June 2022 Archives by thread
Starting: Wed Jun 1 00:26:47 BST 2022
Ending: Thu Jun 30 22:04:38 BST 2022
Messages: 704
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-5154-1 and wpewebkit DSA-5155-1
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1942/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2022-22
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed and assign to jmm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track thunderbird fixes for mfsa2022-22 issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for firefox-esr issues from mfsa2022-21
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29599/maven-shared-utils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32202/libjpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32201/libjpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process Cisco NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31015/waitress
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add todo for CVE-2022-31015
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32200/dwarfutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bullseye/buster triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42201-4/swftools removed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs & nextcloud-server itp
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] various spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] texlive-bin fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] buster/bullseye triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] firefox-esr DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] snowflake fixed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-1942 vim as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for nvidia-graphics-drivers-legacy-390xx via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1949/389-ds-base
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-23633/rails
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-44528/rails
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix for CVE-2021-22942/rails moved to unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add additional libxml2 reference to p0 bug tracker
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track embedded copies for libev and libuv1 in passenger
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30287/php-horde-turba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27777/rails
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31003/sofia-sip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31002/sofia-sip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31001/sofia-sip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30973/tika with TODO
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference collection of commits needed for ntfs-3g fixes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1972/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track some new gitlab CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1982/mattermost-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1968/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2022-30287/php-horde-turba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2022-1972/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1966/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-30287/php-horde-turba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim pypdf2 in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3038-1 for debian-security-support
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add two new golang issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit references for CVE-2022-30634
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit references for CVE-2022-30629/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two more golang issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-32250
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29788/libmobi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] one more golang issue is Windows-specific
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for cifs-utils update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3039-1 for pypdf2
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Claim glib2.0 in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] firefox fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two golang-github-nats-io-jwt issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3040-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3041-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3042-1 for clamav
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29718/caddy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26944/percona-xtrabackup
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-29599/maven-shared-utils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-31015/waitress
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1987/libmobi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 6 commits: mark ckeditor3 sa EOL in Stretch
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Take python-bottle
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2021-39705 (withdrawn by its CNA as not a security issue)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: nats-server entered Debian, move some NFUs to source package entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark three test/418 issues as ignored
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] nvidia-graphics-drivers-tesla-450 spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-30629/gotlang-1.17
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: add keepass2
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2022-31001, CVE-2022-31002 and CVE-2022-31003 as postponed for Stretch
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim librecad.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1975/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1974/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add todo item for CVE-2022-30287/php-horde-turba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-3502/avahi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: add maven-shared-utils
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Fix typo in first sentence
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32296/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] pidgin DLA
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] LTS: update programming language for request-tracker4
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: Add info about halibut
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: Update info about halibut
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tags for upcoming glib2.0/stretch update
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Claim avahi in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3045-1 for php-horde-mime-viewer
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for linux issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for busybox issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: Semi-automatic package unclaim after two weeks of inactivity
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] new containerd issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Added a note on replicating Roberto's findings on subversion
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2021-28544/subversion as <not-affected> for stretch
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] LTS: claim postgresql-9.6 in dla-needed.txt
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: reclaim icingaweb2
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32275/grafana
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-30287/php-horde-turba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove trailing whitespaces in NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track upstream commits for CVE-2022-30287/php-horde-turba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3046-1 for librecad
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] liblouis fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Correct librecad version from DLA 3046-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for liblouis issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-20148/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add todo for CVE-2022-20150
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-20153/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-20154/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-20166/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2022-20187
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-20157
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-20141/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2022-20136
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tags for avahi/Stretch.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-20132/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Pick up systemd
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] LTS: update notes for halibut package
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reference oss-security post for ntfs-3g issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new grub2 and shim issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2000/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for python-bottle in dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-30333/rar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3754
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1708/cri-o
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reassociate some older NFUs with cri-o ITP bug
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1970 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1998/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1973/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add ntfs-3g to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional references for CVE-2022-3078{3,5,7}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Clarify which commit fixes CVE-2022-30783 and which CVE-2022-3078{5,7}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for ntfs-3g issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2021-39795 (withdrawn by its CNA)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new apache2 issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new firejail issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31214/firejail
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-31214/firejail
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update references for apache2 advisories
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark libmetadata-extractor-java as unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] various bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] firejail fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-43331,CVE-2021-43332/mailman: vcs patch refs
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-24720/ruby-image-processing via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-44227/mailman: vcs patch refs
