November 2021 Archives by thread
Starting: Mon Nov 1 08:07:28 GMT 2021
Ending: Tue Nov 30 23:32:57 GMT 2021
Messages: 653
- [Git][security-tracker-team/security-tracker][master] new rustc issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2011-2195/websvn: add notes
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Process an NFU
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Update 3 old CVEs for calibre - code removed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] LTS: update notes on my claimed packages
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3903/vim: PoC note
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-3556/hhvm - pkg removed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process 2 NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add notes on CVE-2020-27304/civetweb
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process more aaptjs NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs & 1 removed pkg
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-36513/freeswitch RFP
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41092/docker.io
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] asterisk, openjdk-11 DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Java n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2021-42574/rustc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: status update
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Update trackng for CVE-2011-412{4,5,6}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Semi-automatic unclaim after two weeks of inactivity.
Jeremiah C. Foster ( at jeremiah)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-27304 as unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2021-22096 with libspring-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-41092
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for plib via {bullseye,buster}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2020-12268 via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2806-1 for glusterfs
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2807-1 for bind9
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tag for CVE-2018-5740,bind9 in Stretch.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Re-claim openssh; will rollout the DLA soon(TM)
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for aom issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-34981/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-34981/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-42917/{kidi,xbmc}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process NFU
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add CVEified issues for firefox in mfsa2021-48
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3765/validator.js <removed>
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2021-49 (only the CVEified ones yet)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add firefox to dsa-needed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: add icinga2 and kodi
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] dla: take kodi
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add new trafficserver issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for firefox via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup indentation for notes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2021-41136/puma via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43267/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2021-43267 with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add sqlalchemy
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add commit URLs for icinga2 CVE-2021-32743 and CVE-2021-32739
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Cleanu some older chromium CVEs which got withdrawn by the assigning CNA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-4326{4,5,6}/mahara
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add commit URLs for icinga2 CVE-2021-37698
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add ATS commit references (one still missing)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker] Pushed new branch remove-cve-dist-tags-on-DSA
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] one ATS issue specific to unstable/bookworm
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] more commits refs for last ATS issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][remove-cve-dist-tags-on-DSA] 2 commits: Add a script to remove dist tags (e.g. postponed) from CVE/list
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][remove-cve-dist-tags-on-DSA] 2 commits: bin/remove-cve-dist-tags: accept multiple releases
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 5 commits: Add a script to remove dist tags (e.g. postponed) from CVE/list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker] Deleted branch remove-cve-dist-tags-on-DSA
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Track fixed CVEs for linux upload via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] buster/bullseye triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new grafana issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Claim sqlalchemy in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3765/validator.js: stretch postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3802/udisks2: reference commit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42260/tinyxml: reference MR
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: claim icinga2
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-37698: Expand list of commits from GHSA-cxfm-8j5v-5qr2 merge
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-43082: Add reference for upstream tag introducing the issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-41134/nbdime
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-41036/paho.mqtt.c
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-40985/htmldoc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-4084{8,9}/mahara
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-27836/r-cran-readxl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-23109/libheif
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add containerd to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41103/containerd: Reference set of commits required
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-42326/redmine
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-42740/node-shell-quote
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-42917/kodi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: add mbedtls
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-42917/kodi via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3736/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-3736/linux as unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup CVE-2021-27723 notes as withdrawn from assigning CNA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take mbedtls
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add fixing commits for a couple of mbedtls issues
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] new linux issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] linux n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-0920/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking entry for CVE-2021-0929
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-0929
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] record older thunderbird fixes in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: add udisks2
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2808-1 for python3.5
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Take udisks2
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2021-41617/openssh as no-dsa for stretch
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Re-assign udisks2 to Emilio on request
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2021-43389
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update entries for CVE-2021-3896 and CVE-2021-43389
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43396/glibc (issue introduced due to fix fo CVE-2021-3326)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-43396/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43400/bluez
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take care of releasing DSA for prepared update for containerd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43398/libcrypto++
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-43400/bluez
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2809-1 for udisks2
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] tracker_data: setup paths before importing local modules
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2021-32627 in redis for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2810-1 for redis
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] LTS: add ckeditor and assign to Utkarsh (discussed per email)
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: add wordpress
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Take wordpresS
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Drop wordpress from dla-needed
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] redis DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-392{7,8}/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] ATS fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird entries from mfsa2021-50
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for openjdk-8 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3930/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3905/openvswitch
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14379 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track some new tensorflow issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] typo
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-22096/libspring-java: link to upstream request for commit info
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-41617/openssh via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-40391/gerbv
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2811-1 for sqlalchemy
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Remove two no-dsa tagged entries for recent DLA 2811-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] gen-DSA: Hanlde CVE list in DLA/ELA mode as well
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for containerd update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] gen-DSA: only call remove-cve-dist-tags if there's dist info
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] LTS: add gerbv
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for docker.io CVE-2021-41089 CVE-2021-41091 CVE-2021-41092 via unstable
