June 2020 Archives by thread
Starting: Mon Jun 1 07:43:14 BST 2020
Ending: Tue Jun 30 21:52:37 BST 2020
Messages: 767
- [Git][security-tracker-team/security-tracker][master] Four gnucobol issues fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-8035 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue for sane-backends
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Map specific GHSL issues for sane-backends directly to assigned CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-11078 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2232-1 for python-httplib2
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference upstream commit for CVE-2020-10732/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2018-3741/ruby-rails-html-sanitizer as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-10754 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] Claim cups
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reclaim imagemagick in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13754/qemu
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13659/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-861{6,7}/bind9 fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three new perl issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2020-10732 with kernel-sec triage
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove note from CVE-2019-9374
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2020-12740
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-10737/oddjob via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] perl: CVE-2020-12723, CVE-2020-10878 and CVE-2020-10543 fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: reclaim libmatio
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for perl issues fixed in 5.30.3-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13757/python-rsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] horde spu/ospu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add new firefox-esr issues from mfsa2020-21
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2020-20
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20805/upx-ucl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-20051/upx-ucl fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-12062 and mark it unimportant with negligible impact
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] yaws/erlang tracking (a bit of a hack, but works)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-11888/python-markdown2 as fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for CVE-2020-11888/python-markdown2 via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10749
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13401/docker.io
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8164/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process CVE-2018-1862{3,4,5}/grafana
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync additional CVEs from mdsa2020-21 and add fixed version via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update CVEs from mfsa2020-20 and fix association error for firefox-esr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-12049/dbus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2020-0009/linux with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-8164/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three CVEs from June security release for Node.js
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10740/wildfly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] libexif spu/ospu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20812/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20811/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20810/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13776/systemd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13775/znc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13775
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new mongodb issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-8832 in stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new grafana issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] No build/runtime reverse dependencies in jessie. Marking CVE-2020-13757
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add firefox-esr and dbus
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim dbus.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage python-django for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13254/python-django
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13596/python-django
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] firefox DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-1703 got now rejected by the assigning CNA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2020-12872 with erlang
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13401/docker.io
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13765/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-13765/qemu via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13757/python-rsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark new nodejs issues as ignored for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-12672 as postponed for stretch and buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup trailing whitespaces in CVE list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: claim firefox-esr in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Track fixed version for python-django via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13791/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for erlang via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add temporary item for #962123 in roundcube
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add temporary item for #962124 in roundcube
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13800/qemu
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13777/gnutls
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] more rails issues, rails fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] additional references for rails issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add rails and thunderbird to dsa-needed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add and take nodejs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-13800/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and claim roundcube
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-202-8167/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2020-8166/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2020-8165/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2020-8162/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes for sympa and apache2
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10757/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2020-12049/dbus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2233-1 for python-django
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2234-1 for netqmail
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13696/xawtv
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add temporary description for CVE-2020-13696
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-8167/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-8162/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status ofr CVE-2019-3874/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 33 commits: gen-DSA: get distro info from config.json
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove note from CVE-2016-11051 (REJECTED, duplicate of CVE-2015-0569)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some NFUs (and test sec-tracker functionality)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gitlab-ci: Install jq to avoid error from make check-syntax
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13827/phplist
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13817/ntp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track poposed update for perl via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for perl via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-11082/ruby-kaminari via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixing commit for CVE-2020-10757/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8555/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-7660 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track ruby-json updates via {stretch,buster}-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for nodejs via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add todo item for CVE-2020-13816
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10755/cinder with further TODO item
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO item from CVE-2020-13816
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] SyntaxError: closing parenthesis ')' does not match opening
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11975
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add glib-networking, xawtv, jquery, ntp
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Mark nodejs CVEs eol
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Claim xawtv
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13848/pupnp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim jquery
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Revert "Claim jquery"
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-13848 as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13848/pupnp-1.8
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] REference commits fors for CVE-2020-13777
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference GNUTLS-SA-2020-06-03
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2235-1 for dbus
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-13777/gnutls28
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add gnutls28 to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13777/gnutls28
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dbus spu/ospu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-3836/gnutls28