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Take mbedtls
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30875/dolibarr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: update notes on postgresql-9.6
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30552 and CVE-2022-30790 in u-boot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for apache2 issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32511/ruby-jmespath
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31031/pjproject
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3049-1 for mailman
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: claim vlc
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-30146: Update entry to NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26362/xen (XSA-401)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2636{3,4}/xen (XSA-402)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add Xen to dsa-needed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for apache2 via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-30767/u-boot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-30552/u-boot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-30790/u-boot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bottle DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30877 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-21499/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-3104{2,3}/guzzle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24876/glpi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2922{4,5,6,7,8}/envoyproxy, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-27227/pdns as no-dsa for stretch
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] LTS: claim pyjwt in dla-needed.txt
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Document work on pyjwt and unclaim
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] grub2 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new harmless PHP issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-28735/grub2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3050-1 for vlc
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: claim dpdk
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add upstream fixed information for two php bugs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32978/libjpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some CVEs for phplist, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ntfs-3g update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32981/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2042/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reassociate three older CVEs with ITP'ed entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-25748 (Kubernetes ingress-nginx component)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for four chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2021-21252/civicrm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-40589/zangband unfixed, non-free
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31033/ruby-mechanize
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add one additional firejail commit to adjust testcase expected output
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-25067/podman undetermined
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Fix CVE-2019-25067/libpod - refer to src pkg name
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Remove todo for CVE-2022-20150
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup note for CVE-2022-20187
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-40592/gpac 2.0.0+dfsg1-2
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Cleanup note for CVE-2022-20157
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup note for CVE-2022-20136
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark apache2 issues as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30780/lighttpd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29250/glpi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium, containerd DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new nuitka issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] update notes
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] golang-gopkg-yaml.v3 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new golang-github-emicklei-go-restful issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] runc spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new spring security issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-14374, CVE-2020-14375, CVE-2020-14376, CVE-2020-14377, CVE-2020-14378/dpd...
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-23712/elasticsearch
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2060/dolibarr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim modsecurity-crs
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-29162/runc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove tracking of CVE-2022-30294
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes for CVE-2022-28066
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Record upstream tag information for CVE-2022-26280
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup notes for CVE-2022-27427
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2022-25029
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop notes from several CVEs originally for libsolv
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2021-44103
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: reclaim qemu
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-25167
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] lts: take tzdata
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: take rustc
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-29217 marked pyjwt as not affected in stretch
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Signal in dla-needed that it was marked not-affected
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] new chafa non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32278/exo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for guzzle issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2078/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-2078/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: remove pyjwt, no issues remaining
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Claim golang-go.crypto
Dominik George ( at natureshadow)
- [Git][security-tracker-team/security-tracker][master] new undertow issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new intel-microcode issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs (concludes external check sans the pending duplicate)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla-needed: Claim pam-u2f
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] NFU
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3051-1 for tzdata
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: reclaim curl and update notes
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24436 and CVE-2022-23823
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-21180
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional references for INTEL-SA-00615 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1976/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2022-32981/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for intel-microcode mitigations/support
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-33036/hadoop
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2085/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2021-40592 as EOL for stretch
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add missing explanation for EOL of gpac in stretch
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim cyrus-imapd in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for guzzle issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: triage firejail
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: triage grub2
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: triage netatalk
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-23959/varnish via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-3254{5,6,7}/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one more NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31291/dlt-daemon
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Claim sleuthkit
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] Track fixes for linux issues via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Claim plinth.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2016-655{5,6}/opennms, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: drop dpdk (all 5 CVEs not-affected)
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-40633/giflib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for two redis issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32276
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track some ancient ffmpeg issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track some more ancient ffmpeg issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-32278/exo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] allocate DSA for exo
Yves-Alexis Perez ( at corsac)
- [Git][security-tracker-team/security-tracker][master] dla: claim ntfs-3g
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: update ckeditor status
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: add apache2
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: claim apache2 in dla-needed.txt
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] update apache2 CVE notes with commit references
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Claim vim in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Update date for exo DSA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add note for CVE-2022-33981
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-46823/python-ldap
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-46822/libjpeg-turbo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process several ancient ffmpeg issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some new vim issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tags of cyrus-imapd/stretch
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Update records for CVE-2022-33981
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-30780/lighttpd not affected
Helmut Grohne ( at helmutg)
- [Git][security-tracker-team/security-tracker][master] NFU (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Remove vim no-dsa tags and triage CVE for stretch
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] slurm, vlc DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add placeholder for latest VLC security fixes
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new jpeg-xl, node-got issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] notified MITRE of nftables duplicate for rejection
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] netcdf fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new golang-github-blevesearch-bleve non issue (but also asked to RM since it's...
