March 2022 Archives by thread
Starting: Tue Mar 1 07:55:57 GMT 2022
Ending: Thu Mar 31 23:21:16 BST 2022
Messages: 849
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2021-4023/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2471{1,2}/codeigniter
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process various new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2930-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-25255/qtbase-opensource-src n/a on stretch
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reference fixing commit for CVE-2021-25636/libreoffice
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] LTS: move vim to Markus
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26181/lepton
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via experimental for gitlab issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Jeremiah C. Foster ( at jeremiah)
- [Git][security-tracker-team/security-tracker][master] Add note in dla-needed.txt
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2022-25020/pluxml
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-21708
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0812/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] reclaim tiff
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2505{0,1}/rtl-433
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] tiff spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Sync fixed version for CVE-2020-36310 with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] All current wireshark CVEs are fixed in the version in sid
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-23648/containerd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-23648/containerd
Shengjing Zhu ( at zhsj)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two webmin issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0819/dolibarr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24685/nomad
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two slic3r CVEs (CVE-2021-4496{1,2})
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct tracking for CVE-2022-24720
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-25314/expat n/a on stretch
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Claim wireshark and firmware-nonfree.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] DSA-5088-1 varnish
Florian Weimer ( at fw)
- [Git][security-tracker-team/security-tracker][master] Add new frr issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-23656/zulip-server, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-23903/speex via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for golang CVE-2022-24921
Shengjing Zhu ( at zhsj)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0730/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-21716/twisted
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-25634/qt* not-affected
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process an NFU
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process NFU in Node karma-runner/karma
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process NFU
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3857{7,8}/edk2 undetermined, private bugs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Update Hazelcast <itp> CVEs CVE-2022-0265 CVE-2020-26168
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-0675/puppet-module-puppetlabs-firewall bug #1006749
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process NFU
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-22909/hoteldruid <unfixed> (bug #1006750)
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-0613/node-urijs <itp> (bug #902083)
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24724/cmark ghostwriter python-cmarkgfm ruby-commonmarker & r-cran-commonmark
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for golang-1.15 via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-24921 as no-dsa for bullseye and buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2021-23495 with karma, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync note for CVE-2020-26168 with CVE entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync upstream tag for commit for CVE-2022-0265
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-43616/npm, fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for two freecad issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] buster/bullseye triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unify naming for one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add bug URL for wget CVE-2021-31879
Paul Wise ( at pabs)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0850/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0552 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2332{7,8}/golang-github-go-ethereum
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track commits which relax fix for CVE-2022-25236
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim gpac
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-0561/flac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-0850
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0849/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add issues from mfsa2022-09
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for firefox-esr issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26490/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two issues in nbd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26505/minidlna
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add expat for followup update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2931-1 for cyrus-sasl2
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2932-1 for tiff
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for kcron via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] firefox-esr DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add DSA entry for DSA 5091-1/containerd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: update notes
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2021-29499
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process three CVEs for weblate
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2933-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2934-1 for freecad
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0847/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2935-1 for expat
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2936-1 for libgit2
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-21658/rustc via experimental
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-26520/libpgjava assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0865/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2937-1 for gif2apng
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: update status, take kcron
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-0865/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for fscrypt issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2022-21723
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-4209/gnutls28
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2022-23608
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2021-37706
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tryton related CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unify used NFU name for one product
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-2649{5,6}/nbd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 5 commits: lts: add redis
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] new thunderbird issues (fixed in sid)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-0543 in redis for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Redis is not affected by CVE-2022-0543
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim twisted.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Remove doubled reference to mfsa2022-09
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2938-1 for python-twisted
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 3 commits: lts: add cacti
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: node-url-parse EOL in stretch
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for nbd via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5093-1 for spip
Sebastien Delafond ( at seb)
- [Git][security-tracker-team/security-tracker][master] dla: claim cacti
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVEs from android security bulletin for linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-26496 for Stretch
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tempoary spip entry until CVE assigned for issue fixed in DSA 5093-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: lts: add spip
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-000{1,2}/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Annotate CVE-2022-20003
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-000{1,2}/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional references for Spectre-BHB issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0856/libcaca
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix for CVE-2022-21658/rustc moved to unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-24303 back to ignored
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust source package name used for DLA-2938-1: python-twisted -> twisted
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust as well the subject line for DLA-2938-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-0543/redis via unstble
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues from nfsa2022-10
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2022-11
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional references for speculation issues variants
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Drop twisted.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 4 commits: lts: CVE-2022-24613 and CVE-2022-24614 no-dsa for stretch
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2939-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2471{4,5,6}/icingaweb2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: lts: add kicad
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] LTS: take libreoffice and gerbv.
