July 2020 Archives by thread
Starting: Wed Jul 1 05:25:04 BST 2020
Ending: Fri Jul 31 22:54:30 BST 2020
Messages: 751
- [Git][security-tracker-team/security-tracker][master] Track new firefox{,-esr} issues from mfsa2020-24 and mfsa2020-25
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15395/libmediainfo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Claim tomcat8 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-8663 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-1260{3,4,5} as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14058
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14059
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15049
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dla-needed
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] dla: take firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] - "new" dnsmasq issue (CVE is for Red Hat, but they essentially found the same...
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2269-1 for wordpress
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2270-1 for jackson-databind
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2271-1 for coturn
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] tzdata/libdatetime-timezone-perl will get a pu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Track Debian bug for CVE-2020-8185/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-8185/rails is fixed in experimental
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] CVE-2020-XXXX for wordpress's comment leak is fixed by 4.1.31+dfsg-0+deb8u1
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] dla: shift python update
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: update rails status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Claim qemu and ruby-rack
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Sort suites top-down in entry
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-202-8185: Add back bug report reference
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert "CVE-2020-XXXX for wordpress's comment leak is fixed by 4.1.31+dfsg-0+deb8u1"
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] new pdns-recursor issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference patch for 6.1.25 for sympa issue (CVE-2020-10936)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Drop xen for Stretch LTS
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Drop squirrelmail for Stretch LTS
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add notes for cacti
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] squid fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add notes for tomcat8 and shiro
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] one additional firefox n/a issue (MFSAs are released now)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-15395 as no-dsa for Jessie
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] firefox DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add upstream commit information on CVE-2020-14422
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-14422/python3.8
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Michael Gilbert
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-20892
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15469/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1539{6,7}/hylafax
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] python no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new ndpi issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new samba issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new guacamole-client issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] hylafax no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new cakephp issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for samba issues via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track ldb as well under CVE-2020-10730
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] docker, imagemagick DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track some update for cacti via buster-pu sync up status in CVE list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUsProcess some NFUsProcess some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15503/libraw
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs (concludes external check)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-10730/ldb: add upstream commit
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add openjpeg2 to dla-needed
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Claim openjpeg2
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add samba to dla-needed
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Fix typo
Henri Salo
- [Git][security-tracker-team/security-tracker][master] LTS: claim samba in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Remove perl from dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] add various bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] libyang fixed in experimental
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track fixes for qemu via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track experimental fix for CVE-2020-13645/glib-networking
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-11958/re2c via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for nvidia-graphics-drivers via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14040/golang-x-text
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry for ruby2.5 which will be included in DSA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2020-26
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] one teeworlds issue is a dupe
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage ldb for LTS
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] kopano n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for {golang-,}golang-x-text issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-7663/ruby-websocket-extensions
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] chromium regression
Michael Gilbert
- [Git][security-tracker-team/security-tracker][master] dla: take glib-networking
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Remove postponed tags for php7.0 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take care of releasing php updates prepared by maintainer (just in time)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for php7.0 update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-7065/php7.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 11 commits: add-dsa-needed: Only list packages for stable for dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dsa-needed: Remove needing packages which were only for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] support-ended.py: Add scheduled EOL for stretch in LTS
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix source package name for CVE-2020-8014
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track new packages wich are now removed from everywhere
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] glib-networking fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-10730/ldb as n/a for stretch
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15466/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-15007 asn unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] yui3 was removed from unstable and everywhere
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new roundcube issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-13990/libquartz2-java
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] wireshark postponed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track proposed update for mariadb-10.1 via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mariadb-10.3 fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark mariadb-10.1 as no-dsa (will be fixed in point release)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] fix linux-4.9 entries
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: rails: update status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: drop apache2, only affects jessie / < 2.4.24
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2020-15562/roundcube assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: add package updates planned by security team before the oldstable->LTS switch
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: claim net-snmp
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add extra note for CVE-2019-20892
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark mariadb-10.3 as no-dsa for buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] jpeg issue already fixed a few years ago
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs, requested rejection of duped teeworlds CVE ID
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track src:linux update for stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for question on CVE-2020-13817/ntpsec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] claim opendmarc
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15569/milkytracker
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove two postponed tags for php7.3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for php7.3 update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take nss
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-13990/libquartz-java
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim roundcube
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2272-1 for jessie-lts
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Two unimportant lynis issues fixed on source level in 3.0.0-1 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14314/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] DLA.template: normalize dist name
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] python n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage fwupd for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim fwupd.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage roundcube for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-12284 in ffmpeg in stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage ffmpeg for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage ceph for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-12675, CVE-2020-12691, CVE-2020-12690 and CVE-2020-12689 for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] first batch of new xen issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla-needed: remove roundcube
