March 2021 Archives by thread
Starting: Mon Mar 1 05:40:18 GMT 2021
Ending: Wed Mar 31 21:57:04 BST 2021
Messages: 807
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-0222 and associate mqtt-client
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] triage qemu gsoap wpa for stretch
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim spip
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Take wpa
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-27843
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2020-27842/openjpeg2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track status for CVE-2021-3349
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-27223/jetty9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Holger Levsen
- [Git][security-tracker-team/security-tracker][master] OTRS n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new tomat issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2578-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] gitlab fixes in experimental
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] mumble fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-28493/jinja2 in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 5 commits: Track fixed version via unstable for CVE-2021-25329/tomcat9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-25004/mongodb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-7929/mongodb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1926 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2021-2403{1,2}/libzstd assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3419/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Stretch triage
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-0447/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-0448/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-0399/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] linux n/a
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2579-1 for spip
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] CVE-2021-26117,activemq: Fixed in unstable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add spip entry for stretch for temporary entry without CVE
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track linux fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] salt fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2017-15041/golang: reference regression
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add tracking of new grub2 issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for grub2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] grub2 issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Note on guacamole-server
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-21330/python-aiohttp as not-affected for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Drop python-aiohttp from dla-needed; not-affected
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2580-1 for adminer
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-1936 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: pick up tomcat8
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2581-1 for wpa
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Take tomcat7
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Adjust source package name for chromium
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2021-27645/glibc
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-25715/dogtag-pki
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20262
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20263/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2021-3408 (duplicate of CVE-2021-20233)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3420/newlib
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two glpi issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qemu n/a for released suites
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track pending CVE fixes for buster-pu for linux upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libbsd via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add mqtt-client, mupdf, grub2 to dla-needed.txt
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] newlib issue affects picolibc
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add suggested handling for grub2 in stretch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2021-23334
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16873/golang: fix my inconsistent sort
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add note and attribution for grub2
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] add libnewlib-nano to affected source packages
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] qemu, newlib bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-28498/node-elliptic fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2021-3419 (withdrawn by its CNA)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-27927/zabbix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new pillow issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Proces some more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-20230/stunnel4
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for three CVEs for pillow via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track the 5 other pillow CVEs as well
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-22134/elasticsearch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-26813/python-markdown2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3418/grub2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new glpi issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark 7 CVEs affecting grub2 as ignored for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] final polishing
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add triage to Makefile
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new linux/xen issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information on XSA-369 issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove tracking in CVE-2021-0448 (confirmed duplicate)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Display list item marker in HTML (for "bullet points")
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] doc: Add triage of low severity issues to index
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20265/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20268/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-20268/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Do not track CVE-2021-24032 for DLA-2573-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] qemu triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new neutron issue (concludes external check)
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] elisp: correctly disable font-locking for non-keyword through buffer-local font-lock-defaults
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] cvelist.el: New function to insert no-dsa comment based on the current source entry.