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] python n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: add nbd
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: CVE-2021-44537/owncloud-client n/a on stretch
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2940-1, DLA-2941-1 for linux, linux-4.19
Ben Hutchings ( at benh)
- [Git][security-tracker-team/security-tracker][master] new rust-regex issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add link to writeup for io_uring issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: take spip
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream commit for spip issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update in bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update in buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop information for CVE-2022-20003 (confirmed duplicate of CVE-2021-22600)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop notes from CVE-2022-26487 (duplicate of CVE-2022-26143)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove information on CVE-2021-3558, rejected as not a security issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two CVEs for mattermost-server, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0891/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0881/peertube
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0813/phpmyadmin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-25368
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on spip issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add nbd to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tryton-server and tryton-proteus to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Two CVEs assigned for spip issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add missing CVE-2021-4202 from DSA-5096-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for r-cran-commonmark issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2942-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Remove notes from one rejected CVE which was not a security issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update some NFU naming
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new thunderbird issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: lts: add python-treq
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: lts: add ruby-sidekiq
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add new linux issues from XSA 396
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take ruby-sidekiq
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2943-1 for ruby-sidekiq
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for tryton-server issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for tryton-proteus issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2944-1 for nbd
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] php-horde-mime-viewer fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixing commit for php-horde-mime-viewer issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2022-0711
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] tryton DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add haproxy to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0905/gitea
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-0158,CVE-2022-0392,vim: Stretch is not affected
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2945-1 for tryton-server
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2946-1 for tryton-proteus
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: take thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-26874/php-horde-mime-viewer assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26878/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process three NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-25031
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add fixing commit for CVE-2022-0813/phpmyadmin
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-25646/ansible fixed, ansible-core not affected
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-36123/libsixel <not-affected>
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-25646/ansible mark bullseye as not-affected
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-36518/jackson-databind unfixed bug 1007109
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-32434/abcm2ps 8.14.13-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3243{5,6}/abcm2ps 8.14.13-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2022-0393, CVE-2022-0407,vim: Stretch is not affected
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-25646
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert "CVE-2020-36123/libsixel <not-affected>"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust upstream tag for CVE-2021-3243{4,5,6}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add four new tiff issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0860/cobbler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24741/nextcloud-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2947-1 for vim
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Fix truncated DLA for vim.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-38296/apache-spark
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup trailing whitespaces
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-44269/wavpack
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0890/mruby
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24754/pjproject
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-33293/libpano13
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process several moodle issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] nbd DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-44269/wavpack
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update upstream references for CVE-2021-3850/ibphp-adodb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-3850/libphp-adodb via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream references for CVE-2022-24713/rust-regex
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2021-45429/yara
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2021-3850/libphp-adodb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-24713/rust-regex
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: Mark CVE-2022-24986 as ingored for stretch
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add libphp-adodb to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26966/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26967/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tempoary entry for phpliteadmin issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libphp-adodb update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for expat functional regression update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for haproxy update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for some tiff issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-46709/phpliteadmin assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track possible fixes for CVE-2017-25{79,80,81}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26981/liblouis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2948-1 for debian-archive-keyring
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-26967/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-24720/ruby-image-processing
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26354/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26353/qemu and update note for CVE-2021-3748
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-4181{6,7,9}/ruby3.0 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0742/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new znuny issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-46708/swagger-ui <itp> #871461 and #895422
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-22719/apache2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-22720/apache2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-22721/apache2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-23943/apache2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-23967/tightvnc <undetermined>
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-23710/elasticsearch <removed>
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-23967/tightvnc - add bug number #1007239
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2022-23395
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Fixup CVE-2022-23710 and CVE-2022-23708
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24329/kotlin <unfixed> (bug #1007243)
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24349{|91{7,8,9}}/zabbix unfixed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2021-46144/roundcube
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2022-25636/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] python-cmarkgfm fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] initial stub entry for wordpress