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] more xen issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14928/evolution-data-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Bump version including the fix for CVE-2019-16275/wpa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-13645/glib-networking as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13645/glib-networking for tracking buster-pu upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take ffmpeg
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Remove double package separator in list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Cleanup further release selectors not needed anymore
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ffmpeg updates
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-14196/pdns-recursor via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for mariadb-10.3 via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-11503: Updated fixed version
Paul Gevers
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4720-1 for roundcube
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] markdown issues, NFU
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new veyon issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-17566/batik
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-20892/net-snmp: reference breaking commit range
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: drop net-snmp
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: claim nginx
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] gitlab n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: Add a note on the point release update for nginx
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] dla: forgot to state who made the comment
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] storebackup fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] xen fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 3 commits: dla-needed.txt: Update note for ffmpeg in stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage milkytracker for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add note for milkytracker
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage puma for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Add missing preposition.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage in CVE-2020-14019 in python-rtslib-fb for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2273-1 for shiro
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: DLA.template: add security-tracker link
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage mupdf for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ruby2.5 prepared by maintainer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take milkytracker
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10160/python3.4: affected via DLA-1835-1
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add source package tracking for python3.4 and mark as removed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14983/crispy-doom
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10160/python3.4: actually not-affected, clarify comments
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Correct source package name for CVE-2020-5238/python-cmarkgfm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for veyon issue (#964568)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-13696/xawtv
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-4044/xrdp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-4044/xrdp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ffmpeg DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add and take nss to dsa-needed.txt
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] file-roller spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track CVE fixes for linux via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8558/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Juniper NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track CVE-202-1507{2,3}/phplist
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage libopenmpt for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage atril for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-11736/file-roller will be fixed via ospu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage transmission for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage mailman for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage json-c for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add notes on json-c for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage cimg for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2274-1 for fwupd
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark fwupd as no-dsa (will be fixed via point release)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take atril
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Track fixes for fwupd via {stretch,buster}-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2020-15503 in libraw for stretch LTS (thumbnailing code added later)
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim gosa.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] dla-needed: Add notes for stretch-pu packages
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry, got at same time a DLA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: rails: clarify pu status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2019-9740/python*: reference regression fix
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] jackson-databind: Several CVE are fixed in unstable now.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for storebackup via {stretch,buster}-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for jackson-databind via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: update rails status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2020-10672,jackson-databind is also fixed in unstable.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track jackson-databind update via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14315/bsdiff
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15095/npm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15095/npm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Adjust status for CVE-2020-15503/libraw
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15503/libraw
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2020-11935/aufs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-8163/rails: regression fix accepted
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Drop gosa; it has a pending stretch update in #958850. Thanks, Adrian!
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage golang-github-seccomp-libseccomp-golang for...
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage ruby-zip for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage salt for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-4046 in wordpress for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage wordpress for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage poppler for stretch LTS (CVE-2018-21009, etc.)
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage libjpeg-turbo for stretch LTS (CVE-2020-14152, etc.)
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add note for qemu
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] dla: take golang-github-seccomp-libseccomp-golang and libjpeg-turbo
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track proposed update for file-roller via stretch-pu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2275-1 for ruby-rack
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Claim mailman
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Tag atril issues as no-dsa for stretch, fixed via stretch-pu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-4046
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2276-1 for mailman
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] libslirp fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] webkit2gtk upstream advisory WSA-2020-0006
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14315/bsdiff
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15569/milkytracker
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] stable triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] npm fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for batik via {stretch,buster}-pu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] lts: claim librsvg
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Strip no-dsa entries which will recieve an update
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2277-1 for openjpeg2
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] dla: take poppler
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Claim libopenmpt and transmission
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2278-1 for squid3
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Readd squid3 to dla-needed.txt for CVE-2020-15049
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] LTS: claim mercurial in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] "new" firefox issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Adjust upstream reference for CVE-2020-12412
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream comit reference for CVE-2019-16396
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2019-16395
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-1639{5,6}/gnucobol fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2013-0337/nginx: clarify status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2020-11724/nginx: reference original patch + tests
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2019-8325, CVE-2019-8324, CVE-2019-8323 etc. in jruby for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2018-1285 in log4net for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-10378 in stretch LTS; vulnerable code not present
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage pillow for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage jupyter-notebook for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Add note re. jupyter-notebook.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage http-parser for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Correct ordering
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2020-11724/nginx: ngx_lua new smuggling regression tests fail in nginx/stretch
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Correct ordering of suites in CVE-2019-8320 listing
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert "Triage CVE-2019-8325, CVE-2019-8324, CVE-2019-8323 etc. in jruby for stretch LTS."