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: distributions.json: Introduce 'end-of-life' for support attribute
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-21334/containerd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-27907
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-3407/mupdf via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2582-1 for mqtt-client
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2583-1 for activemq
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tag for CVE-2018-11775 CVE-2017-15709
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] CVEs assigned for XSA-367 and XSA-369
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream references for CVE-2021-340{3,4}/libytnef
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28041/openssh
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28040/ossec-hids
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28026/jpeg-xl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark two adminer issues as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-27365/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-27364/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-27363/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add assigned CVEs fro privoxy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20270/pygments
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-28502/{node-xmlhttprequest,node-xmlhttprequest-ssl}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2021-2027{2,3,4,5,6}/privoxy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for CVE-2013-7488 via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker] Pushed new branch CVE-2020-11997
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] LTS: add note about guacamole-server
Anton Gladky
- [Git][security-tracker-team/security-tracker][CVE-2020-11997] Update notes
Anton Gladky
- [Git][security-tracker-team/security-tracker] Deleted branch CVE-2020-11997
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add information about CVE-2020-11997
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] LTS: drop guacamole-server from dla-needed.txt. See !80
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2584-1 for libcaca
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2021-22182: Adjust comment referring to unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference regression fix for CVE-2020-36241
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-20270/pygments
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] bullseye triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] gitlab fixed in experimental
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: various bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2020-13124 via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note to CVE-2019-25008
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-26813/python-markdown2 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-26813/python-markdown2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: add note on zeromq3
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-3377/node-ansi-up
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-25025/ruby-activerecord-session-store
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-2066{3,4,5}/movabletype-opensource
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update referencing of upstream commits for CVE-2021-2736{3,4,5}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] mark CVE-2020-28491 as no-dsa
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-2627{1,2}/ckeditor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Mark CVE-2020-12695/libupnp as no-dsa; invasive changes
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2585-1 for libupnp
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] update notes
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2586-1 for linux
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-12363 and CVE-2020-12364
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync some linux CVEs with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version in unstable for rust-http
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status of ansible in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2553-2 for xcftools
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add mantis issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Duplicate CVE-2019-25008 now rejected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] commits refs for second rust-http issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-20274/privoxy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2020-36241/gnome-autoar
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] dla: golang: status update
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] gsoap fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Revert "Update status for CVE-2020-12363 and CVE-2020-12364"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track four more CVEs for privoxy via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new flatpak issue (temporary entry)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixes for chromium via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-11987: Drop patch suffix
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add some new glpi issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Information about the golang-gogoprotobuf issue.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-3424 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-20253 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update tracking information for CVE-2021-2792{1,2,3}/pillow
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for flatpak issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new libjpeg issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2021-3409/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2587-1 for privoxy
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] CVE-2018-6574,CVE-2020-28367/golang: precisions
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] buster triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2021-20236 as ignored for stretch.
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-21300/git
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-21295/netty
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2588-1 for zeromq3
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Track issue for courier-authlib (#984810)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim xmlbeans and update status notes
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-3425 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-21378 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2021-21300/git fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2021-21300/git no-dsa on stretch
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] NFU, concludes external check
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-28502/node-xmlhttprequest(-ssl) EOL on stretch
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reference GHSA advisory for flatpak
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for flatpak as per maintainer
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: new vecolity issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new squid issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new golang-github-pires-go-proxyproto issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new cgal issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] LTS: take python3.5
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-28041/openssh
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixing version via unstable for CVE-2021-20201/spice
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] golang-1.7,golang-1.8: stretch triage precisions
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] revert CVE-2021-27351, unclear
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Process three NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-28591/slic3r
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20205/libjpeg-turbo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-20205
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-21772/lib3mf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-21295/netty
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2020-11988/xmlgraphics-commons
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-11988/xmlgraphics-commons
