March 2020 Archives by thread
Starting: Sun Mar 1 20:20:19 GMT 2020
Ending: Tue Mar 31 22:12:48 BST 2020
Messages: 719
- [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2020-8131/node-yarnpkg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and claim rrdtool
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8131/node-yarnpkg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2131-1 for rrdtool
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] chromium fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] bug for edk2, puppet
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for unstable or CVE-2018-20073/chromium
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-14575/edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-14563/edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to higher-level tracking bugzilla bug for CVE-2019-14559
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9549/pdfresurrect
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three jackson-databind issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-9549/pdfresurrect
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] wireshark postponed, NFU
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 5 commits: Fix DSA-1979-1 year
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-13568/cimg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2115-2 for proftpd-dfsg
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2131-2 for rrdtool
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage jackson-databind for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage pdfresurrect for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Claim jackson-databind
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Don't reference CVE id for DLA 2131-2 as it is a functional regression
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9463/centreon-web, itp'ed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process CVE-2020-8437 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new libzypp issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2019-18900/libzypp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1747/pyyaml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-1747/pyyaml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-5249/puma
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-1747/pyyaml: mark as n/a on buster and older
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-17572/influxdb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Update CVE-2019-20477 status
Scott Kitterman
- [Git][security-tracker-team/security-tracker][master] Restore set severity for CVE-2019-20477
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: tidy statuses a bit
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2014-2875/lua-cgi: reference BTS
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2019-3689/nfs-utils: reference upstream bug
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage libzypp for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update note for pdfresurrect in jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-9549/pdfresurrect as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-21035/qtwebsockets-opensource-src
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-21035/qtwebsockets-opensource-src as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-21035/qtwebsockets-opensource-src
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark glusterfs issues as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process three CVEs for hhvm (removed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] pdfresurrect unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2132-1 for libzypp
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20485/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process four CVEs for envoy proxy as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-20485/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-21035/qtwebsockets-opensource-src no-dsa on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: slurm-llnl: add links to upstream fixes
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2133-1 for tomcat7
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] new chromium issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new django issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-9402/django n/a on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reference 7.x commit for CVE-2019-13135
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-9402/python-django
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] nvd.py: Fix typo in Parser when issueing error (VAlueError -> ValueError)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-9402/python-django
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10029/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-10029/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-17362/libtomcrypt via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim amd64-microcode in dla-needed.txt
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2019-11157
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add amd64-microcode coverage for CVE-2017-5715 only
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-5249/puma
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: mark CVE-2017-18641/lxc as <ignored> for jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8113/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-524{7,9}/puma via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1749/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Initial batch of libsixel fixes
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2020-0066/linux information with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Checking remaining libsixel issues, all fixed upstream in v1.8.3 and 1.8.4
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Android NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix small typo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new webkit issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2020-10029 in glibc for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2134-1 for pdfresurrect
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16301 after some turnarounds got REJECTED properly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two further CVEs for centreon-web, itp'ed, #913903
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20382/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-20382/qemu fixed in unstable (included in 4.2 upstream)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new linux issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2135-1 for jackson-databind
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] 3 commits: Shorten URL to commit using redirect
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-1487{1,2,3,4,5,6,7,8}/newlib addressed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: claim xerces-c, update status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add one Apache OFBiz NFU entry
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-6438,CVE-2019-12838/slurm-llnl: reference patches, precise triage
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] new yubikey-val issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add commit refs for yubikey-val
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20503/libusrsctp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-20503/libusrsctp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update note for CVE-2020-0040
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10174/timeshift
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10188/netkit-telnet
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for pyyaml, CVE-2020-1747
Scott Kitterman
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7212/python-urllib3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-202-1751/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1752/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-7212/python-urllib3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-1751 in glibc for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update severity for CVE-2019-5062/wpa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status amd64-microcode dla
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add fixed version for CVE-2020-9308/libarchive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2017-1000416/axtls
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-8981/axtls
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-9689 and CVE-2019-10013 for axtls
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage libvpx for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim libvpx.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-15486/django-js-reverse
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-8597/lwip
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2019-18900/libzypp as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-13207/nsd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1750
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-19952/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2020-864{7,9}/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2019-19769/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-10174/timeshift