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Adjust commit references for CVE-2020-10378/pillow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-10379: Add reference to pull request with fixes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take libpam-radius-auth as issued a DLA from jessie
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] 2 commits: ksh93 removed from unstable (superceded by revert of src:ksh to ksh93)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add libpam-radius-auth via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] transmission spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2020-4054/ruby-sanitize
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] unsupported_packages.py: Update LTS version to 8.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage ksh for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage sqlite3 for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] LTS: update condor notes
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-14040/golang-golang-x-text
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2279-1 for tomcat8
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Track intellij-community-idea for now as undetermined
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove unbound from dla-needed.txt
Brian May
- [Git][security-tracker-team/security-tracker][master] Remove http-parser from dla-needed.txt
Brian May
- [Git][security-tracker-team/security-tracker][master] Remove listing of file in next-oldstable-point-update.txt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove busybox from next-oldstable-point-update.txt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove pdfresurrect listing, will not happen anymore
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add DSA entry for xen update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup xen entries after DSA 4723-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track two experimental fixes for gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14326/resteasy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-13645/glib-networking to be fixed via ospu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2020-11724/nginx: reference BTS
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Capitalize "stretch" for DLA.template
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Revert "Capitalize "stretch" for DLA.template"
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] reclaim curl
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2019-20446/librsvg to be fixed via buster-pu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: update status (nginx, python3.5, rails)
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: ongoing work for imagemagick
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] mark cpp-httplib as NFU, chromium bundles it, but not treated as security issue there
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] crawl fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new (unimportant) tor issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update fixed version for CVE-2020-15572 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Drop amd64-microcode update from next-oldstable-point-update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track final relevant version for CVE-2020-12049/dbus via {stretch,buster}-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-14868/ksh as no-dsa for buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20907/python
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-4724-1
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] Track proposed update for ksh via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-14928/e-d-s will actually get a DSA/DLA
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] nginx fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update Quake family of game engines
Simon McVittie
- [Git][security-tracker-team/security-tracker][master] claim mupdf
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2018-1000038 as not-affected for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] new tomcat issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] embedded-code-copies: Indent via tabs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Adjust one oss-security reference for CVE-2020-13935/tomcat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit references for CVE-2020-1393{4,5}/tomcat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1384{5,6,7}/singularity-container
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for singularity-container issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] older XFS issue unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15720/dogtag-pki
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1313{1,2}/yubico-piv-tool
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new ansible, google-oauth-client-java, golang issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2280-1 for python3.5
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10160/python3.5: both introduced and fixed in DLA-2280-1
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: update status as stretch point release isn't delayed
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add golang packages present in oldstable as <removed>
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new issues in golang-github-unknwon-cae (sic!), Go...
