1311 as fixed with the Red Hat patch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8284/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8285/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8286/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-28086/password-store
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-28935/unbound
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-29385/gdk-pixbuf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Splitup incomplete fix for CVE-2020-29600 to CVE-2020-35176
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-29254/tikiwiki
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] wireshark: Add CVE-2020-2641{8,9} and CVE-2020-26420
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26421/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27825/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Processing NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new tensorflow issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17515/airflow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track more NFUs specific to Contiki
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-35176/awstats
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track more Contiki specific CVE assignments
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-27831/Quay
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-25265/libappimage
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-29599: Reference sequence of commits in ImageMagick6 repository
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-11867: reference pull request
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: update status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-29599
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-2936{1,2,3}/p11-kit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two CVEs for airflow (itp'ed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-29385/gdk-pixbuf fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage p11-kit for stretch LTS (CVE-2020-29361,...
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Take p11-kit
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Track upstream commits for CVE-2020-2936{1,2,3}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2491-1 for openexr
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] lxml DSA, add second issue to CVE/list, found when backporting changes
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] zoneminder fixed in sid, and unimportant in general
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] wireshark fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] associate various JerryScript NFUs with iotjs, marked as <unfixed> initially
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] podofo bugnum
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Adjust upstream tag for lxml issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lxml issue: second referenced commit is only in 4.6.2 upstream and 4.6.2-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-7349 fixed in 1.34.0 upstream and included in 1.34.6-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status of ansible and pacemaker in dla-needed.txt.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27838 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and claim xerces-c
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add trailing separator for consistency
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2492-1 for openssl
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2493-1 for openssl1.0
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2494-1 for linux
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-17521/groovy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Adjust commits for CVE-2020-27776 according to report back from upstream
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-89{19,20}/gerrit (itp'ed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-20171/gpac via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark slurm-llnl as removed (was renamed to slurm-wlm and now removed from archive in unstable)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] tinymce removed from unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] edk2 fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-17521,groovy: Fixed in unstable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] LTS: triage lxml
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2020-25707 rejected as duplicate of CVE-2020-28916
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27834/zabbix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27844/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Declared CVE-2016-11086 as minor issue since the problem is exploitable if...
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7788/node-ini
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7793/node-ua-parser-js
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Some more information for ruby-doorkeeper.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2020-13649/iotjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add sympa for re-evaluation
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] libxstream-java DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new xen issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] xen DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] log4net, http-parser bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] lts: take openjdk-8
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] reclaim spice-vdagent
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Track fixed version for xen via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] reclaim slirp
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] claim influxdb
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2020-55
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add firefox issues from mfsa2020-54
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2020-56
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] node-ua-parser-js fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] android NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35457/glib2.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] pixel advisory, potential linux, aom issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] restore IBM NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2016-11086
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 5 commits: LTS: mark xen CVEs as EOL
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] dla: claim flac
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Replace some old code hosting references to new location
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox for mfsa2020-54 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr from issues in mfsa2020-55
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-29663/icinga2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27841/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27842/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27843/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27845/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Investigation information for pluxml. Questioning that this is vulnerabilities to fix.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-29562/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-29573/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add flac commit refs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] asked for rejection of CVE-2020-0487
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] firefox DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] LTS: triage CVE-2020-29663/icinga2 as <not-affected> for stretch
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 2 commits: Unclaim p11-kit
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] dla: claim p11-kit
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Update tracking for lxml issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2018-1077{3,4,5}/bibutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2496-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Update fixed docker.io version for CVE-2020-15257
Shengjing Zhu
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-12881/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-19318/linux (sync with kernel-sec)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update CVE-2019-9245/linux tracking for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Ignore CVE-2019-9453 and CVE-2020-0067 for linux in stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-16120/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-27830/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream pull request for CVE-2019-1010017
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-1695/resteasy3.0 (fixed in unstable)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Tagged two CVEs as unimportant for pluxml after asking for advice on how it...
