April 2022 Archives by thread
Starting: Fri Apr 1 00:19:58 BST 2022
Ending: Sat Apr 30 23:24:00 BST 2022
Messages: 773
- [Git][security-tracker-team/security-tracker][master] Add spring to dsa-needed.txt
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark php-guzzlehttp-psr7 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24763/pjproject
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-22965/libspring-java: stretch end-of-life
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-23613/xrdp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for zlib update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2021-4043/gpac as <not-affected> for stretch and buster
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2020-35980/gpac as <not-affected> for stretch and buster
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1154/vim: stretch postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for fribidi issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-25032: Reference followup post triggering with Z_DEFAULT_STRATEGY
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-XXXX/weechat: add reference commit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2022-05{29,30}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Four mediawiki issues fixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27649/libpod
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27650/crun
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27651/golang-github-containers-buildah
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new kopano issue
Moritz Muehlenhoff ( at jmm)
- No subject
blasoc at petalmail.com
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2021-32136/gpac as <not-affected> for stretch and buster
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2021-32138/gpac as <not-affected> for stretch and buster
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-32138: Wrap long note line
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update tag information for weechat issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1207/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-23773/golang: stretch not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24763/pjproject: stretch postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add kvmtool
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-28202,CVE-2022-28203/mediawiki: stretch postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: duplicate golang packages
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add openvpn
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add pdns
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1049/pcs: stretch not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add puppet-module-puppetlabs-firewall
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1199/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1205/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1198/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1204/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add debian-security-support
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: lts-cve-triage.py: handle /stable /oldstable notations in dsa-needed.txt
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add ckeditor
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-28352/weechat assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3714/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-420{6,7}/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0216/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0934/dnsmasq
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1195/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2022-27652 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: take openjpeg2
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-35652 CVE-2019-15297 CVE-2020-35776 intrusive to backport for stretch
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] asterisk in stretch not embed pjproject
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2969-1 for asterisk
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Fix commit 4a2ad41
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Revert "Fix commit 4a2ad41"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2022-22963 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28356/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] golang-github-russellhaering-goxmldsig spu/opsu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] chromium DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1210/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28368/php-dompdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1201/mruby
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: update note for ring, claim mitmproxy
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] buster/bullseye triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-33061/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove one REJECTED entry, was found to be no security issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2021-46439 (found not to be a security issue)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new linux CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add notes for packages
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2970-1 for qemu
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] pjproject not embedded in stretch suite's asterisk
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for vim via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26530/swaylock
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debaian bug reference for sallt issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-24766/mitmproxy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-26280/libarchive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-25636/libreoffice: revisit stretch triage
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-122{3,4,5}/phpipam, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1222/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Jeremiah C. Foster ( at jeremiah)
- [Git][security-tracker-team/security-tracker][master] LTS: status update, reclaim abcm2ps, libxml2 (git push failed before....)
