October 2020 Archives by thread
Starting: Thu Oct 1 06:03:54 BST 2020
Ending: Sat Oct 31 22:11:43 GMT 2020
Messages: 642
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26160/golang-github-dgrijalva-jwt-go
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25637/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25626/djangorestframework
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25018 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-10763/heketi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage libvirt for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Drop notes for CVE-2020-25726 (withdrawn by assigning CNA)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes for open-build-service
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2389-1 for ruby-rack-cors
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] LTS: claim libvirt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2390-1 for ruby-json-jwt
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] 2 commits: Take ruby2.3 & jruby as both are affected by same CVE
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] dla: claim qtsvg-opensource-src
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add fixed version of ruby2.7 for CVE-2020-25613
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2391-1 for ruby2.3
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2392-1 for jruby
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2393-1 for snmptt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add tag information for CVE-2020-25637/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-25626/djangorestframework
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-25637/libvirt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-26160
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-8021: Add reference to upstream commit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim puma
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] one sqlite3 issue n/a for buster
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] LTS: claim tigervnc
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25643/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26519/mupdf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Triage libonig for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11979/ant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-26519/mupdf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-26137/python-urllib3 as no-dsa for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2020-1437{4,5,6,7,8}/dpdk as no-dsa for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2394-1 for squid3
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim activemq and eclipse-wtp in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2395-1 for libvirt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-25626/djangorestframework as no-dsa for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] xen DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add exact version
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26541/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1818{4,5}/pluxml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25623/erlang
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Adjust source package name for CVE-2020-13327
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7070/php
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7069/php
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2020-7069
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2020-7070
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update information on CVE-2020-8252
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-11979/ant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-24370/lua5.4
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15216/golang-github-russellhaering-goxmldsig
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15216
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-10762 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13338/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13337/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add note for tinymce in stretch
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2013-6395/ganglia-web
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2015-6816/ganglia-web
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-11986/netbeans
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15671/firefox (but Android specific)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim golang-go.crypto
Brian May
- [Git][security-tracker-team/security-tracker][master] Triage php7.0 for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] LTS: claim php7.0
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-16094 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark xchat as removed from unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] netbeans fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8223/nextcloud-server
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26164/kdeconnect
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-26164/kdeconnect
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26572/opensc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26571/opensc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26570/opensc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] config.py: raise an error on invalid distributions
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14355/spice{,-gtk}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for spice and spice-gtk issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new nette issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-7069/php7.0 as <not-affected> for stretch
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] dla: claim sympa
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-26541/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes for sympa
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Track fixes for etcd via experimental
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference proposed fix for CVE-2014-10401/libdbi-perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] fix CVE list for tb DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26575/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] opensc no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2396-1 for tigervnc
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2397-1 for php7.0
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] drop stray no-dsa entry
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] "new" glibc issue fixed 19 years and 11 months ago
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2398-1 for puma
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] CVE-2020-5247: backporting tests related to this issue also need
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] stretch triage
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] dla: claim wireshark
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Add notes for wireshark
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] dla: reference sympa thread
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2332-2 for sane-backends
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Take spice & spice-gtk
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] LTS: claim packagekit
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2399-1 for packagekit
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] LTS: claim brotli
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] CVE-2020-13920,activemq: fixed in unstable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2400-1 for activemq
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2401-1 for sympa
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: re-add sympa
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2402-1 for golang-go.crypto
Brian May
- Processing a16b55300564d69f4c3d37a0c84cc41bf9b5638b failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] new dompurify issue, NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] cvelist.el: New debian-cvelist-cvesearch() function to look up a CVE at MITRE
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26880/sympa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove one no-dsa tagged entry which recieved a DLA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2020-26053
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2020-14355/spice-gtk as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13347/gitlab-ci-multi-runner
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add four new gitlab issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2020-70{69,70}/php7.4
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2018-10893/spice-gtk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2018-10893/spice-gtk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25645/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-8264/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13956/httpcomponents-client
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-10936/sympa: reference Debian-specific patch
