February 2020 Archives by thread
Starting: Sat Feb 1 00:33:46 GMT 2020
Ending: Sat Feb 29 22:43:53 GMT 2020
Messages: 742
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2092-1 for qtbase-opensource-src
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2093-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] take qemu/qt
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] golang postponed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1719/wildfly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1700/ceph
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-1700/ceph as not affected for versions olde thatn 11.1.0 upstream
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2016-1000105
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-1711/qemu fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Add date and "attribution" to netty note.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for sudo update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-193{0,1}/spamassassin: Reference the upstream bugs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1487{1,2,3,4,5,6,7,8}/newlib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-{7956,7218}/nomad
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for spamassassin update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2094-1 for sudo
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] Track sudo fixes via the new upstream version in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fix for sudo via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes for CVE-2019-20387/libsolv via {stretch,buster}-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track mariadb-10.1 update via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes for mariadb-10.3 via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Update tracking information for CVE-2017-11553 /exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-14864, CVE-2017-14862 and CVE-2017-14859 for exiv2 fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2017-17669/exiv2 fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: Track fixed version for CVE-2018-19108/exiv2 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add fixed version for CVE-2019-13108/exiv2 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Marked a few CVEs as ignored for jessie following decision for stretch.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2017-11683/exiv2 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 17 commits: Update status for CVE-2018-9145/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Adjust mariadb-10.3 version via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-19344/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update tracking for CVE-2018-11037/exiv2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-19907/kopanocore
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20446/librsvg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qemu DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] remove some <postponed> entries now fixed in qemu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] number of consul issues (older issues need to be checked in more detail)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2018-11813/libjpeg9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new CVEs from gitlab advisory from 2020/01/30
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: take python-pysaml2 again
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7471/python-django
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: reclaim openjdk-7
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] reclaim opendmarc
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reverted decision that CVE-20208492 is a minor issue.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Decided that CVE-2020-8592 is important enough to fix.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2020-7219 and CVE-2020-7955 in consul
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/cliam python2.7, python3.4
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-7471/python-django
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8547/phplist
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Associate several oder NFUs for phplist with the respective itp bug
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-9764/consul
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-8336/consul
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-12291/consul
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-19653/consul
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qt5 DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-13616/libsdl2-image
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7060/php*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note that CVE-2020-7060 is adressed as well in 7.3.14
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7059/php*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2019-10782/checkstyle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8597/ppp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-5236/waitress
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-7914/intellij-idea
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8597/ppp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim python-django.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2020-7471/python-django fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add python-django to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-5235/nanopb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one more NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-9674 and mark it as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2019-13590/sox
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-84{49,50}/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12528/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8517/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-0030/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some CVEs for nextcloud-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add more CVEs for nextcloud-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync pending linux CVEs for stretch 9.12 point release
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: AddCVE-2020-1712/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-1712: Reference Red Hat bug with more information
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2095-1 for storebackup
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-1712/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update tracking of CVE-2019-18634/sudo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove one superflous '(' bracket in note for CVE-2020-1712
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug tracker reference for CVE-2020-{7219,7955}/consul
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10786 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and claim django
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Merge python-django entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] claim php5
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] backfill more EOL notes for chromium/stretch
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-054{8,9} as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry for CVE-2018-1000656 which actually got an update in DLA-1892-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove annotations from CVE-2016-2033
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-863{1,2}/cloud-init
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8124/node-url-parse
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8116/node-dot-prop
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7221 (MariaDB issue, but affects only 10.4.x)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-6174/python-tuf (itp'ed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-5208/ipmitool
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15619/nextcloud-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10784/phppgadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-5208/ipmitool
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-7919/golang-1.14
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8608/libslirp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim ruby-rack-cors
Brian May
- [Git][security-tracker-team/security-tracker][master] Remove todo item for CVE-2020-7039
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2096-1 for ruby-rack-cors
Brian May
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-864{7,8,9}/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new dogtag-pki issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add tracking for node-dot-prop update via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct pending version for CVE-2020-5202/apt-cacher-ng via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new libspring-java issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] puma fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new openjfx issue, "new" ntpd issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: claim netty
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] netty: reference duplicate package netty-3.9 (stretch,jessie)
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 3 commits: Mark netty-3.9 as removed from the archive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-19844 in python-django for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2019-20445,CVE-2019-20444,CVE-2020-7238/netty: reference patches
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-84{49,50}/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2019-16770/puma via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add tor/CVE-2020-8516
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libexif
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libxmlrpc3-java update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-8517/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] one exiv2 issue ignored
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] openjdk-8 fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track one ancient chromium-browser issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track CVE-2013-3564/vlc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] pysaml fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove tracking for CVE-2019-18928/cyrus-imapd via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new lua-cgi issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2014-2875/lua-cgi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove nss from dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2008-3793
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-1712/systemd fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2020-1768/otrs2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add otrs2 tracking for CVE-2019-11358
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add python-pysaml2 to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove note from CVE-2012-6686