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] xpdf n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-2054 in nuitka for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2021-40633 in giflib for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3053-1 for vim
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] new jodd, jupyter-notebook, jupyter-server, gitlab issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] sleuthkit DLA
Andreas Rönnquist ( at gusnan)
- Processing e3bd4b37f84b07fad8e69d2ae03b9b2a47802762 failed
security tracker role
- Processing baef09b221d088534cbf2a4300e5374fa3db2354 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Fix CVE-2019-1010065 for sleuthkit
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1966 rejected in favour of CVE-2022-32250
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new cookiecutter issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Stop tracking Intel firmware issues as unfixed, there's not enough information
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1966: use REJECTED annotation
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] new squid issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gerbv fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] freetype fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libjpeg fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openjpeg2 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Adjust not-affected reason for CVE-2022-30780
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove description for now rejected CVE-2022-1966
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for vlc issues addressed in DSA-5165-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: add note about halibut
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2022-33987
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-29241/jupyter-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2022-29631
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry for jodd in bullseye (not present in the suite)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Fix typo in NOTE for CVE-2022-32250
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-21831/rails via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-41490/ompl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-41458/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-40678/piwigo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-33903
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-33913/mahara
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32983 (to be checked)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-20148
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync some linux issues with kernel-sec triaging
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update CVE for node-mermaid update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track proposed update for gnutls28 via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2020-25073/plinth as not-affected in stretch.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3055-1 for ntfs-3g
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] gen-DSA: check for extra cve file only for first dist
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 7 commits: Triage CVE-2021-41458 in gpac for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] netatalk references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2068/openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Clarify upstream tag information for CVE-2022-2068
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: claim firejail
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-31214/firejail: reference upstream backports
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-1508/linux for bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2153/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed versions for chromium issues in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup additional whitespaces
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 7 commits: Triage CVE-2022-27811 in ocrfeeder for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker] Pushed new branch setup-repo-in-submodules
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] new dbus-broker issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][setup-repo-in-submodules] 2 commits: new dbus-broker issue
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Make setup-repo work with submodules
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker] Deleted branch setup-repo-in-submodules
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] libsdl spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3056-1 for exo
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] NFU, bugnum
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] apache2 ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-31015 in waitress for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-0171/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-1184/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-1652/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-29599,maven-shared-utils: fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] chromium,firejail DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Restore one not-affected entry status for older suite for CVE-2021-42218
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-31212/dbus-broker
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-29404 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-2068/openssl via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-34300/tinyexr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track some issues for libredwg, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: ompl dla seems unimportang, memory leaks only
Helmut Grohne ( at helmutg)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-34299/dwarfutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some new jenkins issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-33105/redis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-33070/protobuf-c
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-3012{2,3}/ruby-rack
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-33024/libredwg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-33068/harfbuzz
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: track missing CVE from DLA-3055-1
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2022-1586 & CVE-2022-1587 in pcre2 for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-33067/lrzip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-41945/httpx via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3057-1 for request-tracker4
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] lts: CVE-2021-46790/ntfs-3g incorporated to DLA-3055-1
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-31212/dbus-broker as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-34305/tomcat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2175/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-22967/salt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: reclaim libmatio, continue work
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Process two CVEs for vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim grub2 in dla-needed.txt
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Marked CVEs as ignored for stretch and jessie, where there is no SecureBoot support
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Unclaimed grub2
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] LTS: claim keepass2 in dla-needed.txt
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-38561/golang-golang-x-text
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Tried and failed to reproduce CVE-2022-0725 on keepass2
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-33068/harfbuzz