Shengjing Zhu ( at zhsj)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-4177{1,2}/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new CVEs for src:hurd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-25978 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: All nvidia-graphics-drivers CVEs are fixed on this branch in buster
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for libsepol issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] jqueryui fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Jeremiah C. Foster ( at jeremiah)
- [Git][security-tracker-team/security-tracker][master] dla: icinga2 status
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: remove no-dsa tag for CVE-2017-14737 for stretch
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reclaim salt in dla-needed.txt and update NOTES.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] LTS: take gerbv
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2021-40391/gerbv
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Mark udisks2 as no-dsa and start tracking bullseye-pu update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track one CVE for jqueryui which will be fixed in bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for curl via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-40985/htmldoc via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2813-1 for ckeditor
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-41253/zydis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVEs from samba release on 9th november 2021
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for samba update in bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2814-1 for openjdk-8
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Add one missing fixed version for openjdk-8 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add samba for oldstable in dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2021-38511/rust-tar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-3671
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-4317{2,3,4}/routinator
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for routinator
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43114/fort-validator and correct previous NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for samba via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3941/openexr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3933/openexr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-20325/apache2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2021-22097/libspring-java postponed in stretch
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: bin/lts-missing-uploads.py: also get contrib & non-free
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2815-1 for salt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5004-1 for libxstream-java
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Mark Buster CVE of libxstream-java as fixed in version 1.4.11.1-1+deb10u3
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Process two set of CVEs for Intel CVEs to be NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2816-1 for icinga2
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Process some more Intel specific CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2021-33098 and add TODO for further checks, might impact src:linux and ixgbe driver
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one more Intel specific NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43523/uclibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-4177{1,2}/golang-1.16 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5005-1 for ruby-kaminari
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add new CVEs for busybox issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update CVE-2021-41253/zydis: Package entered archive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-22004,salt as unimportant because only Windows systems are
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43519/lua
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-41253/zydis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim libxml-security-java, salt and tomcat9 in dsa-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2021-42343/dask
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Replace name
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixing commit for CVE-2021-43519/lua
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add two dolibarr CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-23884/nomacs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-21996,salt: Link to fixing commit
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] new postgres issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add reference for postgresql advisory from 11th november 2021
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Triage busybox for stretch
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-23906/ffmpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-2390{3,4}/speex
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add node-tar to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: unclaim ntfs-3g
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] postgres, node-tar DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Sync not affected status for CVE-2021-37712 and CVE-2021-37701 with upper suite
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for three hoteldruid issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2021-42343/dask.distributed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3948 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3947/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2015-5236/icedtea-web
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Revert "Sync not affected status for CVE-2021-37712 and CVE-2021-37701 with upper suite"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add set of octopki related CVEs (cfrpki)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2817-1 for postgresql-9.6
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] dla: claim busybox
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2021-42340,tomcat9 in buster as not-affected
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Claim ntfs-3g in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-42374/busybox: stretch not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for busybox issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] busybox triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42374/busybox: stretch not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 8 commits: LTS: Mark CVE-2021-3809{0-4} as not-affected for stretch
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: update notes for rustc
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Shorten some "in stable" and "in oldstable" wordings to make it time persistent
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43579/htmldoc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-40985
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-41259/nim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-41259/nim as no-dsa for bullseye and buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: LTS: Mark CVE-2020-20898 as not-affected for stretch
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Mark CVe-2016-2124 as no-dsa for buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for samba in buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-4333{1,2}/mailman
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-41229/bluez
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42374/busybox: precise impact
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: update busybox status
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2818-1 for ffmpeg
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-3828/nltk via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43612/lldpd and track fixed version via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43616/npm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: Add CVE-2021-38171 to be announced in DLA-2818-1
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-42917/kodi as no-dsa for bullseye and buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for kodi via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update/add missing embedded copies regarding nsis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking for lldpd update via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43618/gmp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-14424/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5010-1 for libxml-security-java
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage gmp for stretch LTS (CVE-2021-43618)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Triage CVE-2021-41229 in bluez for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Cross-reference some CVEs from AMD-SB-1000 bulletin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Document CVE-2021-43608/php-doctrine-dbal in experimental only
David Prévot ( at taffit)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add fixed version for CVE-2021-41253/zydis via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take libvorbis
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Document CVE-2021-32708/php-league-flysystem
David Prévot ( at taffit)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43574/atmailopen
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for htmldoc via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2201-43618/gmp via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-41244/grafana
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Re-claim libgit2
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2013-7109
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-3647[78]/mbedtls: add fixing commits
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: reclaim firefox & thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Re-claim libssh2.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] new laravel issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-6492/chromium - EOL stretch, add to DSA-4714-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3918/node-json-schema #999765
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] busybox: stretch postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed verison via unstable for CVE-2021-3918/node-json-schema
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-36477/mbedtls n/a on stretch
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] nomad n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-20891, CVE-2020-20892, CVE-2020-20896, CVE-2020-21688,...
