July 2022 Archives by thread
Starting: Fri Jul 1 08:21:57 BST 2022
Ending: Sun Jul 31 22:09:17 BST 2022
Messages: 645
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-2238 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2014-0156 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-32981 as umimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for gnupg2 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add reference to upstream commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bullseye/buster triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new cloud-init issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ruby-rack fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] buster/bullseye triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] rust-hyper fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] rust-xcb fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bugnum
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3066-1 for isync
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track pending logrotate update via upcoming point release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add gnupg2 to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3067-1 for stretch-lts
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: config.json: Drop stretch as supported release
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2022-31213
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take gnupg2 for DSA release prepared by maintainer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2282/salt, but possibly a duplicate of CVE-2022-22967
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2279/libmobi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2274/openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2264/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] nuitka fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add missing patches for CVE-2021-3507
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] patch references for CVE-2020-35505
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] upstream patch for CVE-2021-3582
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-34903/gnupg2 assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] upstream patch for CVE-2021-3607
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-32981
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: lts: remove some packages from dla-needed
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Track update for node-mermaid via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary description for CVE-2022-2084
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new vim issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-2084/cloud-init
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-33103/u-boot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-228{6,7}/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2019-15794 with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-23038/linux as released in buster with 4.19.235-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2021-39802 as not-affected for all versions
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-2084/cloud-init via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for gnupg2 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2022-2282 (confirmed dupliate and rejected)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new vim issues: CVE-2022-228{8,9}/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of MariaDB related issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for isync via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for various ldap-account-manager issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new mediawiki issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mediawiki fixed, add additional references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] additional reference for gnupg2 issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker] Pushed new branch CVE-2019-25067
Reinhard Tartler ( at siretart)
- [Git][security-tracker-team/security-tracker][master] gitlab n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-34265/python-django
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][CVE-2019-25067] further updates
Reinhard Tartler ( at siretart)
- [Git][security-tracker-team/security-tracker][CVE-2019-25067] mention first fixed version in unstable
Reinhard Tartler ( at siretart)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41682/3 iotjs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker] Deleted branch CVE-2019-25067
Reinhard Tartler ( at siretart)
- [Git][security-tracker-team/security-tracker][master] 2 commits: info about CVE-2019-25067
Reinhard Tartler ( at siretart)
- [Git][security-tracker-team/security-tracker][master] blender, thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2301/chafa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-0085/php-dompdf not affected, introduced later.
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-34918/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-25896/passportjs unfixed bug 1014385
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process 2 NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-30045/ezxml - ezxml_decode in mapcache, navit & scilab unfixed, bugs filed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 2 commits: buster/bullseye triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new openssl issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] remove navit, ezxml not used
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new xen/linux issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] passportjs fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mujs fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] django fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ldap-account-manager DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] update dsa-needed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new linux issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2022-2318/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to reported bug for xen issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Specify upstream tag for CVE-2022-0085
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Specify upstream versions fixing CVE-2022-2097/openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2309/lxml
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2304/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31117/ujson
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31116/ujson
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-222-31014/nextcloud-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-2228{3,4}/lwip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2022-0006
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for intel-microcode update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30550/dovecot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] various bugs filed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] update refs for new libsixel fork
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openssl postponed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] hdf5 non issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] radare2 bug
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] additional radare2 refs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-38115/libgd2 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream ag reference for CVE-2021-38115/libgd2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2022-20227
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] older rustc issue fixed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] rust-tokio fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] old Android NFU, there's no real evidence that this is a bug in LLVM itself, but rather
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ujson fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] two libgd2 issues fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-33099/lua5.4
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-34265/python-django
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] php8.1 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one qemu issue fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] qemu bugs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] pcs fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2021-38425
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct version of libapache2-mod-auth-openidc to be included in bullseye 11.4
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove CVE-2022-24851/ldap-account-manager as it was already included in DSA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Shuffle list after review for inclusion candidates in bullseye 11.4
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lwip, node-log4js spus
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] php7.4 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] tiff fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2347/u-boot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2022-32060/snipe-it
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-35410/mat2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2343/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] Process some NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Merge changes accepted for bullseye 11.4 point release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-35406/burpsuite, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate some older NFUs with burpsuite's ITP/RFP bug
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-21708/php8.1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-43113/libitext5-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2022-2353 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-2211,libguestfs: Link to upstream patches
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] kotlin n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ksmtp fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] node-node-sass fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] zip4j fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-29970/ruby-sinatra
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2022-1706
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Expand one note for CVE-2022-2211
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] horizon n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32210/node-undici
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] three ansible issues fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] source-wise CVE-2021-38373 only affects ksmtp
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] numpy non-issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] exiv2 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2015-20107: add reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update notes for libpgjava in dsa-needed.txt.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Note uid in dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium issues fixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-43113/libitext5-java fixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2022-33070/protobuf-c
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-33070/protobuf-c fixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32213/nodejs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32214/nodejs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32215/nodejs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32212/nodejs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32223/nodejs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32222 and mark it undetermined with a TODO
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] libsdl2 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] nodejs updates
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] two xen issues only for src:linux
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] chromium DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libbpf fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gdal fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] slic3r non issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] two mxml non issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-29217/pyjwt via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-35414/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] two Intel NFUs, there's no actionable information indicating this affects any...