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-0707/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-39801/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-39802/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-39800/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1232/chromium
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] new xen issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] samba fixed in experimental
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track new firefox issues from mfsa2022-13
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2022-14
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed list and assign to jmm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-36254/dropbear as unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] two Linux issues Android-specific
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2021-32137/gpac as <not-affected> for stretch and buster
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Update CVE-2021-3998 for stable and older
Aurelien Jarno ( at aurel32)
- [Git][security-tracker-team/security-tracker][master] Reference upstream fix for CVE-2021-45958/ujson
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-33657/{libsdl1.2,libsdl2}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for fribidi issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1114/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1115/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1227/golang-github-containers-psgo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0084/jboss-xnio
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-43008/adminer 4.6.3-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] firefox fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-43455/freelan <not-affected> (Windows only) & other Windows NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1106/mruby vulnerable code introduced later
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24191/htmldoc 1.9.15-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24801/twisted unfixed bug 1009030
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24803/ruby-asciidoctor-include-ext unfixed bug 1009035
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1212/mruby unfixed 1009044
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] mbedtls fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] firefox-esr DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-12953/dropbear
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1106: Adjust upstream tag information
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add one reference for CVE-2022-1212
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2022-15
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-23608/asterisk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two more asterisk issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-28356: Add oss-security reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-43518/teeworlds
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-0135/virglrenderer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-0135/virglrenderer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tag information for CVE-2022-0897/libvirt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove ignored tag from CVE-2017-16932 for stretch
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-0897/libvirt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note on discrepancy on CVE id assigned for two issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1249/pesign
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2971-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2017-8844/lrzip: reference patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1263/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lrzip: reference CVE-2017-884X unimportant issues fixed by DLA single patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove todo item for CVE-2021-4206
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove todo entry for CVE-2021-4207, CVE situation clarified
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26612/hadoop
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct tracking for CVE-2022-1263/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove ignored tag from CVE-2016-9318 for stretch
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2022-24724
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for chromium
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-0204/bluez via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fixes for samba previously in experimental landed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24785/node-moment
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1271/{xz-utils,gzip}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track upstream commits for gzip issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for CVE-2022-1271
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2972-1 for libxml2
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2022-0004
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-5115-1 and wpewebkit DSA-5116-1
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1158/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28796/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-45958/ujson
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track some new radare2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1253/libde265
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Re-associate some OrangeHRM CVEs with the itp/rfp bug
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process three more orangehrm CVEs with itp'ed bug
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Remove note form CVE-2022-26502 (withdrawn by the assigning CNA, not a security issue)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28805/lua5.4
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26635/php-memcached
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24795/ruby-yajl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-25467/lrzip: check fixing commit and upload
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-27345,CVE-2021-27347/lrzip: reference fixing commit and upload
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-9058/lrzip: fixed in stretch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: update CVE-2021-32134/gpac notes
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2017-9928/lrzip: reference fixing commit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2021-32439/gpac as <not-affected> for stretch and buster
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2021-33362/gpac as <not-affected> for stretch and buster
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] lrzip: document CVE-2021-27345/CVE-2021-27347/CVE-2022-26291 relationship
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add commit fix for CVE-2021-29338
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Update reference for CVE-2021-29338 to directly reference the merged commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2973-1 for minidlna
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 4 commits: add adminer
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-1271/gzip via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Commit-Fix for CVE-2020-27842
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Take xz-utils
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] LTS: take gzip
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2022-0934 as no-dsa for Stretch
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2022-1114 as not-affected for Stretch
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] LTS: move gzip to Utkarsh
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2975-1 for openjpeg2
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2976-1 for gzip
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2977-1 for xz-utils
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference upstream tag information for CVE-2020-27842
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for one upstream commit for CVE-2022-1271
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] various spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] thunderbird/xen DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-1271/xz-utils via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] rust-http fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mruby updates
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 5 commits: mark CVE-2022-1253 as no-dsa for Stretch
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Claim zabbix in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 4 commits: mark CVE-2022-26635 as no-dsa
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2022-1211 with furnace, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-22950/libspring-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28893/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2834{6,7}/python-django
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2022-2834{6,7}/python-django
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2978-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2979-1 for usbguard
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2022-26635/php-memcached
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-129{6,7}/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-5786
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-24785/node-moment
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-24785/node-moment as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2022-24785/node-moment
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1304/e2fsprogs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-5786/lrzip: stretch unfixed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2980-1 for zabbix
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24918,zabbix: Stretch is not-affected
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference fixing commit for CVE-2018-5786
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] redmine fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one more redmine issue fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: add lrzip
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28544 and CVE-2022-24070 for subversion
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2018-5786/lrzip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2022-24302/paramiko
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove note from CVE-2021-44907, withdrawn by the CNA (no security issue)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] one more node-url-parse spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for subversion update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2021-3624/dcraw