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking for new CVE-2021-28117
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-27752,CVE-2020-25664,imagemagick: Mark as ignored for Stretch.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-2023{1,2}/gnutls28
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2021-28117/plasma-discover
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20278 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2021-3426
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove todo item from CVE-2020-28591
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: python2.7 n/a for pydoc issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new linux issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add fixed version for CVE-2021-20261
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-28117/plasma-discover
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-20261: Use shorter URI
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new salt issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new wireshark issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Adjust suite for CVE-2021-3426/python3.9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Typo
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-25122/tomcat7 as not-affected for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-25329/tomcat7 as ignored for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Drop tomcat7 from dla-needed
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] xcftools spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2589-1 for mupdf
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] CVE-2021-21381/flatpak assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove one postponed entry which got update in DLA-2589-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-2023{1,2}/gnutls28 as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-23351
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new temporary entry for glib2.0 issue (#984969)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-21375/pjproject
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20286/libnbd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20285/upx-ucl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add todo item to check for CVE-2021-21375
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2021-28153/glib2.0 assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2021-2023[12]/gnutls28 n/a on stretch
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2021-0384/libjpeg-turbo postponed on stretch
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-13959 is in velocity-tools
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] dla: take pygments
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2590-1 for pygments
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] new leptonlib issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] cvelist.el: New function to add source entry
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2021-25097/squid assigned
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] new golang issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] pygments fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2020-36254/dropbear postponed on stretch
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] new rpm issue, concludes external check
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2021-27918: swap order of source packages
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] cvelist.el: Modify debian-cvelist-insert-not-for-us to query for the software
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] According to GHSA-jvf6-h9gj-pmj6 assigned to CVE-2020-25097
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debin bug reference for CVE-2020-25097/squid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add pygments to dsa-needed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new dogtag-pki issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2021-22191/wireshark postponed on stretch
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add reference to pull request for CVE-2021-20179/dogtag-pki
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2021-0384/libjpeg-turbo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2021-20263/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-0384/libjpeg-turbo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add debian bug reference for CVE-2021-20263/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-9512,CVE-2019-9514/golang: stretch triage precision
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] silence some silly old hdf entries
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] various bug refs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-21772/lib3mf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Associate source package for CVE-2021-28302
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2021-20286/libnbd in 1.6 branch
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2021-20286/libnbd
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-20269/kexec-tools
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-20267/neutron
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for commit for CVE-2021-23341
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tag information for upstream commit for CVE-2021-27515
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-23341/node-prismjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: Update info on tomcat8
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] flatpak, tiff, pygments DSAs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] jquery spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-27515/node-url-parse
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tracking of experimental upload
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20248/rpm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20249/rpm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20266/rpm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20271/rpm
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-2136{3,4}/swagger-codegen, itp'ed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-20218-20871/gridengine as not-affected
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two node-lodash issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-23341/node-prismjs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-27515/node-url-parse
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additionally (more isolated) OpenBSD patch reference for CVE-2021-28041
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2021-28041/openssh
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-27576 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for explicitly reported #985142
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] rust-arch-swap, rust-smallvec fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DLA-2591-1 for golang-1.7
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2593-1 for ca-certificates
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] dla: claim glib2.0
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for CVE-2021-21300/git
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2019-18790 and CVE-2019-18351 for asterisk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for courier-authlib issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28373/tt-rss
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-0384/libjpeg-turbo via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13936/velocity
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-13959/velocity-tools
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2589-2 for mupdf
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-20328/mongo-java-driver
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: remove tomcat7 (unimportant issue)
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] CVE-2021-28374/courier-authlib assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28375/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3428/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new rust-diesel, node-xmldom issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new node-ssri issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage netty for stretch LTS (CVE-2021-21295).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage salt for stretch LTS (CVE-2020-28243,...