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Track fixed version for some CVEs via linux upload to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35381/golang-github-buger-jsonparser
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4814-1 for CVE-2018-1311
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove postponed marking for CVE-2018-1311
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for thunderbird update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2497-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] reserve DLA-2498-1 for xerces-c
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2499-1 for sympa
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: awstats: update status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Update tracking of CVE-2020-27821/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-27821/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35380/golang-github-tidwall-gjson
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26259/libxstream-java
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26258/libxstream-java
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-35380/golang-github-tidwall-gjson
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-26258/libxstream-java
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-26259/libxstream-java
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries for sympa which will get an update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add lxml for regression update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: triage libxstream-java
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS: update notes for opendmarc
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Track mediawiki issues fixed with an unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add mw short descriptions, two issues n/a for buster/stretch
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new golang-go.crypto, golang, ceph issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] mediawiki DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] libsass triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2020-27781/ceph
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2020-29509
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35545/spotweb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-3549{0,1} information
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: triage mediawiki
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2467-2 for lxml
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-25032/python-flask-cors
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-25693/cimg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-28052/bouncycastle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-28052/bouncycastle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-26258,CVE-2020-26259,libxstream-java: Fixed in unstable.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2500-1 for curl
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 3 commits: LTS: triage {CVE-2020-35490,CVE-2020-35491}/jackson-databind as <no-dsa>
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Take lxml for regression update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for lxml regression update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for php-pear update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream tags for several upstream commits for ndpi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for several ndpi issues via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-14387/rsync
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14394/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35497 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-7788/node-ini
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-35545/spotweb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-35545/spotweb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Clarify todo for CVE-2020-35132
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-7788/node-ini via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2020-7788/node-ini as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-24972/kleopatra (fixed in unstable)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-29657/iotjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-14163/iotjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-1362{2,3}/iotjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2020-14394/qemu as <postponed> for stretch
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35573/postsrsd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correctly associate tag to commit actually
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2501-1 for influxdb
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim opendmarc
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add note for spip
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Track fixed version for http-parser via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-20019/libmatio as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-20790
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-12272
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-0499/flac
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2019-1010176
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2019-1010176/iotjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-1141{8,9}/iotjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-1000636/iotjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-35545/spotweb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Two more iotjs issues fixed in unstable with 1.0+715-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit CVE-2020-24344
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2013-1841 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2013-7488 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-1753/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-1753/ansible via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-1736/ansible as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2020-14365/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-14365/ansible via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2020-14332/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-14332/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to 2.9.y fix for CVE-2020-14330/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2020-14330/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2016-7151/capstone
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: update note for slirp
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim shiro, update notes
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2020-16093/lemonldap as no-dsa for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] LTS: stretch triage
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] dla: claim postsrsd
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2502-1 for postsrsd
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Several chromium bugs fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for postsrsd via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim node-ini.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] libslirp fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new rauc issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Fix some double whitespaces
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-4797-2
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] Add a script to merge two CVE files
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10886 Clarify why we kept the CVE
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2503-1 for node-ini
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Sync open-iscsi issues with information from upstream list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUsProcess NFUsProcess NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26422/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26263/tlslite-ng
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-17526/airflow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-0499/flac
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2020-35475/mediawiki as <not-affected> for stretch
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Update date for DSA 4797-2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27837/gdm3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-27837: Reference commit in 3.38 branch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2412-2 for openjdk-8
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35606/webmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-8609 fixed in slirp/sid
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] new kitty issue, NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Two minidlna issues fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26284
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take sympa from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Drop note from CVE which was rejected as duplicate (of CVE-2019-5021)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: CVE-2020-15005/mediawiki will be fixed
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Link upstream announcemnt and release notes for CVE-2020-17510/shiro
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-35605/kitty via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream tag for CVE-2020-35605
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lts: take tzdata and libdatetime-timezone-perl
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2505-1 for spip
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] reserve DLA-2506-1 for awstats
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] imagemagick: precisions
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: imagemagick status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-27837/gdm3 as no-dsa for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] add project zero reference
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-29661: Add project-zero reference as well
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-26880
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35136/dolibarr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add horizon to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add minidlna for regression update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for sympa update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for CVE-2020-13987, CVE-2020-13988 and CVE-2020-17437