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dsa-needed: take pysaml, add/take pillow
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-7981/ruby-geocoder in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2016-7954: Remove "yet" from the wording
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Update note for yara.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 10 commits: Track removals from buster via 10.3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ruby-simple-form removed from every supported suite
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] xml-security-c issue (#913136) got addressed in 9.12
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 5 commits: Add fixed version for CVE-2009-0801/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12528/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-1697 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1560{4,5,6}/nodejs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-3123/clamav
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark ruby-openssl as removed from every supported suite
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-20444
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2020-70{59,60}/php7.4
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim ipmitool in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] List all needed commits for CVE-2020-5208
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim ppp in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-19920/sa-exim via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2020-3123 pointing to upstream announcement
Scott Kitterman
- [Git][security-tracker-team/security-tracker][master] Temporarily track fix for CVE-2020-6860/libmysofa via experimental
Salvatore Bonaccorso
- No subject
grantr.prestigeltd
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-13590/sox
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2097-1 for ppp
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2098-1 for ipmitool
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] add note for tomcat8 in dla-needed
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-18806 in jessie
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-3123/clamav
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-5236/waitress
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: still ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Claim checkstyle and squid3 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] remove <postponed> for older cargo issue, this one is present in stretch 9.12 and jessie-security
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla-needed: reclaim xereces-c
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] Correct "not-affected" tag on CVE-2019-20387 (accidentally added to CVE-2019-19844).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage nodejs for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2099-1 for checkstyle
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2100-1 for libexif
Hugo Lefeuvre
- [Git][security-tracker-team/security-tracker][master] LTS/claim ntp in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18641/lxc{,-templates}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Restore faulty removed CVE identifier back
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Four squid issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new QT issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2015-9541/qtbase-opensource-src
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10782,checkstyle: Fixed in unstable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add WIP for qemu
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Assigning myself to some more work.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Remove source package annotations for CVE-2018-1709{4,5}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8089/piwigo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-1490{4,5}/ansible via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-6860/libymysofa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new edk2 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2019-14576, CVE-2019-14564 & CVE-2019-14560 in edk2 for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] koji removed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] koji now removed from all supported suites
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new firefox-esr issues from nfsa2020-06
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new thunderbird issues from mfsa2020-07
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2020-05
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take firefox-esr and thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr and thunderbird to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2013-6499 got rejected by it's assigning CNA as report bogus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove source package associations for CVE-2013-4268 and CVE-2013-4269
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2011-1596 (rejected by assigning CNA)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18210/moodle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8840/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] firefox/firefox-esr fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] two dovecot issues n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2101-1 for libemail-address-list-perl
Bastian Blank
- [Git][security-tracker-team/security-tracker][master] virglrenderer fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] More NFUs processed (all Microsoft specific CVEs)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take evince from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] openjdk-8, firefox DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track fixed version for some linux CVEs via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8945/golang-github-proglottis-gpgme
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2015-9542/libpam-radius-auth
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-8432/u-boot via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] buster/stretch triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2102-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1720/postgresql
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2020-1720/postgresql
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2013-4090/varnish
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-14553/libgd2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-14553/libgd2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-7106 and CVE-2020-7237 for cacti fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2014-5278/docker.io
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-1000237 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5061/wpa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-5062/wpa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] postgres DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8955/weechat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8955/weechat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8597/lwip
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2103-1 for debian-security-support
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] gitlab n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add information on introducing commits for CVE-2020-5310/pillow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup one orphaned temporary description for CVE
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8992/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8991/lvm2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-8991/lvm2 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed: Update note for yara.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] webkit2gtk upstream advisory WSA-2020-0002
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] Slightly re-arrange itemps and group per source package
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2014-0193/netty-3.9: add fixed version and upstream commit
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-20445/netty: reference complementary patch
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2014-0193
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/triage CVE-2014-5209/ntp
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS/remove ntp from dla-needed.txt, no open vulnerabilities
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Remove some additional spaces from notes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFU for wordpress plugin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS/triage CVE-2020-8492/python3.4,python2.7
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20454/pcre2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS/add and claim libgd2 in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for evince update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15594
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15592/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream fix for CVE-2020-8632/cloud-init
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2020-8632/cloud-init
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-18978/ruby-rack-cors
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-19343
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8945/golang-github-proglottis-gpgme
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-5061/wpa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: Add and claim cloud-init
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] LTS: Add and claim slirp
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] CVE-2020-8597/ppp fixed in experimental, track for later merge to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-705{0,1} as NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-18932/sarg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2015-9542/libpam-radius-auth
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add TODO item for CVE-2013-4448
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-5529/htmlunit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1729
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: Add and claim libpam-radius-auth
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20044/zsh
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9016/dolibarr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2104-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: take clamav and spamassassin
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] DLA-2105-1 postgresql-9.4
Christoph Berg
- [Git][security-tracker-team/security-tracker][master] mark CVE-2020-8991 for Jessie as -no-dsa
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Take salt.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Mark salt as not-affected in jessie LTS; vulnerable code added in v2014.7 (vs....