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-3829/gnutls
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13790/libjpeg-turbo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] php-horde is back in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: DLA: unclaim unbound
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] libntlm spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove three TODO items
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-16868/gnutls28 as no-dsa for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7014/elasticsearch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three new kibana issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two more chromium CVEs already fixed in older version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes for older chromium releases
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track one CVE fix for chromium/80.0.3987.162
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-6419/chromium
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13597 & CVE-2020-13255 in Django.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-13817/ntp: add patches
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] nodejs DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13867/targetcli-fb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13867/targetcli-fb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Strip no-dsa entries which will recieve an update
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-0182/libexif
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2020-13777/gnutls28
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fix for CVE-2020-7053/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] libexif no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-20797/prboom-plus via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new libexif issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-3829/gnutls28 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track new thunderbird issues from nfsa2020-22
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for gnutls28 update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13871/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13871/sqlite3 fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Add investigation notes for jquery.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10759/fwupd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10756/libslirp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13895/libcrypt-perl-perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] use-after-free vuln present in a pExpr->eType==FTSQUERY_NEAR && pExpr->bEof
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] LTS: add and claim thunderbird in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2236-1 for graphicsmagick
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] openssh fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new libpam-tacplus issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2237-1 for cups
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-13790 as <postponed>
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Mark phantomjs as removed from unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add rails, libexif libupnp
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] CVE-2020-13790 is better <ignored> than <postponed>
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2238-1 for libupnp
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Take a free slot
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add and claim perl
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Claim libexif
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Take free slot in lts-frontdesk
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13904/ffmpeg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take php5
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] reclaim opendmarc
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 4 commits: Triage CVE-2020-7921 in mongodb for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] LTS: update note on bluez in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2239-1 for libpam-tacplus
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-13775/znc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] one libexif issue fixed by older patch, confirmed by upstream, might be rejected
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add patch for CVE-2020-0198
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Fix version number for libupnp in DLA 2238-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sort suite entries for CVE-2020-7921 top-down
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove doubled entry for CVE-2020-0181
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] fix for CVE-2020-0182 confirmed by upstream, remove Android ref, only causes confusion
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13625/libphp-phpmailer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13692/libpgjava
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] reclaim php5 with permission of Emilio
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-12695/wpa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10761/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add newly assigned CVEs for roundcube
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] add reference for fwupd issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13974/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2020-10759 (Add libjcat and commits)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes for clamav via {stretch,buster}-pu (and as well released via SUA)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: data/dla-needed.txt: Triage pgjdbc for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] new QT, libreoffice, VLC issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for fwupd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Use the Debian source package name, not the upstream project & repo name ("pgjdbc")
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-10759/fwupd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] fwupd fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new LO issues ignored for stretch/buster
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-0543/{intel-microcode,linux}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] more references for CVE-2020-0543
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2240-1 for bluez
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2241-1 for linux
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2242-1 for linux-4.9
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2243-1 for firefox-esr
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Remove one no-dsa tagged entry for CVE-2016-7837
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA numbers for linux update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for 5.6.14-2 linux upload to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove one no-dsa/ignored item which got a source release
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for intel-microcode upload via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove postponed entries for intel-microcode
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add python-django to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add intel-microcode to dsa needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional note for CVE-2020-0543
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9633
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove TODO item for CVE-2018-8956
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new picolibc issues fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2020-13428 in vlc for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] new linux issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Three dovecot issues fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add todo item for CVE-2013-5958
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4700-1 for roundcube
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Claim python-django
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7663/ruby-websocket-extensions
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2020-10708 (properly rejected now)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove note from CVE-2020-10647
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-12662 & CVE-2020-12663 in unbound in jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2020-12802 & CVE-2020-12803 for libreoffice in jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for intel-microcode update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim intel-microcode
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] thunderbird, mysql-connector-java DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: precise that oldstable tzdata is planned for next point release
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] fix CVE IDs for tb DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] update status for three mysql-connector-issues fixed in oldstable
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2245-1 for mysql-connector-java
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2020-2875,CVE-2020-2933,CVE-2020-2934/mysql-connector-java: fixed in jessie
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: claim rails
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add new adns issues CVE-2017-910{3,4,5,6,7,8,9}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add ruby2.5 to dsa-needed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add four new janus issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for janus issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fix new wordpress issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new vague mistral issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] mark janus as ignored