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gnome-shell n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] python-reportlab fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] glances fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add mat2 to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] qtbase-opensource-src-gles, qt6-base fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2366/mattermost-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove noes from CVE-2021-46815 (REJECTED, duplicate of CVE-2021-46789)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] libmatio, nouveau non issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 8 commits: Wrote a script to bulk add EOL entries for LTS buster.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Added curl to dla-needed since it is in DSA needed and at least one...
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] lts: reclaim rust toolchain
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2022-25255
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert "Bulk added EOL for 12 CVEs for nodejs in buster LTS."
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 5 commits: Revert "Bulk added EOL for 2 CVEs for node-url-parse in buster LTS."
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2380/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert "Concluded that CVE-2022-24793 is not vulnerable in buster since the...
Moritz Muehlenhoff ( at jmm)
- High Efficiency UPS Power Supply Supplier and Manufacturer <12/07/2022 15:25 CST>
ronny prostar ups inverter solar system manufacturer
- [Git][security-tracker-team/security-tracker][master] three laraval issues n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libgrokj2k fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Revert "Added curl to dla-needed since it is in DSA needed and at least one...
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] golang-github-containers-buildah, golang-golang-x-text, aom fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ruby-apollo-upload-server fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new xorg-server issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gitlab issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add additional information for xorg-server issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] additional xen reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2990{0,1}/linux (retbleed)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add apache2 to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add two more CVEs related to from retblead findings
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate for now CVE-2022-23825 as well with linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-23816/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for AMD advisory for CVE-2022-23825 and CVE-2022-29900
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2021-37839 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add xen from XSA-407
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31781 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: Dispatch FD-weeks for Q4/2022
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Initial tracking for golang1.18 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for openexr issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-37298
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29187/git
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31129/node-moment
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2393/dogtag-pki
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-31129/node-moment
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add entry for CVE-2011-4916/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-29187/git
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] wavpack fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one ansible issue fixed in sid, but in different source package
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one more ansible issue fixed in ansible-core
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Fix indentation
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] resteasy updates
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] k8s updates
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mbedtls issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-35409: Add upstream commits and temporary reference to advisory
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2580{2,3}/rt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add request-tracker4 to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for request-tracker4 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-31129/node-moment via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Clarify duplicate state for CVE-2022-23816 and VE-2022-29900
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for xorg-server issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed node-moment update via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] one asterisk issue fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] more asterisk issues fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] slurm-llnl ignored, too intrusive
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Updated lts-cve-triage.py script so that it checks for unsupported packages...
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-33099/lua5.4
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Marked CVE-2022-23816, CVE-2022-23825 and CVE-2022-29900 as end-of-life for buster.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process three new mattermost-server issues, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32297/piwigo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2022-32308/ublock-origin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for some golang issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-5182-1 and wpewebkit DSA-5183-1
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] new dogtag issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one mruby issue n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one resteasy issue n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Adjust notes for CVE-2022-31627 bug
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstrea mcommit references for CVE-2022-0918
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] jpegoptim non-issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libde265 references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] zabbix n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] xen, mat2 DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for gsasl issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32073/wolfssh, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32096/rhonabwy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for rhonabwy via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32323/autotrace
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-352{29,30}/zabbix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for two zabbix issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-32148/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two CVEs for grafana
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-1705/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-1962/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-30630/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-30631/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-30632/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-30633/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-30635/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] commons-configuration2 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] undertow n/a (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ckeditor fixed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one iotjs unfixed, one a non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reference workflow during buster transition
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] ceph fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lxml fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] guzzle fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lua5.4 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-2047,CVE-2022-2048,jetty9: fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] DLA-3062-1/ublock-origin: reference additional CVE
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] rtl-433 fixed in experimental
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new redis issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mod-wsgi, moodle issues (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Apache NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] DSA-5126-1/ffmpeg: reference fixed CVEs
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] new linux issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] httpie fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] rt4 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] filezilla n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-2255/mod-wsgi: reference introductory commit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] gsasl CVEfied and claim in dsa-needed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new Java issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new virtualbox issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mysql issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gpac issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] cvelist.el: Retain source package name from former action when adding a new CVE entry
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-27470 only affects bullseye
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openjdk-11 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-27470 also n/a for bullseye
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new wavpack issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] two htmldoc non issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openjdk-17, RT5 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] fix djangorestframework reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] two linux issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] shim fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] vbox fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" djangorestframework issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] djangorestframework DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new sqlite issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Xalan references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new libtirpc issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-31625,CVE-2022-31626/php: reference patches
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] new dompdf issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new u-boot issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] jetty9 n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-46828/libtirpc: reference introductory commit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] openjdk-11 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gstreamer issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-19603/sqlite3: document affected versions