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim qtbase-opensource-src
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2015-2156/netty: precise jessie triage, link final patch
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] LTS/add and claim zsh in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] take PHP
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add new network-manager-ssh issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO item for CVE-2013-4448
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process three NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add prerequisite commit for CVE-2020-8608/libslirp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] php7.3, webkit DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] libgd2 no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Sync versions for CVE-2019-5108/linux with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8518/php-horde-data
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8518/php-horde-data
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fix for two suricata issues via experimental for later merge
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2106-1 for libgd2
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Track several CVEs fixed for crhomium via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2013-1607
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-1690 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-1742 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2107-1 for spamassassin
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2108-1 for clamav
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 4 commits: mark CVE-2019-20446 as no-dsa for jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2020-3123/clamav n/a on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: add wpa
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Two radare2 issues fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream commit for CVE-2019-19906/cyrus-sasl2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes for CVE-2009-5146
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2013-5594 for an ancient bug in Mozilla Firefox
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2013-7098/openconnect
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2013-7381
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2015-0258/collabtive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove Windows-specific CVE-2019-11049 from DSA/list and additional refs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] php7.0 DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] LTS/zsh status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS/claim systemd
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS/annotate CVE-2020-1712/systemd as not affecting jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-863{1,2}/cloud-init
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to project-zero report for CVE-2020-1712/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1740/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1739/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1738/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1737/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1736/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1735/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1734/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-202-1733/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4629-1 for python-django (CVE-2020-7471)
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Update NOT-FOR-US note for CVE-2011-2054
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2015-9543/nova
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2015-9543/nova
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: add ansible
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] LTS: claim xen in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Process CVE-2019-3699 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20477/pyyaml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2109-1 for netty
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2110-1 for netty-3.9
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: claim nodejs
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Clear annotations for CVE-2013-5581
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Noted that intel-microcode is postponed in buster and strech. The same can be done for LTS.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Revert "This old issue is updated to describe jessie too."
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12825/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-19794/golang-github-miekg-dns
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process CVE-2020-8953 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-606{1,2}/coturn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference upstream commit for CVE-2020-6062
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] postpone intel-microcode issues on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] coturn n/a on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: take jackson-databind
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: still waiting for openjdk-7 release
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: take python-reportlab
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] NFUs, unimportant ruamel.yaml and kfreebsd issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Fix announce date for DLA-2053-1
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] NFUs, vintage nvidia bug
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-15604,CVE-2019-15606/nodejs: reference commits (courtesy of RedHat)
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-15604,CVE-2019-15606/nodejs: reference 10.x commits
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: add http-parser
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2111-1 for jackson-databind
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2112-1 for python-reportlab
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add and take ppp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update note for yara in jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for CVE-2020-7219 and CVE-2020-7955 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track php7.3 fixes via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove annotation that CVE-2020-0030 is adressed for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync some Linux specific CVEs with triage in kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20479/libapache2-mod-auth-openidc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2113-1 for cloud-init
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Clear notes for CVE-2012-5236
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9272/proftpd-dfsg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9273/proftpd-dfsg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9308/libarchive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark radare2 issues as no-dsa on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-9308/libarchive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-14822/ibus as ignored on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-19648/yara as no-dsa on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 5 commits: add proftpd-dfsg
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2114-1 for linux-4.9
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2015-9542 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Drop CVE-2019-19528 from DLA-2114-1
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2019-20044/zsh
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track unstable upload for libxml2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-20044/zsh
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-15604,CVE-2019-15605,CVE-2019-15606/nodejs: EOL in Jessie
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: drop nodejs: EOL
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim proftpd-dfsg.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-8955/weechat as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2017-1000600, CVE-2018-1000773/wordpress: jessie postponed + clarification
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] pillow, pysaml DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2115-1 for proftpd-dfsg
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-9273/proftpd-dfsg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track two CVEs fixed in experimental for gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes via unstable for suricata
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8813/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8813/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9327/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-9327/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ppp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9327/sqlite3 fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] nodejs: reflect security-support-limited ->...