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2021-3421 in rpm for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2021-3402 in yara for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Take salt
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Remove listing of CVE-2020-27844 in DLA-2550-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-27921,CVE-2021-27922,CVE-2021-27923/pillow: reference patch
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2021-23336 affects py2
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] LTS: Take CVE-2021-24122 for tomcat8 in stretch
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-23336: regroup source packages listing
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] chromium fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add Debian bug references for rpm issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process two IBM specific NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DLA-2595-1 for tomcat8
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] LTS: drop CVE-2020-9484 and CVE-2020-9494 from DLA-2596-1
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28363/python-urllib3
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2021-28363
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Drop DLA-2595 and DLA-2596
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Track qtwebengine-opensource-src for CVE-2021-21193
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3443/jasper
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-202-28211/edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28210/edk2
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20284/binutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 5 commits: Add CVE-2021-20283/moodle
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Revert "Track qtwebengine-opensource-src for CVE-2021-21193"
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage python2.7 for stretch LTS (CVE-2021-23336).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage openjpeg2 for stretch LTS (CVE-2020-27844).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2021-20248, CVE-2021-20249, CVE-2021-20266 & CVE-2021-20271 for rpm in stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2021-24115 for botan1.10 in stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-8031 in open-build-service for stretch LTS>
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage ruby-activerecord-session-store for stretch LTS (CVE-2019-25025).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage squid3 for stretch LTS (CVE-2020-25097 & CVE-2021-28116).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] lts: take openjpeg2
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] CVE-2020-27844/openjpeg2 n/a on buster & stretch
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: NFUs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] dla: reference work on shadow
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-280{89,90}/tor
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Further update CVE-2020-27844 status
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add tor to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add end-of-life marking for stretch for CVE-2021-28089 and CVE-2021-28090
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: take python2.7
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Take tor for DSA release
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2021-280{89,90}/tor via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for tor update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-35459
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for gitlab-ci-multi-runner issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28543/varnish-modules
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: (re)claim shiro in dla-needed.txt
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-13936/velocity via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2017-20002/shadow assigned
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28650/gnome-autoar
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2021-28650: Add (not yet public) reference for upstream issue
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from three rejected CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2018-3693/linux with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-0630 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add firmware references for intel GPU issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage velocity for stretch LTS (CVE-2020-13936).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim velocity.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage velicity-tools for stretch LTS (CVE-2020-13959).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim velicity-tools.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3428/linux information synced with Red Hat and SuSE reports
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Correct "velocity-tools" typo.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2595-1 for velocity
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2596-1 for shadow
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20219/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2597-1 for velocity-tools
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2021-25291/pillow: stretch not-affected
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] CVE-2021-25292/pillow: stretch not-affected
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] record fixed version for modsecurity-crs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] qemu fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add qemu commit references
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new shibboleth-sp issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add references for shibboleth-sp issue (#985405)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove note for CVE-2021-20200 (duplicate now properly rejected)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28660/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-27291/pygments
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2020-35519/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28687/xen
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2598-1 for squid3
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-27799/zint
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new guix issue (#985467)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Giving package to someone else to conclude.
Ola Lundqvist
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3448/dnsmasq
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3446/libtpms
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new grafana issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-27921,CVE-2021-27922,CVE-2021-27923/pillow: stretch triage
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add DSA 4872-1/shibboleth-sp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2599-1 for shibboleth-sp2
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Update temporary shibboleth-sp2 entry and track stretch version
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-2717{0,1}/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28831/busybox
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-27358/grafana
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-27928/MariaDB
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 4 commits: Triage CVE-2020-27225 in eclipse for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage courier-authlib for stretch LTS (CVE-2021-28374).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage busybox for stretch LTS (CVE-2021-28831).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Add missing "NOTE: " prefix.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Take courier-authlib
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-28591 in slic3r for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] CVE-2021-25293/pillow: stretch not-affected
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-28116/squid3 as postponed for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Track further pending CVE fixes for buster-pu for linux/4.19.181-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] glib2.0: stretch triage
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] dla: claim dnsmasq
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3429/cloud-init
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2600-1 for pygments
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Track fixed version for linux via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-3429/cloud-init
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add proposed update for cloud-init via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26797/libmediainfo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-26797/libmediainfo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track two new Apache PDFBox issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2601-1 for cloud-init
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix two typos
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-26797/libmediainfo
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14852 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add undetermined entry for CVE-2021-20292
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2021-27292/node-ua-parser-js
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28834/ruby-kramdown
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-27292/node-ua-parser-js
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add information for CVE-2021-3448 and mark buster state postponed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3445/libdnf
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3447/ansible
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-28834/ruby-kramdown
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2021-0384
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add new moodle issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-28650/gnome-autoar
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-27292/node-ua-parser-js via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-27291/pygments
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2021-28650/gnome-autoar
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-28831/busybox as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-20193/tar
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage edk2 for stretch LTS (CVE-2021-28210 & CVE-2021-28211).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage libmediainfo for stretch LTS (CVE-2020-26797).