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-33910/mantis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32209/ruby-rails-html-sanitizer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32990/gimp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2022-32210/ruby-rails-html-sanitizer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-32990/gimp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2021-21299/rust-hyper via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2022-34299 in dwarfutils for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-162{2,3}/tiff fixed version in unstable
László Böszörményi ( at gcs)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2022-162{2,3} upstream commits
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] pluxml removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add openssl to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for dbus-broker via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] take openssl
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit references for CVE-2022-28737/shim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-32209/ruby-rails-html-sanitizer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31017/zulip-server, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-21391
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-22934 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Provide update note on golang-go.crypto
Dominik George ( at natureshadow)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3058-1 for libsndfile
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-22967/salt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] openssl DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: release openscad, unimportant
Helmut Grohne ( at helmutg)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2022-27092
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-34494/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-34495/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3059-1 for maven-shared-utils
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-29242/libengine-gost-openssl1.1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] libengine-gost-openssl got fixed in renamed source package
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Claim ublock-origin and isync in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-1976 as unfixed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2211/libguestfs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2206/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Removed grub2 after triaging left no open CVEs
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] new curl issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new web2py issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] squid, nodejs DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-32205/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-32206/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-32207/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-32208/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update todo for CVE-2022-2211
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove note from now rejected CVE-2013-2180
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unify one NFU naming
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3060-1 for blender
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] unclaim libvirt
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] LTS: update postgresql-9.6 notes in dla-needed.txt
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for four curl issues fixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-33879/tika
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim sox in dla-needed.txt
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Marked minor issues as no-dsa
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2022-34491
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new vim issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Opened issue upstream
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Add firefox issues from mfsa2022-24
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2022-25
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-31052 is for synapse
Andrej Shadura ( at andrewsh)
- [Git][security-tracker-team/security-tracker][master] Correct brackets for temporary description for CVE-2022-31052
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track Processor MMIO Stale Data vulnerabilities as well for src:linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-40942/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some new glpi issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31081/libhttp-daemon-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-31081 as no-dsa for bullseye and buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-3108{4,5,6,7,8}/ldap-account-manager
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-3109{0,1}/guzzle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-31081: Reference prerequisite commit and testcase
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for mfsa2022-25 (firefox-esr) via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for mfsa2022-24 (firefox) via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-2220 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2022-26
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-32532/shiro
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove todo item from already rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2231/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] nvidia spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for libguestfs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: claim systemd
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] also track guestfs-tools for CVE-2022-2211
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mermaid issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-33987/node-got
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct tracking for CVE-2022-21{19,20,21}/dcmtk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-416{87,88,89,90}/dcmtk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] node-got spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Fix small typo in note for CVE-2022-32983
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track some older gpac issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3779/ruby-mysql
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-40553/piwigo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3061-1 for firejail
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3062-1 for ublock-origin
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31213/dbus-broker
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-34835/u-boot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] ruby-mysql not in buster
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3063-1 for systemd
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3064-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-23109/libheif
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add debian bug reference for CVE-2020-23884/nomacs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libelfin issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3065-1 for linux
Ben Hutchings ( at benh)
- [Git][security-tracker-team/security-tracker][master] Track proposed linux update via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Second part of CVE-2021-3772 landed in linux/4.19.235-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2022-31289 (withdrawn by the CNA as it was no security issue)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2022-28396 (withdrawn by its CNA, no security issue)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-205{6,7,8}/tiff
Salvatore Bonaccorso ( at carnil)
Last message date:
Thu Jun 30 22:04:38 BST 2022
Archived on: Thu Jun 30 22:04:43 BST 2022
This archive was generated by
Pipermail 0.09 (Mailman edition).