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] LTS: xen status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS: add and claim sqlite3
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-9327/sqlite3 as no-dsa as minor issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-7595/libxml2 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2019-20388/libxml2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-20388/libxml2 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve curl DSA
Alessandro Ghedini
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for {stretch,buster}-pu for clamav
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Move listing of CVE-2019-5436 to CVE list directly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark coturn issues as no-dsa for stretch and buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-606{1,2}/coturn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2013-3722/opensips
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1732/wildfly (itp'ed as #752018)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: triage CVE-2020-9327/sqlite3 in jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2019-15605/http-parser: jessie ignored
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: claim otrs2
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2116-1 for libpam-radius-auth
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-11358/otrs2 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new CVE-2020-638{3,4,6}/chromium (and fixed version in unstable)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-9355/network-manager-ssh assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for python-bleach issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to advisory for python-bleach issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-20388 and CVE-2020-7995 for libxml2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update python-bleach TEMP-0951907-7D0FFB (#951907) to indicate jessie/stretch not affected
Scott Kitterman
- [Git][security-tracker-team/security-tracker][master] Fix space/tab issue in last commit
Scott Kitterman
- [Git][security-tracker-team/security-tracker][master] Add notes for claimed packages
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add note for tomcat8 in dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 2 commits: add note
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Update squid3 notes
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add amd64-microcode to d{l,s}a-needed.txt
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2020-8648/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2019-18932/sarg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mongodb removed from unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9283/golang-go.crypto (kept TODO for now)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] pagure uploaded
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add note to qtbase-opensource-src (no upstream fix avaiable, yet).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim ansible
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Add fixing commit (watch out!) to CVE-2020-1734.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Revert "data/CVE/list: Add fixing commit (watch out!) to CVE-2020-1734."
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: CVE-2020-8813: add upstream fix commit URL
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim cacti (and add a note)
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark cacti/jessie as not affected by CVE-2020-8813.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1000825,freecol: Fixed in unstable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference upstream issue for CVE-2020-8813/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: claim lxc in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2117-1 for zsh
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Tomcat CVE-2020-1938
Thijs Kinkhorst
- [Git][security-tracker-team/security-tracker][master] Add commits from 9.0.x branch for CVE-2020-1938
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add information on upstream version for CVE-2020-1938
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1935/tomcat9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17569/tomcat9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2020-1938/tomcat8
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1935/tomcat8
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17569/tomcat8
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2020-1938/tomcat9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1935/tomcat7
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17569/tomcat7
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2118-1 for otrs2
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Remove name for vulnerability for CVE-2020-1938 to avoid confusions
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] netty fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8793/opensmtpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track CVE-2020-8794/opensmtpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9366/screen
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove TODO item for CVE-2020-9283
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for python-bleach issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove curl from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one TP-Link NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9369/sympa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9365/pure-ftpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-879{3,4}/opensmtpd via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-9369/sympa as not-affected for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-9369/sympa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim tomcat7 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add and claim libmtp in dla-needed.txt
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-9365/pure-ftpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for CVE-2020-1938/tomcat* versions
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add and claim screen in dla-needed.txt
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-19308/gnome-font-viewer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking bugs for CVE-2019-10072
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for a couple of tomcat9 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Associate myself for the prepared proftpd-dfsg update and DSA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Marking two CVEs as ignoed for jessie following Debian Secutity Team decision for later releases.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Marked CVE-2020-9369 as not affected for jessie as well.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14894 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-2732/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-9365 marked as not affected since the vulnerable function does not...