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] update one netpbm-free issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-0730/cacti: reference patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] apache2 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for wordpress issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-4421{5,6}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2022-23395 (jQuery Cookie)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add (not yet public) upstream issue reference for CVE-2022-24329
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-24724 already in 0.7.0-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new gpac issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-20001/fish
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-24724/cmark-gfm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for linux issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track apache2 update via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove note from CVE-2022-24727 (confirmed duplicate of CVE-2022-23915)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove note from CVE-2021-29491 (confirmed duplicate of CVE-2021-28860)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0943/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2949-1 for spip
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: take python-scrapy
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] reclaim libarchive
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0778
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add openssl to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for openssl update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to oss-security post for CVE-2022-0742
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2475{5,6}/bareos
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-0778/openssl via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird via unstable for mfsa2022-12 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2021-4083/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0987/packagekit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0981 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-0811 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for golang-1.18 CVE-2022-24921
Shengjing Zhu ( at zhsj)
- [Git][security-tracker-team/security-tracker][master] Remove note from CVE-2022-26351 (duplicate of CVE-2022-26320)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27223/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0430/httpie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24737/httpie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-45848/nicotine-plus
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-29134/gitea
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixing commit for CVE-2021-41125/python-scrapy
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2950-1 for python-scrapy
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-24713/rust-regex
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add apache2, flac, openssl and zabbix to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] lts: take openssl
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: also take openssl1.0
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] NFUs (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-0943,vim: Stretch/postponed
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for golang-go.crypto CVE-2022-27191 via unstable
Shengjing Zhu ( at zhsj)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-23395 as unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0667/bind9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0635/bind9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0396/bind9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-25220/bind9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add bind9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop containerd from dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0959/pgadmin4 (itp'ed)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0918/389-ds-base
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take flac
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-46709/phpliteadmin as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2951-1 for flac
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Mark three CVEs for wolfssl as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference commit for CVE-2018-1000532
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-44718/wolfssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Track fixes for wolfssl via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26110/condor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-45104/condor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-45103/condor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0998/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0995/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-42219/golang-github-go-ethereum
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2952-1 for openssl
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2953-1 for openssl1.0
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2551{4,5,6}/libstb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take apache2
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-227{19,20,21}/apache2: add upstream fixes
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] extend comment for libstb
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-25220,bind9: Link to fixing commit
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] lts: take tzdata and libdatetime-timezone-perl
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Claim bind9 in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add libxml2 to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track linux fixes pending for bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track pending CVEs for linux update via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-45005/mujs as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-23308 as no-dsa for buster and bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libxml2 via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Four bind9 issues fixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed libxml2 update via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24761/waitress
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-44964/lua5.4
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update version for wolfssl update in bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2022-1011/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim python-treq.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Assign libxml2 to Anton.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] e2guardian in stretch is not affected by CVE-2021-44273
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27240/glewlwyd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24302/paramiko
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-45868/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2954-1 for python-treq
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-23943/apache2: add fixing commits
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] flac spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bind9, chromium DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] qemu ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] glewlwyd, mujs spus
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Adjust version for glewlwyd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-44273 in stretch as ignored, not not-affected
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2477{1,2,3}/node-node-forge
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2955-1 for bind9
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-100{2,3}/mattermost-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0547/openvpn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2626{6,7}/piwigo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-15591/fex assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for cups via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed phpliteadmin updates via {buster,bullseye}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2955-2 for bind9
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add tiff and unzip to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add wordpress to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add abcm2ps to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Take tiff and wordpress
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Expand note slightly for CVE-2022-23395
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3953{5,6}/libxsmm fixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-2054{1,2}/libxsmm fixed as well in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-2505{0,1}/rtl-433
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-24737,CVE-2022-0430,httpie: Stretch/no-dsa
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-46700,libsixel: Stretch/no-dsa
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 4 commits: CVE-2022-0890,mruby: Stretch/no-dsa
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add usbredir to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add condor to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for frr issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-24302/paramiko