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-19769/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-202-8813/cacti
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for two upx-ucl CVEs via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: libmtp WIP
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] dla: still ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] update notes
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update status of squid3 in dla-needed.txt.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] two sleuthkit issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-7061 only affects code with PHP_WIN32 defined
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim slirp.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2136-1 for libvpx
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Record fixed version for libvpx
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for network-manager-ssh update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and claim sleuthkit
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] dla: take qemu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-{9282,9386}/mahara
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug tracking numbers for CVE-2020-10188
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-3689/nfs-utils: upstream commit
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Claim tomcat8 in jessie
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2137-1 for sleuthkit
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1753/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] "new" glance issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add glibc and claim it.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add netkit-telnet(-ssl).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: re-claim qtbase-opensource-src.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] buster/stretch triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add some notes regarding CVE-2020-0551 / LVI
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add clearifying note for CVE-2020-0551
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Expand notes for CVE-2020-0551/LVI
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-5253/nethack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-5254/nethack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20509/libarchive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-20509/libarchive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10065/otrs2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-13457/otrs2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-0550
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9543/manila
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15034/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-9543/manila
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new firefox issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-5258/dojo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-5259/dojo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix small typo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-5258/dojo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-5259/dojo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2138-1 for wpa
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Michael Gilbert
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-13072/zoneminder
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] firefox-esr issues from mfsa2020-09 fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-9543/manila as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and claim dojo and libarchive
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-525{8,9}/dojo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2020-525{8,9}/dojo via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15690/libvncserver
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take firefox-esr and thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-9543/manila via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] golang-github-proglottis-gpgme, weechat fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2139-1 for dojo
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10251/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1311/xerces-c: reference RedHat fix, jessie postponed
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] firefox-esr DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-10174/timeshift
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to CVE-2020-9543/manila advisory
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-20509/libarchive as not-affected for jessie
Utkarsh Gupta
- Processing dbd0ba5f39c37d7b18a299e9074bee5ffe0e950f failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] libarchive is not-affected for jessie
Utkarsh Gupta
- Processing 3cef2f5b2ad6b984fb11682f9fa7e1f06cb4030e failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] CVE-2019-20509: fix syntax
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1947
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-20509/libarchive as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2140-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-20509/libarchive as not-affected for Stretch and Buster
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add addtional NOTE for CVE-2019-20509/libarchive triage
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update information on CVE-2019-20509/libarchive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-10029/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-10251/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add attribution to xcftools note in dla-needed.txt.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Correct a spelling error in dla-needed.txt.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add yubikey-val.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Claim yubikey-val
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] dla: xerces-c status update
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: re-add and claim slurm-llnl
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] webkit2gtk upstream advisory WSA-2020-0003
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-20509 now REJECTED
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update version for CVE-2020-10018/webkit2gtk which entered unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-10251/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2141-1 for yubikey-val
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add note to amd64-microcode into dla-needed.txt
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10531/icu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-10531/icu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-10531/icu fixed version in unstable
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10535/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1010{8,9}/twisted
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-5243/uap-core
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7598/node-minimist
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2020-7598/node-minimist as no-dsa and ignored
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14887/wildfly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE2-20-7598/node-minimist
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] node-minimist spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new bluez issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Try to have a look at bluez issue for stable and oldstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add information on introducing commit for CVE-2020-1752/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-0556/bluez
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2142-1 for slirp
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] firefox fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-1752/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug tracking item for CVE-2020-1752/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Pick amd64-microcode/oldstable. Update status
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Reference commits for CVE-2020-0556/bluez
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-3689/nfs-utils via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take bluez
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Mark amd64-microcode as no-dsa and drop from dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1887/osquery
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2020-10
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] edk2 issues fixed via unstable with 0~20200229.4c0f6e34-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2020-0556/bluez
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some gitlab related CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-20503/libusrsctp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-15034 n/a on stretch & jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add upstream report for CVE-2019-15690