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-9366/screen
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-9366/screen: Mark versions prior to 4.7.0 as not-affected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-6750/glib2.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9385/zint (itp'ed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed.txt: Add missing 0 to date.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8130/rake
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8131/node-yarnpkg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15299/centreon-web
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2020-8130/rake
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add followup commits for CVE-2020-9273/proftpd-dfsg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-6802/python-bleach assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-9369/sympa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9391/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9383/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-9391/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: remove screen, jessie is not affected
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2020-1734
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-64{07,18}/chromium
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: add and claim libimobiledevice
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1731
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1745/undertow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Adding rake to dla-needed.txt. Simple to fix.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Added libspring-java to dla-needed with a note that it is not completely...
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] dla-needed: claim rake
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] dla: take python-pysaml2
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10784: add link to upstream bug
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2119-1 for python-pysaml2
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Drop cacti, not affected (see 540d025b).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] new uap-core issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add additional references for opensmtpd
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2020-5243/uap-core
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-9365/pure-ftpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference Qualys report for CVE-2020-8794/opensmtpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: lxc status update in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS: claim libspring-java in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add Debian bug tracking information for CVE-2020-5243/uap-core
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] opensmtpd DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DLA-2120-1 for rake
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] CVE-2020-539{7,8}/libspring-java, upstream references
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Track as well fixes for CVE-2020-8793
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: triage CVE-2020-5397/libspring-java for jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2020-5398
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for proftpd-dfsg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: triage CVE-2020-5398/libspring-java for jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Added lua-cgi to the dla-needed list with a note that one possibility is to declare it unsupported.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Add python-bleach to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed versions for golang-go.crypto via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9274/pure-ftpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] pure-ftpd no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-9274/pure-ftpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mojarra n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-8130/rake as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new unimportant puppet issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2015-9541/qtbase-opensource-src
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-9274/pure-ftpd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new wireshark issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Revert "Update python-bleach TEMP-0951907-7D0FFB (#951907) to indicate jessie/stretch not affected"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark CVE-2020-9308 as not affected for Jessie, Stretch and Buster
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reference mitigation commit for CVE-2017-18640/snakeyaml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-18640/snakeyaml as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2017-18640/snakeyaml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-6363/libgd2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qtbase-opensource-src fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10064/wpa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2020-1740/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream issue for CVE-2020-1739/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream issue for CVE-2020-1738/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream issue for CVE-2020-1737/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream issue for CVE-2020-1736/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream issue for CVE-2020-1735/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream issue for CVE-2020-1734/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Marked CVE-2020-6802 as not affected for jessie. The vulnerable functionality...
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Added pure-ftpd to DLA needed. A little hard to judge the severity. The...
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] CVE-2017-6363 marked as ignored for jessie following Debian Secutiry team.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Marked three vulnerabilities for wireshark as postponed.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-704{1,2,3}/openfortivpn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit references for CVE-2020-704{1,2,3}/openfortivpn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2121-1 for libimobiledevice
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] LTS: claim pure-ftpd in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry which got an update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: add and claim libusbmuxd
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] Changed python-bleach CVE from not-affected to ignored. Salvatore pointed out...
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2122-1 for libusbmuxd
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] 3 commits: Remove doubled note
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] update notes on CVE-2020-9274/pure-ftpd
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2123-1 for pure-ftpd
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add assigned CVEs for wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-706{1,2,3}/php issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Three knot-resolver issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note from upstream for CVE-2019-10064
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-10064/wpa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-5247/puma
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-5247/puma
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-6802/python-bleach as no-dsa (ignored) for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for python-bleach update (buster only)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2013-3738/zabbix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10785/dojo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2013-6825/dcmtk
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2124-1 for php5
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2125-1 for collabtive
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: issues will be fixed
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add and claim dojo
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-10785/dojo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1746/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2127-1 for dojo
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Added php5 to dla needed. Vulnerable also in php5.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2128-1 for openjdk-7
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-10785/dojo as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for dojo via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update embedded-code-copies, make-dfsg fork is needed for kbuild.
Gianfranco Costamagna
- [Git][security-tracker-team/security-tracker][master] 3 commits: no DLA for libarchive, all CVEs are no-dsa
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2130-1 for libapache2-mod-auth-openidc
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reference now current commit for CVE-2017-18640
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Trak proposed updates for rake via {stretch,buster}-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2014-6262/rrdtool
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove todo item from CVE-2014-6262
Salvatore Bonaccorso
Last message date:
Sat Feb 29 22:43:53 GMT 2020
Archived on: Sat Feb 29 22:43:57 GMT 2020
This archive was generated by
Pipermail 0.09 (Mailman edition).