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track upstream fixes for CVE-2019-20907/python
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] golang-github-containers-buildah fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new k8s issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new snapd issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new Java issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new vbox issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new openjfx issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] k8s fixed in sid, add another k8s issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new bareos issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-15586: Add golang-1.15 source package
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-14039: Add golang-1.15 as well to source package listing
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream references for CVE-2020-14330/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-17566/batik via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] e-d-s DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2020-4054/ruby-sanitize
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync date with release
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15780/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20908/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8203/node-lodash
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8178/node-jison-lex
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new openldap issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-13351/jackd2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] chef was removed from unstable, update CVE-2015-8559
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add bug references for CVE-2020-15719/openldap
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2281-1 for evolution-data-server
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2019-20907: Add python3.9 source package as fix in not contained in initial upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add golang-github-containernetworking-plugins for CVE-2019-9946
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Several pillow issues fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Upate fixing information for older CVE-2016-3076/pillow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new linux issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] XSA 329 doesn't affect oldstable/stable
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new eclipse-wtp issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] one pillow issue unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add qemu to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference RedHat/CentOS patch for CVE-2020-15719
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add mysql-5.7 issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Oracle CPU references to identify those batched in cpujul2020
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14576/mysql-5.7
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-15719/openldap as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] remove mariadb entries for now and wait for upstream assessment which apply to mariadb
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new ansible, edk2 issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new node-ajv issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] bug for openldap
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Restore CVE list for DLA-2247-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] openjdk-14 fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] xen, tomcat9 DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove one no-dsa tagged entry for libopenmpt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take ruby-sanitize from DSA needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-13934/tomcat9 fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed versio nfor CVE-2020-13935/tomcat9 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2020-15719/openldap
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] One veyon issue (#964568, no CVE) fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-15389/openjpeg2 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15389/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2020-10781/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15803/zabbix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-15807
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one more NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15108/glpi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track various CVEs in Apache Airflow (itp'ed, airflow, #819700)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new net-snmp issue, #965166
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2020-10773/linux with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2019-18814/linux with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18814/linux for pending via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 6 commits: Track removal of libperlspeak-perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new clamav issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Adjust source package name for CVE-2020-8178/node-jison
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-8178/node-jison
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8177/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8169/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8203/node-lodash
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14001/ruby-kramdown
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15117/synergy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14001/ruby-kramdown
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7693/node-socks
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-8203/node-lodash
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: update notes
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Update note for rails for buster-security
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-8203/node-lodash as no-dsa for buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qemu, libopenmpt DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for ruby-sanitize
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for redis update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] weboob was removed from everywhere in the archive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] libperlspeak-perl removed from everywhere in the archive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes for qemu
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] lts: add notes
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] NFUs, python n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new mpv issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim samba
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2282-1 for rails
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2283-1 for nginx
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for mpv issue (without CVE)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-20907/python3.8 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for clamav via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add python2.7
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2020-15852/linux assigned (XSA 329)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15121/radare2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2284-1 for ksh
Brian May
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-13754 as no-dsa/intrusive
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15103/freerdp2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-14336 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13932
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1776/otrs2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1775/otrs2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream fix for CVE-2016-10228
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] increase debian_version for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 5 commits: mark CVE-2019-1010259 as not-affected for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] squid DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2020-15103/freerdp2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15103/freerdp2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2020-14001/ruby-kramdown
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15859/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] bugs for markdown issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] qemu bug
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] fix syntax
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15866/mruby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-15866/mruby: Add reference to upstream commit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2285-1 for librsvg
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2017-11464/librsvg: remove no-dsa tag for stretch
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Track librsvg update via buster-pu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] mark CVE-2020-15719 as no-dsa for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] openjdk-11 fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2286-1 for tomcat8
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15863/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two CVEs via upload to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15890/luajit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-20907/python3.9 fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-6096/glibc fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] kiwix reintroduced and fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information for old CVE-2008-0455/apache2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Drop no-dsa tags for poppler issues to be fixed in stretch
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 9 commits: mark CVE-2020-14664 as no-dsa for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add fixed version for net-snmp issue (#965166)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note to mumble in dla-needed
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15803/zabbix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15890/luajit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15917/claws-mail
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14339/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-0305/linux and sync with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qemu DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim slirp.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] zabbix fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] fix typo in CVE list
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Return slirp to the pool; requires a bit more C hacking than I...