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-3756/libmysofa via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-43618/gmp as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Claim firmware-nonfree in dla-needed.txt
Markus Koschany ( at apo)
- Processing 83a5b72a4d39814983d32011ce1bc24000d30def failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41653, Readd the whitespace character
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] openqa entered the archive, move from itp status to unfixed for further checks
László Böszörményi ( at gcs)
- Processing 31f166206ca0eff8c65f8f92baf614d4071d094f failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVEs of atftp postponed until now
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2019-3686/openqa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43560/moodle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43559/moodle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-202-143558/moodle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-42114 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3962/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3943/moodle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3935/pgbouncer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3917 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43337/slurm-wlm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop notes for CVE-2021-30216
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] heimdal fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: fixed in recent upload
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-23214,CVE-2021-23222/postgresql: reference patches
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-4397{5,6}/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup additional whitespaces
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take libvpx
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] dla: add firebird3.0
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Process 3 NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process NFUs for Intel
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Improve CVE-2021-3939 to show as accountsservice/not-affected
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41164,CVE-2021-41165/ckeditor bug #999909
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] dla: claim firebird3.0
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2017-11509/firebird3.0: add bug reference
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track two new rouncube issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of wireshark issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for linux version via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: two netkit-rsh CVEs fixed in recent upload
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] CVEs for roundcube assigned: CVE-2021-44025 and CVE-2021-44026
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3975/libvirt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-37938/kibana
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker] Pushed new branch newissues
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark Buster issues in Salt as fixed in version 2018.3.4+dfsg1-6+deb10u3
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][newissues] check-new-issues: implement review comments
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker] Deleted branch newissues
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Improve check-new-issues for new users
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-43668/golang-github-go-ethereum itp
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] new puppet issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit references for puppet issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28710/xen
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-14424 in cacti for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2021-3933 in openexr for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 5 commits: data/dla-needed.txt: Triage wireshark for stretch LTS (CVE-2021-39920,...
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-44038/quagga
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take wireshark
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup trailing whitespaces
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track three new vim CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-42836/golang-github-tidwall-gjson
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2021-3973 & CVE-2021-3974 in vim for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-43398/libcrypto++
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-43519/lua5.4
Salvatore Bonaccorso ( at carnil)
- Processing e01b3fd1ac9f88d37829747eba39ba7c7f2c5d90 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2823-1 for salt
Markus Koschany ( at apo)
- Processing 6f0b58ba76aeda3cbff1723809f585323a2390e2 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] kotlin entered the archive, move to unfixed status for further checking
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-10101/kotlin fixed before initial upload to Debian
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-37592/suricata
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update notes on CVE-2021-41190
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2824-1 for firebird3.0
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for wavpack via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track upstream commit information for CVE-2021-41229/bluez
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add roundcube to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-41229/bluez
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-22096/libspring-java: stretch ignored
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: re-claim gpac in dla-needed.txt, update notes
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage roundcube for stretch LTS (CVE-2021-44025 & CVE-2021-44026)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Claim roundcube in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Mark for now CVE-2021-22096 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process four new NFUs
Salvatore Bonaccorso ( at carnil)
- Processing 4b6ff0e3729cff2b1fb6d5c725bce42f4b671ee4 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2823-2 for salt
Markus Koschany ( at apo)
- Processing 82160e66359134d235b263cd53548b64a681d856 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] node-http-proxy is now in Debian.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track upstream commit for CVE-2017-16014/node-http-proxy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Postpone CVE-2021-42917 for stretch
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-3701/ansible-runner via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-39358/gfbgraph via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track mariadb sources for CVE-2021-35604
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track mariadb proposed updates via {bullseye,buster}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] For now drop source for mariadb-10.6 from CVE-2021-35604 listing
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: follow security team and mark CVE-2021-37620 as ignored
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] lts: update notes
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track proposed update for mailman via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: libmodbus issues fixed in recent upload
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] node-json-schema spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libmodbus via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three CVEs associated with librecad
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-37322
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] fill in librecad details
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add bluez
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-14424/cacti fixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-44143/isync
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim roundcube
Sebastien Delafond ( at seb)
- [Git][security-tracker-team/security-tracker][master] dla: claim bluez
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-43400
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] two jspwiki issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-41281/matrix-synapse
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41281 fixed in synapse
Andrej Shadura ( at andrewsh)
- [Git][security-tracker-team/security-tracker][master] new xen issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2826-1 for mbedtls