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: data/dla-needed.txt: Add twisted.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 3 commits: Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-10784/phppgadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-1560{4,6}/nodejs via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-15606: Annotate upstream commit with tag
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-15604: Annotate upstream commit with tag
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add for tracking experimental fix for CVE-2019-15605 until merged to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-15605/nodejs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference commit for CVE-2020-1010{8,9}/twisted
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-1010{8,9}/twisted
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-10091
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2015-0565/nacl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-10232/sleuthkit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update status for CVE-2020-5254/nethack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim twisted.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-5254/nethack
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Try to clarify notes for CVE-2020-0556
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-0556: Reference cover letter to the patchset
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2019-15680
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2020-10174/timeshift as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-1057{3,4,5,6}/janus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15608/node-yarnpkg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8141/node-dot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1953/commons-configuration2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for amd64-microcode via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] graphicsmagick DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-10255 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2019-19050 with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and claim nethack
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] CVE-202-5253: fix reference to upstream commit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19728/slurm-llnl: jessie ignored
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2143-1 for slurm-llnl
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2019-6438,CVE-2019-12838/slurm-llnl: update status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-1311/xerces-c: memory leak confirmed on RedHat's bugzilla
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: xcftools: update status
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2020-5253/nethack: jessie end-of-life
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2144-1 for qemu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2019-20382/qemu: postponed in jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] webkit2gtk 4641-1
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] phpmyadmin fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] already preparing the ELTS update of PHP5, so also claiming the LTS version
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-192{09,10,11}/dolibarr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for thunderbird via mfsa2020-10
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19212/dolibarr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Replace spurious tab characters with spaces
Florian Weimer
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-15690/libvncserver
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Replace more spurious tab characters with spaces
Florian Weimer
- [Git][security-tracker-team/security-tracker][master] Add and claim libvncserver
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove now todo item from CVE-2019-15690
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2020-1753/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2145-1 for twisted
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2146-1 for libvncserver
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10380/rmysql
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and claim gdal
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-658{1,2}/nagios-nrpe
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-658{1,2}/nagios-nrpe as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2019-9460 (withdrawn by CNA)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-20510/freeradius
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2020-6581 as not-affected for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2019-20510 as not-affected for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: security_db: don't return duplicated advisories
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: libvncserver: reference embedded copies
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Revaluate state for CVE-2019-13456/freeradius
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert "CVE-2019-15690/libvncserver: reference embedded copies in...
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new tika issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update note for amd64-microcode
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Track some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add icu to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2147-1 for gdal
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20839: Add note on #929116
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert "data/CVE/list: Mark icu/jessie as not affected by CVE-2020-10531."
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-1551/openssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2019-15794 with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-20510 confirmed to be REJECTED
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take icu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10674/libperlspeak-perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new python-bleach issue (similar to CVE-2020-6802)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-10674/libperlspeak-perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-9549/pdfresurrect via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1757/undertow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2020-1059{2,3}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-0556/bluez
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark CVE-2020-10380 as no-dsa for Jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2020-9543/manila via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] twisted no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-6816/python-bleach assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2145-2 for twisted
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Don't warn about potential duplicate work when issuing a regression update; we...
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] zipios++ spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Don't list CVEs for the functional regression
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2148-1 for amd64-microcode
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Remove stretch annotations for CVE-2020-195{0,1}/tika
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2020-1951/tika
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-5267/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-5267/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference reported upstream issue for CVE-2014-2875
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and claim rails
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-6816/python-bleach as ignored for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add python-bleach to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2149-1 for rails
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Regression is on the usage of lately introduced class called
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] new u-boot issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Sort properly packages by source packages
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove one unneeded reference
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-1067{2,3}/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2150-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2151-1 for icu
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: update note on netkit-telnet and netkit-telnet-ssl
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: remove xerces-c, no remaining issues
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2020-10592/tor: fix upstream BTS link
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2020-10593/tor: fix upstream BTS link
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add tor to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-5267/rais
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Expand notes for CVE-2020-0556/bluez
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and claim jackson-databind