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] new xnio issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-4044/xrdp via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream references for CVE-2020-1722/freeipa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] pillow spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track fix for CVE-2019-20908 via buster point release
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15900/ghostscript
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-11252/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14297/wildfly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14343/pyyaml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15778/openssh
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2020-15095 as no-dsa for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] new rust-linked-hash-map issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-linked-hash-map issue (no CVE)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] commons-configuration2 spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] gpp fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] tcpreplay fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] eclipse-wtp was introduced
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2288-1 for qemu
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Strip no-dsa, ignored, and postponed entries which will recieve an update
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Remove extra entry
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] python3.7 spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Correct proposed version for ksh via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE for mupdf will be fixed
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-10753
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed CVEs for linux via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note to cacti in dla-needed
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15945/lua
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2020-15889/lua
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add references CVE-2020-15888/lua
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional references for CVE-2020-15888
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-1588{8,9}: correct source package name (typoed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14343/pyyaml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: fix for CVE-2019-5188 finally uploaded to Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Several libyang issues fixed in unstable (with move from experimental and new upstream version)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes for chromium via experimental (for later merge into unstable entry)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] openjdk-11 DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 11 commits: add clamav
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add WIP notes
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2291-1 for ffmpeg
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2292-1 for milkytracker
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tagged entries which got update in DLA 2291-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] dla: take clamav
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] imagemagick fixed (a few more need a closer look)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: reclaim condor, update status note
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-20892/net-snmp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update version information for libjpeg-turbo
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] wpa fixed in stretch 9.13
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Correct tracking of libjpeg-turbo versions which entered unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] more imagemagick fixes in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] djbdns reintroduced in Debian
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] more imagemagick fixes in unstable
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Upstream says CVE-2020-14153 is not in libjpeg-turbo
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11727/CVE-2019-17023: Same applies as for jessie
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] CVE-2020-14153: Add reason for not-affected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Move CVE-2019-16712 to DSA 4712-1 for imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add net-snmp for dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15953/libetpan
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-14295/cacti via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11110/grafana
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2293-1 for mercurial
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15954/kmail
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10715 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add one mysql issue which was later one added to the CPU
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14331/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lts: clamav ready
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] chromium is EOL in stretch
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-14331/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-12460/opendmarc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-12460/opendmarc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-15954
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-15751 and CVE-2018-15750 will be fixed with the same patch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2295-1 for curl
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2296-1 for luajit
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16094/claws-mail
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add new firefox-esr issues from mfsa2020-31
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2020-32
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new thunderbird issues from mfsa2020-33
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Move foreman entry to CVE-2020-14334
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-12845/cherokee
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 31 commits: Force keys() to get evaluated as list
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2014-3566/netsurf as fixed with 3.6-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2297-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] security_db: add missing import
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2017-5461 affected firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] new webkit issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] firefox fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] unsupported_packages: remove default Debian version
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] org/lts-frontdesk.2020.txt: Swap LTS weeks with permission.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add new GRUB2 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add oss-security posts references for GRUB2 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] grub2 issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Ignore BootHole and friends in stretch
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] add two android-specific Firefox issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for grub2 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for xrdp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16118/balsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16117/evolution-data-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2298-1 for libapache2-mod-auth-openidc
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] dla: take openjdk-8
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry wich got update in DLA 2298-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new ark issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-16116/ark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-15866 as no-dsa for stretch
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add net-snmp kdepim-runtime to dla-needed
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16135/libssh
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-11934 as not-affected for stretch
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim net-snmp.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim kdepim-runtime.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2020-8203/node-lodash EOL in stretch
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: take json-c
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2299-1 for net-snmp
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2300-1 for kdepim-runtime
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Track fix for net-snmp issue while CVE assignment is pending
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2020-15862/net-snmp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2301-1 for json-c
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Claim libssh in dla-needed.txt Update status of squid3.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] dla: take jruby
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add grub2 to dsa-needed for regression fix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-16135/libssh
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-14339/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-16116/ark fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14339/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for grub2 regression update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on thunderbird issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dd CVE-2020-6070/f2fs-tools
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16092/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2020-15899 NFU wording in related entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14337 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking of source package for CVE-2020-6098/freediameter
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16166/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Move uploads which wont happend to the end of the list for further tracking
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15861/net-snmp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Expand note for CVE-2020-15862/net-snmp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-15861/net-snmp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-15862: Add note on commit to make extend mib read-only
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update note in dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Triage stretch
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] CVE-2019-2201: Add note that the description is wrong
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2302-1 for libjpeg-turbo
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14344/libx11
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14347/xorg-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-16094/claws-mail as no-dsa for buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-16094/claws-mail
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-9488/apache-log4j2 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ark DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2303-1 for libssh
Markus Koschany
Last message date:
Fri Jul 31 22:54:30 BST 2020
Archived on: Fri Jul 31 22:54:35 BST 2020
This archive was generated by
Pipermail 0.09 (Mailman edition).