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-9923/tar via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2021-28834 in ruby-kramdown for stretch LTS.
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] 2 commits: dnsmasq: use https for patch links
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Revert "Triage CVE-2021-28834 in ruby-kramdown for stretch LTS."
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-26797/libmediainfo as no-dsa
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-3410/libcaca
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2021-20286
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-25685,CVE-2020-25686/dnsmasq: stretch triage
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] LTS: take mariadb-10.1
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] LTS: add links to repos
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-28591
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-25097/squid fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Two glibc issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28950/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28951/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28952/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28957/lxml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2558-2 for xterm
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-28957/lxml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2019-20790
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Fix grammatical typo and slight rewrite of note
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-28952/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] distributions.json: Add sid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2021-28957/lxml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 3 commits: give back subversion, not buildable on IPv6 only builder
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] cimg no-dsa, various bugs filed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-28831/busybox
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-26295 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-35459/crmsh via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-13959/velocity-tools via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] update note
Abhijith PA
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tags for upcoming imagemagick update.
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Update status of ansible
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] CVE-2021-28963 assigned for shibboleth-sp
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] crmsh, ceph no-dsa
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] one ceph issue fixed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] reclaim subversion after carnils pointer to some bugs
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2021-28957/lxml
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2603-1 for libmediainfo
Chris Lamb
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2604-1 for dnsmasq
Sylvain Beucler
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2020-28591/slic3r
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-6098/freediameter via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Four cgal issues fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add and take squid in dsa-needed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries which are listed for DLA-2603-1
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28964/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28971/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28972/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] webkit2gtk upstream advisory WSA-2021-0002
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2605-1 for mariadb-10.1
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-20292/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove two notes from rejected CVEs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] ansible bugs
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add varnish-modules patch reference, older suites not affected
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] 2 commits: add cgal
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] new firefox/thunderbird issues
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track commit for CVE-2021-3409
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update two mfsa2021-10/12 references
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] LTS: take cgal
Anton Gladky
- [Git][security-tracker-team/security-tracker][master] 2 commits: buster triage
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] squid DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3444/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-3444
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-27829,imagemagick: Mark as not affected
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add set of new libxstream-java issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] firefox-esr fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] 2 commits: no, this is not my package
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2021-3448 as postponed for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Mark for now CVE-2020-11725 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20277/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-27840/samba
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] lts: take subversion
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] firefox fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add samba to dsa-needed
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] new nanopb issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2606-1 for lxml
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] add leptonlib
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2021-27290
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-27290/node-ssri
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libxstream-java issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-21401/nanopb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] firefox DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Update information CVE-2021-20277/{ldb,samba}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-27840/{ldb,samba}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1946/spamassassin
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add ldb to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add additional references for slirp4netns/libslirp issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2021-27290/node-ssri
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-24994/libass
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3467/jasper
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3465/p7zip
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take ldb from dsa-needed
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add and claim lxml
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] p7zip unimportant
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] add libxstream-java
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] add ldb
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] new libmicrohttpd issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-2450/openssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3449/openssl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add upstream commits from 1.1.1 branch for CVE-2021-34{49,50}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for openssl update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2607-1 for firefox-esr
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-27839/ceph in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-25678/ceph
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-3449
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add two CVEs related to ipfs (itp'ed, #779893)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process one Micro Focus specific NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] openssl fixed in sid
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2608-1 for jquery
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] 2 commits: fix typo
Roberto C. Sánchez
- [Git][security-tracker-team/security-tracker][master] Revert "remove no-dsa tags from jquery vulnerabilities being fixed" (partially)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Verify candidates for 10.9 point release
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-14836 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16048/firefox