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: update apache2 notes
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] djangorestframework CVEfied
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new radare2 issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new toybox issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] nodejs, openjdk-8 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] flask-appbuilder now in the archive
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new ruby-tzinfo issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add entries for golang 1.11/1.15, can be checked on suite-specific triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] iotjs n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new node-undici issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gradle n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new jqueryui issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] linux fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2020-36477/mbedtls as not-affected for buster and bullseye
Samuel Henrique ( at samueloph)
- [Git][security-tracker-team/security-tracker][master] gsasl DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mplayer non-issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: new liblivemedia issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new node-terser issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openrc, openssl fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" otrs/znuny issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Fix old remaining OTRS entries as NOTEs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] rtl-433, node-terser, xorg-server fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gdk-pixbuf issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new vim issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new libreoffice issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new ceph issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] xalan bugnum
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new spip issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] spip DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 5 commits: add fixed versions for CVE-2022-26305/CVE-2022-26306/CVE-2022-26307
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] mark temp spip issues as fixed by DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new xen issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Link to GitHub advisory search for CVEs
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] dcmtk no-dsa
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] linux, openjdk-17 DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mistune issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new python-untangle issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add CVEs to openjdk-17 DSA entry
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" node-thenify issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mistune bugnum
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] yam non issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] apache reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gitlab-runner issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new samba issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new firefox issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: libreoffice spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ignition, ceph fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lrzip, nasm non issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new net-snmp issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rails issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gpac issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] jqueryui, phpmailer fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one additional CVE assignment for past Chromium release
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: reminder not to conflict with opu
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] new booth issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] fix typo in booth CVE assignment
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new squirrel3 issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] additional CVE assigned for old Chrome release
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one more firefox issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] booth DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] squirrel3 bug
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gif2apng, shim spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new SDL1.2 issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] jhead non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new yasm issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs, there's no indication that the AMD issues require Linux or microcode
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new thunderbird issues (fixed in sid)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] php-illuminate-database removed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker] Pushed new branch fix_987283
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] one thunderbird issue n/a for buster/bullseye
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] asterisk fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][fix_987283] Implement frontend and checkbox
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Revert "Link to GitHub advisory search for CVEs"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-21505/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2021-33655
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-33656 as fixed in linux/5.10.127-1 for bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-36557/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-36558
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-2327/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2022-36946
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-31081/libhttp-daemon-perl via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2021-3601
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream references for CVE-2021-3979
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-44647/lua5.4 as no-dsa for bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust source package name for dsa-needed package
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in Debian revision for fixing version of CVE-2022-27419/rtl-433
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add temporary description for CVE-2022-2255
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-38562/request-tracker5 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5196-1
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2022-35861 with itp'ed bug
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-13692 only relevant for buster so workaround DSA tracking
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Record upstream tag for CVE-2022-2476
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-2476/wavpack
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2022-3403{3,5}/htmldoc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop additional version tracking in buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update severity for CVE-2022-35737
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] booth fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gnutls issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for upstream commit for CVE-2021-46828
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for CVE-2022-34502
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2022-32298/toybox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert "Revert "Link to GitHub advisory search for CVEs""
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove one reference to only tag page as information recorded in following note
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark 9.0.0 upstream version for qpdf as fixed for CVE-2022-34503
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Isolate upstream commits for CVE-2022-31163/ruby-tzinfo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2022-31160
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Ignore DoS issue for liblivemedia in buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag references for CVE-2022-25858
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tag reference for upstream commit for CVE-2018-21269
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for CVE-2021-46829
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2022-2522
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2022-0670/ceph
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2022-33745 to mention dependency of issue to XSA-401
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust separator in dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-34749/mistune
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2020-7677
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark three samba issues as no-dsa for buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for net-snmp issues in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2022-32224
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for CVE-2021-41556 upstream commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in bug number reference for CVE-2022-34568
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in Debian bug number reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add packages which vanished from every supported suite now
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add libxslt issue once discovered through Chromium
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one more libxslt issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Pinpoint upstream tag for CVE-2019-5815
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-36123/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-36123/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dovecot fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-34526/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-3709/libxml2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][fix_987283] Fix wording in data/packages/ignored-debian-bug-packages
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add temporary description for samba issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for samba issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take libtirpc from dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove one additonal space in NOTE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] remove TODO, looks all fine
Moritz Muehlenhoff ( at jmm)
Last message date:
Sun Jul 31 22:09:17 BST 2022
Archived on: Sun Jul 31 22:09:22 BST 2022
This archive was generated by
Pipermail 0.09 (Mailman edition).