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage wordpress for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2246-1 for xawtv
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Claim wordpress
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add note attribution for libexif missed by Abhijith
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2233-2 for python-django
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2247-1 for thunderbird
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] janus fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new consul, gitlab issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove CVE id reference as the regression was a functional regression
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVEs for wordpress issues (but one) assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add regression reference for CVE-2020-13254 in python-django.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2020-13692/libpgjava as no-dsa for jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7676/angular.js
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-2055{2,3}/tcpreplay
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-8159 was fixed in upstream version 1.2.1
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11980/apache-karaf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commits for CVE-2020-1076{6,7,8}/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-7676 in angular.js for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14004/icinga2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2248-1 for intel-microcode
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2249-1 for libexif
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-0198/libexif
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-12667/knot-resolver
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Unclaim xcftools
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-14004 in icinga2 for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-18862/mailutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new nagios4 issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13977/nagios4
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] denyhosts finally removed again from everywhere
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13625/libphp-phpmailer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13692/libpgjava
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13881/libpam-tacplus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13790/libjpeg-turbo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] nagios4 no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Link to upstream fix for drupal7/CVE-2020-13662
Brian May
- [Git][security-tracker-team/security-tracker][master] Update CVE-2018-2055{2,3}/tcpreplay after upstream feedback
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lts: ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] wordpress issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10773/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new mutt issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14093/mutt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1406{0,1,2}/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference revisited patch for CVE-2020-13754/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove open-iscsi, now defintively out of scope and unlikely to be updated
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] bustre/stretch triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14154/mutt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14155/pcre3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20838/pcre3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14150/bison
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-21246/caddy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes to dla-needed.txt about unbound
Brian May
- [Git][security-tracker-team/security-tracker][master] CVE-2020-13428 fixed in vlc 3.0.11-1
Sebastian Ramacher
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim sqlite3 and cacti again
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-10757/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-9483 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17566/batik
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11969 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10747/freeipa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-202-14148/ngircd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14147/redis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add some attribution to notes.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-21245/pound
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-1403{3,4}/janus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13999/libemf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-12762/json-c
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-13977/nagios4
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-202-12284/ffmpeg fixed with 4.2.3 version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-202-13904/ffmpeg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] vlc DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] "new" node-chownr issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reference specifically cloned bug for TOCTOU issue in node-chownr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2005-151/qmail
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] libjcat fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1421{3,4}/zammad
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14212/ffmpeg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-4053
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-4054/ruby-sanitize
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-14093 and CVE-2020-14154 in mutt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixing version for CVE-2020-1403{3,4}/janus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2020-10747
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-8165/rails: jessie & stretch half-affected
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2020-8165/rails: fix URL
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2020-8166/rails: jessie & stretch not-affected
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2020-8166/rails: tidy URL
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2250-1 for drupal7
Brian May
- [Git][security-tracker-team/security-tracker][master] Add some new libvncserver specific CVE assignments
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14295/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track help proposal for the rails update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three more libvncserver issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14195/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct URL for mfsa2020-18 (CVE-2020-12392)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed for several CVEs for chromium via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-861{8,9}/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10781/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2020-10781/linux with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4705-1 for python-django
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7676/angular.js fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14416/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream bug reference for CVE-2020-14155/pcre3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-14155/pcre3 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-20838/pcre3 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14155/pcre3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13663/drupal7
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1366{4,5}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] drupal7 DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] pcre3 fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark jquery/CVE-2020-7656 ignored in Jessie
Brian May
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-13033/lynis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream references for CVE-2020-13882/lynis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new mutt issue fixed with new upstream version in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for STARTTLS mutt issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mutt: Replace morror gitrepository urls with the actually main repository
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add wordpress to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync up pound fixed version for CVE-2018-21245
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8163/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14415/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13822/node-elliptic
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-12402/nss
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process CVE-2020-10782 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream issue for CVE-2020-8619/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream issue reference for CVE-2020-8618/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-8619/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-8618/bind9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] linux n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-13401/docker.io
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add batik (more research needed).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed.txt
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark CVE-2020-10755/cinder as e-o-l for jessie.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add libvncserver and claim it.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add lynis.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add mutt and claim it.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add ngircd.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add pcre3.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add pound.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark redis in jessie as <not-affected> by CVE-2020-14147.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] LTS: claim pcre3 in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-20838/pcre3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14422/python