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-23967/tightvnc as resolved with same patch as for CVE-2019-15679
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track chromium fixes via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Two python-django issues fixed via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for three trousers issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24765/git
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup trailing whitespaces
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference ZDI advisory for CVE-2022-1271
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2022-24765
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-23974 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-31805/libstruts1.2-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1280/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24836/ruby-nokogiri
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24812/grafana
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process 2 NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-32156/32162 webmin, removed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-32040/mongodb removed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-39796/android-platform-frameworks-base unfixed #1009626
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process Android & Pixel NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process HarmonyOS NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-40656/libsixel 1.10.3-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41715/libsixel 1.10.3-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41751,2/iotjs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-43138/node-async not-affected
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-43177/ruby-devise-two-factor needs a check
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29156/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2981-1 for lrzip
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-43453/iotjs unfixed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-43503/php-laravel-framework undetermined
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add two additional references for CVE-2021-32040
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Directly reference two upstream commits
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41751: Reference merged upstream commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-43177
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2021-43453
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim gpac
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Add two CVEs for mattermost-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-0436/grunt unfixed #1009676)
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2022-28346 & CVE-2022-28347.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41119/haskell-aeson unfixed haskell-aeson
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add and assign python-django to Chris
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] new golang issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] cacti fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] grunt fixed in experimental
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1350/ghostscript undetermined - bug access denied
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-28347 in python-django for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-27145,6,7,8/gpac 2.0.0+dfsg1-2
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1311/xerces-c: reference stretch mitigation
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: lts-cve-triage: support debian-security-support patterns
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add note for adminer.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2982-1 for python-django
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] libpod fixed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2015-20107/python
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-1350/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1328/mutt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove empty newline
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1364/chromium
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2022-1364/chromium
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-20269/kexec-tools
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track some new mariadb issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-1350
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track neomutt for CVE-2022-1328
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync status of some linux CVEs with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-1328/mutt via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for salt issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24851/ldap-account-manager
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27258/hubzilla
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28044/lrzip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add more CVEified MariaDB issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27419/rtl-433
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2741{6,8}/tcpreplay
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2983-1 for abcm2ps
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add two radare2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-24851/ldap-account-manager as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream issue for CVE-2022-27419
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-24836/ruby-nokogiri
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-27419/rtl-433
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1381/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1353/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] reclaim icingaweb2
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Record one CVE proposed to be fixed via bullseye-pu for samba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for linux upload via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: triage mruby
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: triage vim
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] new spring/nekohtml issues (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for gzip update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for xz-utils update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1184/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim subversion.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29458/ncurses
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream issue for CVE-2020-36120
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26144/mantis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26498/asterisk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26499/asterisk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new snort issue, one from the BTS and on further digging several further were...
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 5 commits: Add CVE-2022-26651/asterisk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2984-1 for condor
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add reference to news entry for ncurses issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-29458/ncurses
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-24859/pypdf2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: triage mutt and assign it to Utkarsh
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker] Pushed new branch FD-role_2022Q3
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-27650/crun
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-27651/golang-github-containers-buildah
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-13949/thrift via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fill in seveal other cgal CVEs from TALOS-2020-1225
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1245
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3643/sox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track one additional snort CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2011-1762/wordpress 3.2.1+dfsg-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process some AWS NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process some Cisco NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] new bwm-ng non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new libinput issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42778-82/opensc 0.22.0-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Drop one reference to only released file listings
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-1341/bwm-ng via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Drop notes for a NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new java issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new virtualbox issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mysql issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29153/consul
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-24757/jupyter-server via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2021-42186 as withdrawn by its CNA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add one mysql-8.0 issue which is listed in Oracle's CPU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-36123/libsixel
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-25648/ruby-git
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-25648/ruby-git
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28739/ruby
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28738/ruby
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2019-9836 with amd64-microcode
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-1381/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-20014/libpam-tacplus
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: triage asterisk
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: triage cgal
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] 3 commits: node-*: clarify stretch triage
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-14983/chocolate-doom: precise stretch triage
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29537/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some MISP specific issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29536/epiphany-browser
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for ruby issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-29536/epiphany-browser
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24828/composer unfixed #1009960
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] virtualbox fixed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2016-20014/libpam-tacplus