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Wrap one note
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-28935/unbound
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-356{79,80}/opensmtpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark three open-iscsi issues as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2020-35679/opensmtpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add inital tracking of some odoo issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track three NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-24455/tpm2-tss
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35708/phplist
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35702/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-35702/poppler
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add kitty to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] take horizon
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new rust-arc-swap issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new jupyter-server issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-28168/node-axios
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference question to upstream for vague CVE-2020-35270
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two new NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-20933
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark intel-microcode as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] three packages switched stb code copies to packaged version
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add upsream issue reference for rust-ac-swap issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-8597/ppp via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35450/gobby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-35450 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-{13987, 13988, 17437}/open-iscsi as no-dsa for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-35450/gobby as no-dsa for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2488-2 for python-apt
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] kitty DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] influxdb fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mbedtls: CVE-2020-16150 and CVE-2020-10932 fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for slirp via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35728/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35448/binutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35678/python-autobahn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-35678/python-autobahn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for python-apt regression update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update upstream references for CVE-2018-12886
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Ignore CVE-2018-12886 for bullseye
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to documentation update for CVE-2018-20587
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-15847/gcc-8
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version back when in unstable for CVE-2019-15847/gcc-7
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-35381/golang-github-buger-jsonparser as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-35381/golang-github-buger-jsonparser
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-35450/gobby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference possible fix for CVE-2020-6098/freediameter
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update two sqlite3 related CVEs marking those as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gobby fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] horizon DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2507-1 for libxstream-java
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Take a look at libhibernate3-java
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35730/roundcube
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2020-35730
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add roundcube to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take roundcube from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35738/wavpack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lts: add notes
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Triage Odoo issues
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-27748/xdg-utils as no-dsa (postponed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-15237
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2508-1 for roundcube
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-26422/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for roundcube update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-35738/wavpack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-29362,CVE-2020-29363/p11-kit: reference introductory commits
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-35728/jackson-databind as no-dsa for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] opensmtpd fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-25592: Reference raw patch to adress issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove annotation for CVE-2020-15311 (was duplicate of CVE-2008-4080 and got rejected)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track several CVEs for zammad (itp'ed, #841355)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35652/asterisk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35506/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35505/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35504/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35503/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35492/cairo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35769/webmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35766/opendkim
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-27821/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] note mp3gain fixes
Stefan Fritsch
- [Git][security-tracker-team/security-tracker][master] Add influxdb to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Split up commits for CVE-2020-35492/cairo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-29599/imagemagick: Debian versions impacted by different vectors
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2020-29599/imagemagick: precision
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2509-1 for tzdata
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2510-1 for libdatetime-timezone-perl
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-35492/cairo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-28935/nsd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-202-28935/nsd as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2020-28935/nsd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lts: take ceph
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-35738 as fixed in wavpack 5.3.0-2
Sebastian Ramacher
- [Git][security-tracker-team/security-tracker][master] Reference upstream fix for CVE-2020-35738/wavpack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Note about reel.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Track fix for rust-net2 via unstable (RUSTSEC-2020-0078)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2020-28935/nsd as no-dsa for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-35738/wavpack as no-dsa for buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35849/mantis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26247/ruby-nokogiri
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Did some work on wireshark to check the status of the known vulnerabilities in...
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-26237 postponed until today as it is fixed everywhere
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 3 commits: wireshark: Remove some notes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-27815 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11947/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-11947 via DSA-4665-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35493/binutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35494/binutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35495/binutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35499/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35681/python-django-channels
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Updates on new wireshark CVEs
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] 2 commits: Take salt from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-35499/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: Sync release date for DLA-2507-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-16747/matrixssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12953/dropbear
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-12658/gssproxy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15523/csync2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: postgresql-12 removed from unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Adjust source package name for CVE-2020-0478/aom
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-828{4,5,6}/curl fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] rust-miow issue fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-35921/rust-miow was assigned for RUSTSEC-2020-0080
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-35919/rust-net2 assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-35916/rust-image assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-3591{0,1,2,3,4}/rust-lock-api assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove entry about RUSTSEC-2020-0077
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Replace dropbear repository reference with working URL
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs in rust crates
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35922/rust-mio
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track CVE-2020-2579{7,9} issues for limesurvey (itp'ed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-25638,libhibernate3-java: Add fixing commit
Markus Koschany
Last message date:
Thu Dec 31 20:58:31 GMT 2020
Archived on: Thu Dec 31 20:58:34 GMT 2020
This archive was generated by
Pipermail 0.09 (Mailman edition).