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14295/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-14295/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2251-1 for rails
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add note to CVE-2020-8163 for potential problems with reverse dependencies
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove annotation for stretch for CVE-2020-13822/node-elliptic
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14148/ngircd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13822/node-elliptic
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: triage CVE-2020-14155/pcre3 for jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2020-13800/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference CVE-2020-13659/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: claim lynis and ngircd in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-12402/nss
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug information for CVE-2020-11958/re2c
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-10932/mbedtls
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-13822/node-elliptic
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream commit for CVE-2020-10761/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix typo in the temporary short description for CVE-2020-10756
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-13033/lynis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add references for neomutt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9495 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mutt DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] annotate fix for CVE-less mutt issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Note given about this.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Add CVE-202-14929/alpine
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14475/dolibarr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream commit for CVE-2020-14929/alpine
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14929/alpine
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add neomutt to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-14929/alpine
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] security-team.d.o: Sync table with real situation
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove one leftover closing td tag
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14019/python-rtslib-fb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-13871/sqlite3: upstream published a new fix
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Add python3.4.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-14148/ngircd as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit to adress CVE-2020-14148/ngircd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Two new CVEs assigned for squirrelmail issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: unclaim lynis and ngircd in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] More information about libdatetime-timezone-perl.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Claiming alpine.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim ngircd.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim lynis.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2252-1 for ngircd
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2253-1 for lynis
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2020-14954/{mutt,neomutt} assigned for MITM response issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional commit and issue references for CVE-2020-14954/{mutt,neomutt}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add note for perl
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] neomutt DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] update notes
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] ruby2.3 ospu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] LTS: claim condor in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8184/ruby-rack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14301/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix commit reference for CVE-2020-8184/ruby-rack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-12402/nss fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7011/elasticsearch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8184/ruby-rack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-14148/ngircd via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update status of squid3 and imagemagick in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 6 commits: Remove old comment about LTS releases
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] chromium fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] initial jpeg triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: postponed python3.4
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: claim python3.4
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-13033/lynis as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2013-1753/python: reference sanctioned patch
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add fixing commit for CVE-2020-14295/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: more info for CVE-2019-17566/batik
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] dla: claim batik
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Update CVE-2020-10749
Shengjing Zhu
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2020-8331 (withdrawn by its CNA)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11989/shiro
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13844 initial information
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add four new freerdp issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add some more FreeRDP issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new chromium issue fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Four adplug issues now really fixed in experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-17533/libmatio fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2020-11989/shiro
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10769/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] updates reported by ebourg: thanks!
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2014-9365/python3.4: jessie triage precision
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4709-1 for wordpress
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] 3 commits: add rails
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Claim jackson-databind
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add WIP note for wordpress
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] CVE-2020-XXXX for wordpress's comment leak is fixed by 5.0.10+dfsg1-0+deb10u1
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] python3.4: tidy statuses
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2020-8163/rails: clarify a bit
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: claim rails again (thanks alteholz)
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-14148/ngircd as unfixed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note on docker.io pending DSA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14976/gns3-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14940/tuxguitar
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for exiv2 via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add boost1.71 embedding unicode-data (#963587)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14300/docker.io
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14298/docker.io
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-8761/swift
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2019-3689 via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two new curl issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] embedded-code-copies: fix typos
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 7 commits: mark CVE-2020-14940 as no-dsa for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Track proposed update for nfs-utils via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: update rails status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] buster/stretch triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new crispy-doom/chocolate-doom issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new freedroidrpg issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add tracking for CVE-2020-14304
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove some buster tagged CVEs for freerdp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes on regression for CVE-2020-14093
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark four CVEs for linux as fixed with 5.7.6-1 upload to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14940/tuxguitar
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-8169/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-8177/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-16707/hunspell fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Associate Apache Spark issues with an itp/rfp bug
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9494/trafficserver
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15011/mailman
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15025/ntp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-9494/trafficserver
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15005/mediawiki fixed via new upstream version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for samba issues for later merge into unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-10750 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14305/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13902/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-14305/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mediawiki issue is harmless, mark as <postponed>