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add notes for ruby-kaminari
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add notes for ruby-doorkeeper
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] CVE-2020-15168/node-fetch fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2403-1 for rails
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim httpcomponents-client in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2404-1 for eclipse-wtp
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-13956,httpcomponents-client: Link to fixing commit
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Claim libonig and guacamole-client in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] mark CVE-2020-26519 postponed and CVE-2020-15227 no-dsa
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Update information on permission issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional version tag information for commit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] freecol, okular spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-9497,CVE-2020-9498,guacamole-client: point to fixing commit
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Re-associate CVE-2020-949{7,8} to guacamole-server source package
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fixes for etcd moved to unstabla via 3.3.25+dfsg-5 upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2405-1 for httpcomponents-client
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reference pull request fixing CVE-2018-109{8,9}/etcd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update guacamole-client note in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Correct note about guacamole-client in dla-needed.txt.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2016-1566/guacamole-client
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-26932/sympa assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track CVEs fixed with linux/5.8.14-1 to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26935/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26934/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for python-flask-cors
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add am-utils to removed packages
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] flashplugin-nonfree removed from everywhere
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-8264/rails
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for spice update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-26934/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-26935/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-20243 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] opensc bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: still ongoing
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Track fixed version of rails for CVE-2020-8264
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] dla: update package status
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for gpac issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-26570/opensc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15476/ndpi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15866/mruby
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-11800/zabbix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] gitlab fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-14888/undertow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] more gitlab fixes
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2019-20922 n/a, thanks yadd
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new otrs issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add yaws to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2019-20922
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-11979/ant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-13943/tomcat
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] adplug fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] lua, rust-ncurses bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-1107{6,7}/puma
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix small typo in postponed note
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-26159/libonig
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-020-13341/gitlab
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new webmin issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for sympa issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] sqlite spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Fix typo in typofix for postponed note
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add httpcomponents-client to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 8 commits: Triage CVE-2020-11022 in otrs2 for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2020-1102{2,3}/otrs2: Correctly order suites top-down
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25829/pdns-recursor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-26880/sympa as postponed (to be revisited when fixed upstream)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-25829/pdns-recursor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark sympa as no-dsa and to be released via point release
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-25613/ruby2.5 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-13920/activemq for buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark current curl issues as no-dsa for buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track ryby2.5 update via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference SuSE report for kdeconnectd issue(s)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16120/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16119/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15180/mariadb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2014-10402/libdbi-perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new bluetooth related linux issues from INTEL-SA-00435
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed libjpeg-turbo update via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25649/jackson-databind
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-14299 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-9746 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16124/ros-ros-comm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage jackson-databind for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage zabbix for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2406-1 for jackson-databind
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2407-1 for tomcat8
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15229/singularity-container
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15229/singularity-container
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ngircd, NM fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Adjust fixed version for CVE-2020-10754
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] httpcomponents-client DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] python-rtslib-fb, iotjs, packagekit bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new junit4 issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] junit4 bug
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reference upstream github report for CVE-2020-15250/junit4
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-16124/ros-ros-comm as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2020-16124/ros-ros-comm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2019-4369 (which was withdrawn)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27153/bluez
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference to #972189 sympa LTS regression.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage bluez for stretch LTS (CVE-2020-27153).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage junit4 for stretch LTS (CVE-2020-15250).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-16124 in ros-ros-comm for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-15180/mariadb-10.5
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Try to take care of the python-flask-cors DSA
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15157/containerd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2019-18276/bash via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-6108/f2fs-tools
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-6107/f2fs-tools
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-6106/f2fs-tools
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-6105/f2fs-tools
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-6104/f2fs-tools
Salvatore Bonaccorso
- Processing 95550a1202d9ec950b620c634a9b92198040ada4 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] zint entered the archive, move from itp status to unfixed for further checks
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] puma fixed in sid, add spu entries
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] zint fixed with initial upload