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for python-bleach update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] tor DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-10592/tor: fix DSA reference
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reference commit for CVE-2020-8518/php-horde-data
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10675/golang-github-buger-jsonparser
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-10675/golang-github-buger-jsonparser
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add three CVEs for centreon-web, itp'ed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] libperlspeak-perl removed from unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add jessie status for CVE-2020-6816
Scott Kitterman
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-1002104 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-8141/node-dot via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-15539/mantis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-1488{2,3}/moodle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14512/limesurvey
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track proposed update for node-dot via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-12921/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-17185/freeradius
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-18860/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: add and claim graphicsmagick in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reference commit for CVE-2019-12921/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Codebase have changed substantially, API changes. Backporting can be
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add two new weechat CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] vino fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2152-1 for graphicsmagick
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1080{2,3,4}/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and claim phpmyadmin
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2153-1 for jackson-databind
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-5267/rails as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove one useless commit for phpmyadmin/CVE-2020-10803
William Desportes
- [Git][security-tracker-team/security-tracker][master] k8s fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark jessie as not-affected by CVE-2020-10804
William Desportes
- [Git][security-tracker-team/security-tracker][master] DTSA list: Fix inconsistent date formatting
Florian Weimer
- [Git][security-tracker-team/security-tracker][master] LTS: add and claim freeradius in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 4 commits: Add Debian bug reference for CVE-2020-10804/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-10577/janus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Track some fixed versions for gitlab after unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commitfor CVE-2019-17185/freeradius
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-1953/commons-configuration2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for rails via {stretch,buster}-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2154-1 for phpmyadmin
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] LTS: triage CVE-2019-17185/freeradius for jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS: remove freeradius from dla-needed.txt, no open vulnerabilities
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS: xen status update
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS: triage CVE-2019-10784/phppgadmin for jessie, follow stretch/buster decision
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Backport can be too intrusive. Patch
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Exploit window considered too narrow. Backport making tests to fail
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add four new hdf5 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] dla: libmtp wip
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Correct "entirely" typo.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Two remaining CVEs for gitlab were as well addressed in 12.3.3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new memcached issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for memcached issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10870/zim
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10793/codeigniter
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-10870/zim
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-1080{2,3,4} as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] zim unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track some fixed versions for twisted via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new node-yargs-parser issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track fixed version for memcached issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8552/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8551/kubernetes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10684/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10685/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] php7.3 removed from unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] "new" ruby issue, "new" bitcoin issues, NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mention the nicer editor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track new issues in trafficserver
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8865/php-horde-trean
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8866/php-horde-form
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add fixed version for CVE-2020-7608/node-yarg-parser
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add ATS to dsa-needed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] take vacant slot in lts front duty
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] new gst-rtsp-server1.0 issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add and claim ruby2.1 in dla-needed.txt, ACK from frontdesk
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2155-1 for tomcat8
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Assign this week lts-frontdesk duty to myself. (Replace utkarsh2102)
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] LTS: add and claim php-horde-{form,trean} in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2019-5188 will be fixed
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add TALOS reference for CVE-2020-6095/gst-rtsp-server1.0
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-10931/memcached assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10938/graphicsmagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2156-1 for e2fsprogs
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2157-1 for weechat
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-9359/okular
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-9359/okular
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-97{59,60}/weechat as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Two glibc issues addressed in 2.30-3 unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-9359/okular
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10942/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2158-1 for ruby2.1
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add and claim mumble
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Add okular
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add patch links of php-horde-trean and php-horde-form
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] dla: claim okular
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2020-9359/okular: link PoC
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] new puppet, puppetdb, libunivalue issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2019-18936
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2015-9543 as no-dsa for jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for icu update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2159-1 for okular
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] According to https://github.com/puppetlabs/puppet_metrics_dashboard/pull/92
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-18936
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference commit for CVE-2018-6952/patch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10941/mbedtls
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new libmicrodns issues from TALOS
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add tika
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-1080{2,3,4}/phpmyadmin via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via experimental for CVE-2019-18936/libunivalue until uploaded to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2017-18640/snakeyaml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10688
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add for tracking CVE-2020-8832
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] DLA: Claim tika
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] 3 commits: Track fixed version for CVE-2019-14862/node-knockout