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-24737/httpie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add debian bug reference for CVE-2022-26981/liblouis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add golang-go.crypto to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Add Debian bug reference for CVE-2022-24761/waitress
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-24599/audiofile
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add bug reference for keepass2 CVE-2022-0725
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2956-1 for wordpress
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reference bug number for CVE-2021-33293,libpano13
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add mbedtls to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track temporary fixes for wordpress entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take usbredir
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add paramiko to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] LTS: mark CVE-2021-25636 as <ignored> for stretch
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add bug reference for CVE-2019-25058,usbguard
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add usbguard to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] LTS: drop libreoffice from dla-needed
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: take abcm2ps
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: update status gerbv
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Process new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-0547,openvpn: Fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add waitress to dla-needed.txt with comments
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2958-1 for usbredir
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Take mbedtls
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] claim minidlna
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Also include CVE-2020-1227{8,9} in DLA-2936-1
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries which got an update in DLA-2936-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed intel-microcode updates via {bullseye,buster}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-44906/node-minimist
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-23648/node-mermaid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Try to clarify scope for CVE-2021-44906
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2022-0547/openvpn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new Linux issue (little details)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2959-1 for paramiko
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-21698,golang-github-prometheus-client-golang: Fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-0854/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11025/cacti: reference patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: update cacti status
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] node-mermaid spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1035/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2021-23648/node-mermaid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24766/mitmproxy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix for CVE-2021-33293/libpano13 landed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-11025/cacti: fix patch reference
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Four CVEs for nodejs already fixed back with 12.22.9 upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0494/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0996/389-ds-base
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0718/python-oslo.utils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-4219/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2960-1 for apache2
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-32610/php-pear
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26148/grafana
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2961-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add twig and php-twig to dsa-needed
Sebastien Delafond ( at seb)
- [Git][security-tracker-team/security-tracker][master] Updates for twig vs. php-twig source package
Sebastien Delafond ( at seb)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26183/pnpm, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tempoary entry for weechat issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1043
Salvatore Bonaccorso ( at carnil)
- Processing fbdd26a85b87ca4f9789a7018bd0819e5afadfe0 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Fixup duplicate entry added in previous commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2022-1043/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0886/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27666/linux and add note for CVE-2022-0886
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1031/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2021-44906 via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for CVE-2021-44906 via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-44906/node-minimist as no-dsa for bullseye and buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-7237/cacti: stretch not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] node-forge-forge, node-minimist fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Drop notes for CVE-2022-0886 (confirmed duplicate of CVE-2022-27666)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-25484/tcpreplay
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24764/pjproject
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync some linux CVEs with kernel-sec triaging
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5107-1 for php-twig
Sebastien Delafond ( at seb)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0168/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0983/moodle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24775/php-guzzlehttp-sr7
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-40426/sox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27811/ocrfeeder
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-23556/guake 3.8.5-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-2827{5-8}/jhead 3.06.0.1-2
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42387/8, CVE-2021-43304/5 - clickhouse unfixed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reclaim wireshark in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] new zlib issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-22678/gpac, update notes
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] various node spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new containerd issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update otrs2 6.1.2-1 (bug #993846)
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] tiff DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: take qemu
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Drop tiff tracking fror next point releases as now included in DSA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust upstream commit reference tag for CVE-2021-23556/guake
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-23556
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to blog article for ClickHouse issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync upstream tags for clickhouse CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new netatalk issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-22374 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1061/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1058/gitea
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1052/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2472{8,9}/ckeditor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24757/jupyter-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new trafficserver issues (CVE-2021-44759, CVE-2021-44040)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to GHSA for python-scrapy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0577/python-scrapy Debian bug reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-0718/python-oslo.utils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-24775/php-guzzlehttp-psr7
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0567
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0759/ruby-kubeclient
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1025 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1048/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-253{08,09,10}/fribidi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-41736/faust <unfixed>
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process 2 NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] zlib CVEfied
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one more faust issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new pdns/pdns-recursor issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bugs for zlib/pluxml