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new kubernetes issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new linux issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] k8s bugnum
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] djangorestframework fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] ros-ros-comm spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-24490/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update note for CVE-2020-9385
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add references to advisories for CVE-2020-24490 and CVE-2020-1235{1,2}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-24490/linux as not-affected for stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2020-1235{1,2}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for yaws update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2408-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27152/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-27152/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-21674/libarchive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27194/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-27194/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove not-affected tag for CVE-2020-24490 for now
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Track three linux CVEs fixed in unstable upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26682/libass
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14144/gitea
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-2693{4,5}/phpmyadmin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-26682 in libass for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2019-12761/pyxdg
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2019-12761/pyxdg
Salvatore Bonaccorso
- Processing 1f2324ff6a8338a914e3e3c79e5621de2aa3d44b failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] tboot entered the archive, move from itp status to unfixed for further checks
László Böszörményi
- [Git][security-tracker-team/security-tracker][master] src:rubygems has been re-introduced into the archive
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2017-16837/tboot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2017-16837/tboot
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: add note
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DSA number for linux update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: update shiro status
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] update not for tinymce
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] new rust-crossbeam-channel issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-17480 as no-dsa, there are other workarounds available
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-15254/rust-crossbeam-channel
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for python-flask-cors
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-25829/pdns-recursor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-26891/matrix-synapse
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-2426{5,6}/tcpreplay
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lout removed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-0423/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25648/nss
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two new firefox-esr issuef from mfsa2020-46
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2020-45
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: take firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Seems it is not reproducible with PoC https://labs.bishopfox.com/advisories/tinymce-version-5.2.1
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] mariadb DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15999/freetype
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2020-15999/freetype
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15999/freetype
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add freetype to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-13991/iotjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed versions for firefox-esr from mfsa2020-46
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-25648/nss fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox issues from mfsa2020-45
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo
- [Git][security-tracker-team/security-tracker][master] dla: take mariadb-10.1 for the announcement
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2409-1 for mariadb-10.1
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] new edk2 issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new Java issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new vbox issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-2689{5,6}/lnd (itp'ed)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new xen/linux issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: take openjdk-8
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] new mysql issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new node-object-path issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add freetype
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2020-15999/freetype fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2410-1 for bluez
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] packagekit fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] k8s fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] sixel, tinymce bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for freetype update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-1313{1,2}/yubico-piv-tool
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-13991/iotjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove fixed version for CVE-2019-19816/linux in buster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Use separately cloned bug for CVE-2020-8565
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two more mysql-8.0 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] firefox DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14775/mysql-{5,7,8.0}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process several more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2411-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2020-47
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Track fixes for openjdk-11 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27187/kpmcore
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fastd issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for fastd via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark CVE-2019-1010091 as ignored and change CVE-2020-12648 to ignore as well
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] No issues remaining, remove tinymce from dla-needed. Claim junit4
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Sort suites top-down
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-27638/fastd assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] openjdk-11
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] ruby-omniauth-auth0 n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] node-object-path fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] kpmcore n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new unimportant python issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-27619: Reference additional commits in various supported branches
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-17640 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-15157
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-15250: Add reference to upstream commit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] golang-1.14 removed from unstable: Update information
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27195/nomad
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15906/tikiwiki
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Associate some older NFUs with src:tikiwiki
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2020-8966 with tikiwiki
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27560/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27661/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track golang-1.14 as removed everywhere
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-27195/nomad
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15180/mariadb-10.3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-27675/linux assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-27674/xen assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-27673/linux assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-27672/xen assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-27671/xen assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-27670/xen assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] node-object-path spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track CVE-2020-14803 for openjdk-8 too
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2412-1 for openjdk-8
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 6 commits: mark CVE-2020-27187 as not-affected
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-15256/node-object-path as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27216/jetty