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] also track libhibernate-validator4-java
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-15025/ntp n/a on stretch and jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] update status for ntpsec wrt latest ntp issue (no-dsa)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-18348/python3.4: reference patch
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2020-14939 and CVE-2020-14938 of freedroidrpg as end-of-life (games are not supported)
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] im n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-9494/trafficserver fixed in unstable via new upstream version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10753/ceph
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Add initial information on CVE-2019-20892/net-snmp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add clarifying TODO item for CVE-2019-20892
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes for CVE-2020-14151 (confirmed duplicate of CVE-2018-11813)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2019-20892
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11735/wolfssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2254-1 for alpine
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add four new pillow issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Updates notes for CVE-2020-15007/rbdoom3bfg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark python3.7 as removed from unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference set of commits for CVE-2019-20892/net-snmp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for CVE-2019-3829 via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference pull request for CVE-2020-9494/trafficserver
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process CVE-2020-10727 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track mitigation/fixes for gupnp for CVE-2020-12695
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1530{4,5,6}/openexr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add attribution for squirrelmail note.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15047/trojita
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11996/tomcat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] alpine no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-5967/nvidia-graphics-drivers*
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track embedded copy of libsass in node-node-sass
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] bison unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] chocolate-doom fixed in sid, no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-18823/condor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13999/libemf as reported in BTS by jmm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for rails update and CVE-2020-8163
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track further proposed updates for libexif via {stretch,buster}-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Concluded that CVE-2020-14150 in bison is not worth fixing in jessie.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Claimed drupal7.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Claimed pound.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry from unimportant issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-13999/libemf via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: update condor notes
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add unstable fixes for two ancient CVEs for chromium/chromium-browser
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15358/sqlite3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14002/putty
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-14002/putty as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ATS DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15025/ntp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-4054/ruby-sanitize
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8035/php-horde
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-13625/libphp-phpmailer via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Concluded that CVE-2018-21245 was already corrected in jessie.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] 5 commits: mark CVE-2020-14019 as not-affected for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] samba fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 4 commits: correct typo
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2020-10753 as no-dsa for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2016-5735 is fixed in pngquant
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: several issues for zziplib have been fixed in Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2015-9059 is fixed in picocom
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2016-9928 is fixed in mcabber
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2261-1 for php5
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 5 commits: add gupnp
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] sqlite3IsShadowTableOf function need shadow table name called zName
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Vulnerable code not present
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Window function support was first added to SQLite with release version
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim wpa
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] update note in dla-needed for cacti
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Track fixes for CVE-2020-12771/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: update status
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for nvidia-graphics-drivers-legacy-390xx
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new google-compute-image-packages issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim shiro.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-4067/coturn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add temporary description for CVE-2020-4067/coturn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add coturn to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries for CVE-2020-606{1,2}/coturn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-20840/libvncserver/jessie: not affected
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-21247/libvncserver fixed already in 0.9.11+dfsg-1.2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-14396/libvncserver/jessie: not affected
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-4067/coturn
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-14398/libvncserver/jessie: ignore, possibly ABI breakage
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for coturn update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] nvidia spu/ospu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Claim coturn
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2020-11989
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14145/openssh
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Several frerdp2 issues fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Several libvncserver issues fixed via unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track nvidia-graphics-driver-testla-418 as well for CVE-2020-59{63,67}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2262-1 for qemu
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2263-1 for drupal7
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Clarify associations between CVE-2020-1957 and CVE-2020-11989
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15365/libraw
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track nvidia-graphics-drivers-tesla-440 for CVE-2020-596{3,7}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-8035/php-horde via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2013-7489/beaker
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15393/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2264-1 for libvncserver
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Track fix via usntable for CVE-2020-8866/php-horde-form
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fix via unstable for CVE-202-8865/php-horde-trean
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes via unstable for CVE-2020-596{3,7}/nvidia-graphics-drivers
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add mailman and claim it.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2265-1 for mailman
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add qemu to dla-needed
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add (temporary) item for libvncserver issue with websockets decode
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-18922/libvncserver assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] jessie libmatio triaging
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] imagemagick DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-20052
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2266-1 for nss
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15389/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2267-1 for libmatio
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-14868/ksh93
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-14868/ksh93
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11935/aufs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2020-15389/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] readd imagemagick for oldstable, will be separate DSA as CVE sets differ
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2268-1 for mutt
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2268-2 for mutt
Mike Gabriel
Last message date:
Tue Jun 30 21:52:37 BST 2020
Archived on: Tue Jun 30 21:52:41 BST 2020
This archive was generated by
Pipermail 0.09 (Mailman edition).