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bullseye/buster triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] various qemu issues fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts-cve-triage: triage_possible_missed_fixes: skip packages already in dla-needed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: claim golang
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Update note for adminer.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] git no-dsa
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Annotate some qemu upstream fixes with tag information upstream
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1419/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1420/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-135{4,5}/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-23711/kibana
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three libstb issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream announce for CVE-2022-1215
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for ruby3.0 issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-29536/epiphany-browser
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track three new hoteldruid CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-1227/golang-github-containers-psgo via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for openjdk-8 issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29582/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-25745, CVE-2021-25746
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] 2 commits: FD-dispatch 2022Q3
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker] Deleted branch FD-role_2022Q3
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-24070 in subversion for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] LTS: triage openjdk-8 and assign to pochu
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: triage epiphany-browser
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Return subversion to the pool with comment.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-25745 and CVE-2021-25746 as NFU (Kubernetes ingress-nginx component)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] openjdk-8 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: take twisted
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-21716 is fixed in unstable
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-24801/twisted
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update entry for CVE-2020-8859 and associate with src:elog
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2020-8859/elog
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1437/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-1328 as no-dsa for buster and bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed mutt update via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for mutt via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29583/golang-github-kardianos-service
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1427/mruby
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new freetype issues, CVE-2022-2740{4,5,6}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1444/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-28368/php-dompdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-24828/composer via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] update notes
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Track upstream fix for CVE-2021-3611/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for qemu via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-145{1,2}/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-25059/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] correct fixed version for openjdk-8
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29264/coreboot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-0897/libvirt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process Xiaomi NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-28366/7 libowasp-antisamy-java <unfixed> - likely new upstream location
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Update libowasp-antisamy-java with bug number
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-24828 in composer for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-24839 in nekohtml for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2022-29458 in ncurses for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2016-20014 in libpam-tacplus for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage ghostscript for stretch LTS (CVE-2019-25059)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2022-22950 in libspring-java for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-24785 in node-moment for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Annotate some end-of-life tags
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Re-associate CVE-2016-10006 with libowasp-antisamy-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reassociate CVE-2017-14735 with libowasp-antisamy-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Re-associate CVE-2021-35043 with libowasp-antisamy-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-29577 and CVE-2022-28367
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream tag information for upstream commits for antisamy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] ffmpeg DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-27416/tcpreplay
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2022-27418/tcpreplay
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-22757/firefox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Record upstream commit for CVE-2022-1355/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1354: Prefix note to upstream commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-23853/ktexteditor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-2740{4,5,6}/freetype
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Drop notes from CVE-2022-29268 (withdrawn from its CNA, not a security issue)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unify naming of one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28506/giflib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24792/pjproject
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1441/gpac unfixed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] tiff fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24754 asterisk & ring both enable the vulnerable hashed digest code
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24763 affects asterisk and ring
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24764 asterisk and ring both use the vulnerable symbol
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29806/zoneminder
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24786/asterisk unfixed, ring not affected
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24793 and CVE-2022-24792 for asterisk, CVE-2022-24793 for ring
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-27135/xpdf not-affected, xpdfreader
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add notes for nomad CVEs CVE-2022-24684 CVE-2022-24685 CVE-2021-43415
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24786,CVE-2022-24792/ring update notes
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-1280/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-1263/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-0812/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-45931/harfbuzz not-affected vulnerable code introduced later
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-0436 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync up version to be used for bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 8 commits: Triage CVE-2015-20107 in python2.7 for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] zoneminder unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] freetype, ldns fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage unassigned snort CVE for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Correct triage for CVE-2022-24765/git. Thanks, Salvatore.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24706
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-23942 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-27774, CVE-2022-27775, CVE-2022-27776
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-2777{4,5,6}/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2021-3523 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs in convert2rhel
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2022-1466 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2022-1475/ffmpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2488{2,3}/freerdp2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add freerdp source package for CVE-2022-2488{2,3}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some CVEs for zammad, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug referneces for curl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: lts: take openvpn
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27239/cifs-utils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-29458/ncurses
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update ansible status in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] various bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new htmldoc non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2022-28391 in busybox for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage ruby-devise-two-factor for stretch LTS (CVE-2021-43177)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-28739 in ruby2.3 for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] LTS: update gpac notes in dla-needed.txt
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29{799,800}/networkd-dispatcher
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-39214, CVE-2021-39214 as ignored for stretch. Lot
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2022-1507/chafa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-22576/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1508/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add debian bug reference for CVE-2022-22576/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add second CVE for cifs-utils issue assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new redis issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2985-1 for golang-1.7
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2986-1 for golang-1.8
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for networkd-dispatcher issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-28506 in giflib for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2021-42778, CVE-2021-42779, CVE-2021-42780, CVE-2021-42781 &...