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Revert "Update otrs2 6.1.2-1 (bug #993846)"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] remove a few faad2 no-dsa entries which are going to be fixed along in the DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Review list of accepted buster-pu updates for point release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1049/pcs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0897/libvirt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-46426/phpipam
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43666/mbedtls
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43085/openssl, needs further check
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Review accepted updates for bullseye point release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] poetry n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add zlib
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] add sox
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] LTS: take sox
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: take zlib
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: Update notes on gerbv
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: update notes about sox package
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Track fixed verson for CVE-2018-25032/zlib via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add zlib to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27920/libkiwix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Pre-merge already linux changes for upcoming point releases
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge bullseye point release updates as previously reviewed and acked
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge one php-illuminate-database which has no CVE assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track updates included for buster point release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-13231/cacti: stretch not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-23225/cacti: precisions
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-24775/php-guzzlehttp-psr7
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1096/chromium
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-24757/jupyter-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2022-27811/ocrfeeder
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new tcpreplay issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-27811/ocrfeeder
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-27920/libkiwix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-27920/libkiwix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2022-27820/zaproxy, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark temporary weechat CVE as not-affected for Stretch
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] claim libvirt
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add details for CVE-2018-25032
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2022-279{39,40,41,42}/tcpreplay
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1071/mruby
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] qt ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] faad2 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] also track zlib issue for libz-mingw-w64
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] update notes
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27950/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1106/mruby
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20723/cacti: stretch not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-20725/cacti: stretch not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10059/cacti: precision
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2962-1 for pjproject
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim icingaweb2, update note
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10060,CVE-2018-10061/cacti: reference patches
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-10061/cacti: reference patches
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] ATS commit refs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2022-1048/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-27227/pdns
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-27227/pdns-recursor via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1056/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26980/teampass
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-43725/spotweb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-101{5,6}/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1122/openjpeg2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2022-25309
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Consolidate NFU naming
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-22771/jasperreport: stretch end-of-life
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26280/libarchive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] tiff non-issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2963-1 for tzdata
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2964-1 for libdatetime-timezone-perl
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Clarify status for CVE-2022-1015
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-23452/barbican
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-23451/barbican
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2022-26280/libarchive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1055/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add four new salt issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2965-1 for cacti
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-26110
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1050/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] qemu/CVE-2022-1050: stretch not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add openjpeg2
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] new mediawiki issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] check-mk issues, raw removed, enterprise NFU
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process NFUs for bbs Patrol Cloud Light Forum
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26291/lrzip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add forgotten end-of-life markings in previous commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-26354/qemu: triage buster as affected
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3929/qemu n/a on stretch
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-35506/qemu n/a on stretch
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-23901/re2c 3.0-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-21821/nvidia-cuda-toolkit <unfixed> - 11.6 Update 2
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-36976/libarchive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2022-25310/fribidi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-36428/libmatio
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-0730/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-23901/re2c
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-21821 as ignored for bullseye and buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-21821/nvidia-cuda-toolkit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1172/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1160/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Move CVE-2022-21821 to no-dsa instread of ignored
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE has been fixed in recent upload to Stretch
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-27920 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-26505/via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via experimental for tracking for python2.7 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-26291/lrzip: stretch postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add some gitlab issues affecting older versions
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2021-41736,CVE-2021-41737/faust: stretch postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-44906/node-minimist: stretch end-of-life
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add libz-mingw-w64
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-28202/mediawiki: stretch postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2962-2 for pjproject
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24790/puma <unfixed> (bug #1008723)
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 3 commits: dla: add mitmproxy
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: golang-go.crypto note
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] drop CVE-2021-43085, was rejected
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-22965/libspring-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for python2.7 issue via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for thrift via experimental
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-4182,CVE-2021-4183,CVE-2021-4186,CVE-2021-4190: wireshark/Stretch/Buster
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Claim condor and usbguard in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] new mediawiki issues
Moritz Muehlenhoff ( at jmm)
Last message date:
Thu Mar 31 23:21:16 BST 2022
Archived on: Thu Mar 31 23:21:20 BST 2022
This archive was generated by
Pipermail 0.09 (Mailman edition).