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-23362/node-hosted-git-info
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20293/resteasy
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-4877-1
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for ldb issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2020-10730: Add upstream bug reference
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2609-1 for thunderbird
Emilio Pozuelo Monfort
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-28543/varnish-modules
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add openssl
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] CVE-2021-21295,netty: Fixed in unstable
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] 5 commits: mark CVE-2020-24994 as no-dsa
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Add bug reference for spamassassin and fixed version via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Take openssl
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reference upstream change for CVE-2020-1946
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add spamassassin to dsa needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update date for DSA release for webkit2gtk
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-28952 as unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-29266/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-29265/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-29264/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-2133{2,3}/matrix-synapse
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Merge accepted updates for 10.9
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Cleanup additional spacings
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3119/sqlcipher
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via 10.9 buster point release for CVE-2021-3393
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] pygments DSA
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Track fixed version for linux issues via sid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] add spamassassin
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Take spamassassin
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for spamassassin update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for xen in dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] glib2.0, node-hosted-git-info spu
Moritz Muehlenhoff
- Processing 0827d6733274f71c46a763cc9b44e19180db8285 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] fix syntax
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libpdfbox2-java issues
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20294/binutils
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3469/foreman
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3468/avahi
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] crmsh spu
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] mark CVE-2020-36280 as not-affected for Stretch
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Track fixed version for guix issue via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-25315/salt
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove one no-dsa tagged entry for ldb
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add note for chromium in dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2021-28972 with kernel-sec
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track fixed version for ldb issues fixed via unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim netty in dla-needed.txt
Markus Koschany
- [Git][security-tracker-team/security-tracker][master] Add notes
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Track freedombox issue fixed in unstable
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Remove pdfresurrect (maintainer will propose an update at later time)
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-3449/openssl as not-affected for stretch
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Drop openssl from dla-needed
Utkarsh Gupta
- [Git][security-tracker-team/security-tracker][master] Update note for netty in dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2610-1 for linux-4.19
Ben Hutchings
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-4880-1 for lxml
Sebastien Delafond
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-29274/redmine
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-26919/druid
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Track proposed update for freediameter via buster-pu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] webkit2gtk upstream advisory WSA-2021-0003
Alberto Garcia
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-29424/libnet-netmask-perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28688/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28657/tika
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20295/qemu
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-23358/underscore
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add webkit2gtk to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-29424/libnet-netmask-perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-23358/underscore
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add relevant commits for CVE-2021-29424/libnet-netmask-perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2021-23358/underscore
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-22876/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-22890/curl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add curl to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3479/openexr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3476/openexr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3475/openexr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3474/openexr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-23980/python-bleach
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-21409/netty
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20297/network-manager
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20296/openexr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-20297/network-manager
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2021-29650/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-29649/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-29648/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-29647/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-29646/linux
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-29649
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for curl
Alessandro Ghedini
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2611-1 for ldb
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2612-1 for leptonlib
Thorsten Alteholz
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tagged entries for curl which got an update
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] CVE-2021-28918
Henri Salo
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-28918 as NFU
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add underscore to dsa-needed list
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] new ircii issue
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] take underscore
Moritz Muehlenhoff
- [Git][security-tracker-team/security-tracker][master] CVE-2021-28688: Add upstream commit reference
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add two more source package references for CVE-2021-29376
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for CVE-2021-29376/{ircii,scrollz}
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-21409/netty
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-29662/libdata-validate-ip-perl
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3470/redis
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-3470/redis unimportant
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add second commit for CVE-2021-23980/python-bleach
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-347{7,8}/openexr
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Process some more F5 related NFUs
Salvatore Bonaccorso
- [Git][security-tracker-team/security-tracker][master] Claim underscore in dla-needed.txt
Yadd
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2613-1 for underscore
Yadd
- [Git][security-tracker-team/security-tracker][master] Fix CVE for underscore in data/DLA/list
Yadd
Last message date:
Wed Mar 31 21:57:04 BST 2021
Archived on: Wed Mar 31 21:57:08 BST 2021
This archive was generated by
Pipermail 0.09 (Mailman edition).