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add libperlspeak-perl
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] CVE-2016-1000111 has been fixed upstream in 16.3.1 and in Debian in 16.4.0-1
Andrej Shadura
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-18936/libunivalue as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Moved libunivalue 1.1.1-2 to unstable addressing CVE-2019-18936
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: add note for CVE-2018-9272 in jessie
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] checkstyle spu/ospu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2019-16319 as not-affected
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: Slightly reorganize notes
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-1957/shiro
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add second commit for path traversal prevention in CVE-2020-8865
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-8865/php-horde-trean as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2020-8866/php-horde-form
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2160-1 for php5
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove notes from CVE-2019-19347 which was withdrawn by its CNA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-14981/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new rust-bumpalo issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for bluez update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new mediawiki issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] mediawiki fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update notes regarding CVE-2020-10188 in netkit-telnet and netkit-telnet-ssl.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Remove todo item for CVE-2020-10188
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-10675/golang-github-buger-jsonparser
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-196{8,9}/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-bumpalo issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-10953
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add some new otrs2 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark new otrs2 issues as no-dsa for buster and stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track four more CVEs to be fixed via phpmyadmin via stretch-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-1762 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10696/golang-github-containers-buildah
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10695
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10691
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Expand TODO for CVE-2018-19325
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for rust-bumpalo issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2161-1 for tika
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update note for CVE-2020-1957 in hiro after upstream investigation.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2016-9074 has been already fixed with upload of new version to jessie-security
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2020-1957 Use apache repository URL
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove wrong entry for node-knockout for stretch-pu uploads
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert changes to the CVE-2020-1957/shiro entries
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add shiro
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-19050 and CVE-2019-19252
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add and claim otrs2
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Update note for netkit-telnet and netkit-telnet-ssl for jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Update notes for shiro in jessie LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2020-1953
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed versions for gitlab via experimental until uploaded to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix source package ordering for old CVE-2016-5319
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] nothing todo for nss
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Tor EOL for jessie.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Marked quite a few CVEs for xen as EOL.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] One more entry marked as EOL for xen in jessie.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: triage CVE-2020-8865/php-horde-trean as no-dsa for jessie
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Added comment for EOL entries for xen and tor for jessie.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2162-1 for php-horde-form
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Track fixed versions for CVE fixes for linux/5.5.13-1 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2020-10675/golang-github-buger-jsonparser
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-1752/glibc no-dsa on jessie
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: reclaim bluez
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reclaim squid3 and claim tomcat8 in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: re-claim qtbase-opensource-src.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-19325 as REJECTED after MITRE confirmation
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] yarnpkg fixed in experimental
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8835/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla-needed: add and claim libplist
Dylan Aïssi
- [Git][security-tracker-team/security-tracker][master] Expand TODO item for CVE-2020-7610
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-8835/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim netkit-telnet and netkit-telnet-ssl
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Document new symfony issues
David Prévot
- [Git][security-tracker-team/security-tracker][master] Correct source package name: synfony -> symfony
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark golang-1.13 as removed from the archive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-6817/python-bleach, #955388
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct source package name for CVE-2020-7212
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixing commit information on CVE-2020-1957/shiro
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10595/libpam-krb5
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Update status of libperlspeak-perl.
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim shiro.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: add libpam-krb5 and claim it (in coordination with ola at lts-frontdesk).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1111{1,2,3}/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] libvncserver fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new bubblewrap issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] otrs2 fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/CVE/list: Update CVE-2020-5255/symfony for jessie (<not-affected> tag).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Drop qtbase-opensource-src (see 69c0ae16).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2163-1 for tinyproxy
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry which will get an update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Drop stretch's <no-dsa> line for CVE-2017-11747/tinyproxy....
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Revert "data/CVE/list: Drop stretch's <no-dsa> line for...
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable vor x11vnc issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: Switch CVE-2019-17177/jessie from <no-dsa> to <ignored>....
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] 2 commits: not fixed by a point release but a LTS upload
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] pam-krb5 DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add reference to commit for bubblewrap issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Marked CVE-2020-5274 and CVE-2020-5275 as not affected following security team...
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Python bleach need to be fixed in jessie.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] add additional QT commit reference
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] LTS: claim python-bleach in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove reference with only CVE request information
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new csync2 issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11441/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lua-cgi - code is broken and cannot be exploited
Brian May
- [Git][security-tracker-team/security-tracker][master] 3 commits: Demote CVE-2014-2875 to unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed versions for CVE-2020-10188
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Slightly reorganize notes for CVE-2014-2875
Salvatore Bonaccorso
Last message date:
Tue Mar 31 22:12:48 BST 2020
Archived on: Tue Mar 31 22:12:50 BST 2020
This archive was generated by
Pipermail 0.09 (Mailman edition).