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-1475 in ffmpeg for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] LTS: claim subversion in dla-needed.txt
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] LTS: Comment on epiphany-browser in dla-needed
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] LTS - add my name to comment
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for curl issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-2488{2,3}/freerdp2 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some issues for mahara
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-16156
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-23210/sox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2021-3643/sox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-3941 and CVE-2021-3933
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-4091/389-ds-base
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-45942/openexr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-0996/389-ds-base
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update reference for CVE-2022-27239 to upstream repository directly instread...
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-098{4,5}/moodle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1515/libmatio
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1516/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41945/httpx unfixed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41945/httpx add bug ref #1010336
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process NextCloud NFUs and nextcloud-server ITPs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24891/libowasp-esapi-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24891 CVE-2022-23457 libowasp-esapi-java
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] intellij-idea and pycharm ITPs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Mediawiki extensions and skin NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process 2 mendersoftware NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-29810/golang-github-hashicorp-go-getter not-affected
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] LTS: claim unzip in dla-needed.txt
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-21897/cloudcompare horizon-eda librecad
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-0530
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Annotated with possible patches now being present, and unclaimed unzip
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-29078/node-ejs unfixed 1010359
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] node-ejs fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] grunt spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] freetype spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libowasp-esapi-java,CVE-2022-23457,CVE-2022-24891 fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] LTS: Remove epiphany-browser, dla not needed
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-28805 specific to Lua 5.4
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-29078 in node-ejs for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-0436 in grunt for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2021-30005 with pycharm, itp'ed, #742394
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update CVE-2017-1000228/node-ejs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2017-100018{8,9}/node-ejs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2020-28463
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2017-1000188, CVE-2017-1000189 & CVE-2017-1000228 in node-ejs for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add temporary description for two sox issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add smarty4 for CVE-2021-29454 and CVE-2021-21408
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for smarty4 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-153{3,4}/libmobi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-28216/edk2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional commit for CVE-2021-4213/jss
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream commit for CVE-2022-0934/dnsmasq
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-23181
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2022-29265 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2021-3670/samba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-3670/{samba,ldb}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2022-29078/node-ejs as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29967/glewlwyd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-24859/pypdf2 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-28805/lua5.4 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update entry for CVE-2021-4070
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-29536/epiphany - stretch not affacted
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] 2 commits: jackson-databind,CVE-2020-36518 fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] LTS: claim liblouis in dla-needed.txt
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] Fixed introduction to clarify that one picks packages, not issues
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2021-3670 in ldb for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] LTS: picked up subversion coordinating with Roberto C. Sánchez
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2987-1 for libarchive
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 3 commits: LTS: triage ark
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2988-1 for tinyxml
Thorsten Alteholz ( at alteholz)
Last message date:
Sat Apr 30 23:24:00 BST 2022
Archived on: Sat Apr 30 23:24:05 BST 2022
This archive was generated by
Pipermail 0.09 (Mailman edition).