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3658/bluez: stretch not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-42717/modsecurity{,-apache}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add sogo to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] openjdk-17 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16154/cpanminus
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16155/libcpan-checksums-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-16156/perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-40818/glewlwyd in buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-41281/matrix-synapse
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-4001/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2021-4001/linux with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new chromium issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] imagemagick n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lua50 n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new symfony issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3658/bluez: stretch not-affected (fix rationale)
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-8921,CVE-2019-8922/bluez: track 2 missing CVEs
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2021-41270/symfony
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41270: For consistency mark the correct used upstream tag
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-41267/symfony
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-41267/symfony
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-41268/symfony
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-30535/icu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3982/gnome-shell
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track proposed gmp update via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] tracker_service: sort releases in CVE pages
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Process one new NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking for CVE-2021-44223/wordpress
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup some additional whitespaces
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove one old note which was meant as temporary tracking of a package in NEW
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-42717/modsecurity
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-42717/modsecurity-apache
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference blog post for CVE-2021-41270
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-41270/symfony
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-41270/symfony as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for wireshark via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 6 commits: mark CVE-2020-16154 as no-dsa for Stretch
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-4002/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-44225/keepalived
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for linux via unstable upload of 5.15.5-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-21240 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add blog post reference for CVE-2021-42717
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-43400/bluez: stretch ignored
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-28703/xen
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-3736/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup notes from CVE-2015-5202
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove one TODO item
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-3935/pgbouncer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for symfony via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 7 commits: mark CVE-2021-23445 as no-dsa for Stretch
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2021-42343 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-4024/libpod
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-21707/php*
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-11987/batik fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-24119/mbedtls via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5013-1 for roundcube
Sebastien Delafond ( at seb)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2827-1 for bluez
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: claim librecad
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] jupyterhub entered the archive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2020-26261 with jupyterhub-systemdspawner which is different from JupyterHub itself
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2828-1 for libvorbis
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-4020/janus
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take libntlm
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2829-1 for libvpx
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] dla: take tar
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] dla: take opensc
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2830-1 for tar
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] stretch is not affected by CVE-2019-20792
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Update entry for icu: only oldstable needed and take
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: minor status update. Add repos
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for icu update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2831-1 for libntlm
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add temporarily xen for further evaluation
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim ansible
Lee Garrett ( at lgarrett)
- [Git][security-tracker-team/security-tracker][master] Track CVE-2021-33560 and CVE-2021-40528
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] quagga removed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 8 commits: mark CVE-2021-44225 as no-dsa for Jessie
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2021-44143 as postponed
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker] Pushed new branch jeremiah-glossary-dsa-patch
Jeremiah C. Foster ( at jeremiah)
- [Git][security-tracker-team/security-tracker][master] dla: take rsync
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Adding in a definition for DSA.
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker] Deleted branch jeremiah-glossary-dsa-patch
Jeremiah C. Foster ( at jeremiah)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2832-1 for opensc
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add notes for libgit2
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] xen fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add back not-affected status for CVE-2021-43396
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-32037: Add reference to upstream issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] citadel removed from sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: php8.0 removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-4020/janus
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-4020/janus
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-4024/libpod
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-33098/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim rustc and update notes
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Start tracking ksmtp as well for CVE-2020-15954
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-4024/libpod
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-4028/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark puppet as ignored for released distros
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for samba update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: take rsyslog
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] janus fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for reported #1000886
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] ros-ros-comm spu/opsu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Adjust pending/proposed version for ros-ros-comm via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-4020: Fix typo for note referring to affected binary package with demos
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lldpd version via bullseye-pu corrected (reuploaded fixed)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed keepalived update via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert "tracker_service: sort releases in CVE pages"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2833-1 for rsync
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add modsecurity-apache to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2834-1 for uriparser
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2835-1 for rsyslog
Adrian Bunk ( at bunk)
Last message date:
Tue Nov 30 23:32:57 GMT 2021
Archived on: Tue Nov 30 23:33:00 GMT 2021
This archive was generated by
Pipermail 0.09 (Mailman edition).