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7020/elasticsearch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2020-27195/nomad
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-27195/nomad
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-27560/imagemagick
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track bug for embedded copy of certificates in rust-webpki-roots
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-16150/mbedtls
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for mysql-8.0 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference CVE-2020-14853 for mysql-cluster
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for mysql-5.7 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove two associations of 2019 CVEs with Oracle MySQL
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2020-27216 as no-dsa for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] gnuchess fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: claim libdatetime-timezone-perl and tzdata
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2413-1 for phpmyadmin
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] openjdk-11 DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Correct version for phpmyadmin in DLA-2413-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixing commit for CVE-2020-27661/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-27661/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: mark CVE-2020-26164 as no-dsa for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] LTS: update brotli status
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: take fastd
Sven Eckelmann
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry for fastd which got update in DLA-2414-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7751/node-pathval
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-7751/node-pathval
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-24265/tcpreplay
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-24266/tcpreplay
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-7751/node-pathval
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2415-1 for freetype
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] dla: status update
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] dla: update note on thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Claim poppler in dla-needed.txt update status of remaining packages.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-7751/node-pathval via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for node-pathval via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add notes for spice*
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] containerd issue affects docker in stable
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18925/opentmpfiles
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26566/motion
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15271/lookatme
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add github security advisory reference for motion
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-26566/motion
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-26566/motion
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-15271/lookatme
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove source annotation for CVE-2020-13332
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25659/python-cryptography
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2416-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25654/pacemaker
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27743/libpam-tacplus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-21269/openrc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] openjdk-8 issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-15999/freetype: Add reference to project-zero report
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] blueman DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2417-1 for linux-4.19
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2017-18925/opentmpfiles
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-15238/blueman
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Expand note for CVE-2020-15238
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2020-15238/blueman
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2018-21269/openrc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-21269/openrc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2017-18188/opentmpfiles
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-25659/python-cryptography
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2020-25659/python-cryptography
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-26682/libass
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-27743/libpam-tacplus
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-25654/pacemaker
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-26164/kdeconnect
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27617/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2014-10402/libdbi-perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2014-10402/libdbi-perl as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-24303/grafana
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-27617/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for libdbi-perl via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-14355/spice fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14318/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14323/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14383/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new webcit issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 4 commits: add link for fix of CVE-2020-26870
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2419-1 for dompurify.js
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] various bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reference patch submission for CVE-2012-1191/djbdns
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2012-1191/djbdns in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14323/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14383/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-14318/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2420-1 for linux
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Fix typo for NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream bugs for samba issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-24977/libxml2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: claim golang 1.7 and 1.8
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add openldap issue (CVE assignment pending)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for openldap issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] org/lts-frontdesk.2020.txt: Remove my self from LTS frontdesk schedule (Nov + Dec).
Mike Gabriel
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25689/wildfly
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-15271/lookatme
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: take Nov/Dec front desk weeks Mike had to vacate
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25668/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new wordpress issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-28031 ad NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-28030/wireshark
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25690 and update information on CVE-2020-5395
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25680
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-5991/nvidia-cuda-toolkit
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional information for CVE-2020-15180
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track additional source package for CVE-2020-15180
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Refer CVE-2020-10996 to percona-xtradb-cluster-5.5
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove empty line in listing
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Replace NFUs for Odoo with now packaged odoo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10902 was never in Debian
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] Slightly update information for CVE-2019-10902
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2422-1 for qtsvg-opensource-src
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10902: Correct statement about vunerable versions in Debian
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2423-1 for wireshark
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] LTS: take samba in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2424-1 for tzdata
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] tzdata is not a security update
Adrian Bunk
- [Git][security-tracker-team/security-tracker][master] CVE-2020-17498 is not in the wireshark version in buster
Adrian Bunk
Last message date:
Sat Oct 31 22:11:43 GMT 2020
Archived on: Sat Oct 31 22:11:47 GMT 2020
This archive was generated by
Pipermail 0.09 (Mailman edition).