May 2022 Archives by thread
Starting: Sun May 1 07:17:16 BST 2022
Ending: Tue May 31 21:10:31 BST 2022
Messages: 953
- [Git][security-tracker-team/security-tracker][master] Remove markers from a merge conflict
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via experimental for CVE-2022-2473{5,6}/redis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29947/woodpecker
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Give up on subversion, annotating with partial results
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-21227/node-sqlite3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-21227/node-sqlite3 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-21227 in node-sqlite3 for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Sync some CVEs for linux with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2022-21227/node-sqlite3 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: take mruby
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] dla-needed: remove epiphany-browser again - readded when fixing merge conflict markers
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] glewlwyd fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2989-1 for ghostscript
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29968/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-29968/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29973/fuse-exfat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-46790/ntfs-3g
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: minor clarifications/formatting
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: claim ckeditor
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-17960/ckeditor: stretch ignored
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2990-1 for jackson-databind
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] node-sqlite3 spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Claim composer, libpgjava, smarty3 and twig and recheck
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29970/ruby-sinatra
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-25844/angular.js
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in reference for CVE-2022-26490/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-0481, CVE-2022-1201, CVE-2022-1212, CVE-2022-1286
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim mruby from Anton
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-24714, CVE-2022-24716 as not affected for stretch
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Update note in data/dla-needed.txt
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Jeremiah C. Foster ( at jeremiah)
- [Git][security-tracker-team/security-tracker][master] Track fixed verison for openjdk-11 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for openjdk-17 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via unstable for openjdk-18
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] ntfs-3g unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29824/libxml2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add information for CVE-2022-1214
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2022-20009
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-20008/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: add ffmpeg
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Process 2 NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] LTS: claim ffmpeg in dla-needed.txt
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42529-32/exempi 2.6.0-1 needs check for fixing commits
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-23064/snipe-it itp
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Replace some older NFUs with itp'ed entry for snipe-it
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unclaim liblouis, comment on status
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2991-1 for twisted
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] Revert "ntfs-3g unimportant"
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2992-1 for openvpn
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-25349/materialize undetermined
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add notes for packages
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Claim intel-microcode
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] new firefox issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new openssl issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-24801/twisted as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary descriptions and upstream tag information for commits on openssl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29824/libxml2 bug reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync format of note for CVE-2021-42529 and CVE-2021-42530
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2022-1304/e2fsprogs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] openjdk-17 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for unstable for firefox-esr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0866/wildfly
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3839 and CVE-2022-0669
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for dpdk issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] NFU (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: Claim libz-mingw-w64
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] dla: libz-mingw-w64 triage notes
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-26272/ckeditor: reference patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27313/gitea
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] firefox DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2993-1 for libz-mingw-w64
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] Correct version number for libz-mingw-w64 CVE-2018-25032
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] Remove tab character in notes of CVE-2021-3618
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fixes for three CVEs for libpodofo via experimental
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-3929 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes for CVE-2022-1214
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process three NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29155/openldap
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2950{0,1,2}/Slurm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-29155/openldap via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Record upstream commits for Slurm issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Slurm to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-1053 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of clamav issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28487/tcpreplay
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Re-associate CVE-2022-21363 with mysql-connector-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2021-2471 with mysql-connnector-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unclaim ffmpeg while we wait for the new upstream release
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30284/python-libnmap
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim pdns in dla-needed.txt
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2994-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] various spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] tcpreplay unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-21476/openjdk-11
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28890/apache-jena
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Move two Apache Jena from NFU to src:apache-jena
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24903/rsyslog
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dpdk, openjdk-11 DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-24903/rsyslog
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] fix DSA/list entry
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] twisted spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Fix for CVE-2022-27240/glewlwyd did actually not enter bullseye point release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for slurm-wlm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-29967/glewlwyd as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] nokogiri fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30292/squirrel3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream references for dpdk issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2995-1 for smarty3
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add rsyslog to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2022-18
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-158{6,7}/pcre2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim condor in dsa-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Replace listing with uid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add qemu to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28066/libarchive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28508/mantis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-293{39,40}/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27337/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2996-1 for mruby
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Review old XMP Toolkit SDK NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim asterisk, update not for ring
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-22573/google-oauth-client-java unfixed bug 1010657
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process NFU
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Unclaim pdns, documenting partial work done
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] buster/bullseye triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new ecdsautils issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add ecdsautils to dsa-needed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-21949/ruby-xmlhash unfixed 1010667
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-25647/libgoogle-gson-java unfixed 1010670
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove twig from dla-/dsa-needed.txt.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs & pistache ITP
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-27470/libsdl2-ttf unfixed 1010671
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for dpdk issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference associated upstream commit for CVE-2021-22573
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Ammend note for ecdsautils that it is handled by maintainer already
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2022-24884
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] take ecdsautils, qemu, thunderbird
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim ecdsautils
Sven Eckelmann ( at ecsv)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove composer from dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2997-1 for ecdsautils
Sven Eckelmann ( at ecsv)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30295/uclibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop uclibc-ng itp entries
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add oss-security references for two uclibc/uclibc-ng issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Three slurm-wlm issues fixed with new upstream version in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2021-43523
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-30295 as unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-24823/netty
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Three libpodofo issues fixed with upload to unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-1292/openssl via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via experimental for openssl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-27470/libsdl2-ttf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track additionally CVE-2022-29967 for glewlwyd update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Lower severity for CVE-2022-24823
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-24823/netty
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-27337/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-28066/libarchive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2018-25033/admesh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1616/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim kicad
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add two new vim issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add DSA entry for ecdsautils update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26491/pidgin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29167 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two CVEs for mruby via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add admesh to dla-needed.txt and assign it to Anton Gladky
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs and piwigo (removed)
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-23792/libtwelvemonkeys-java 3.8.0-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Update todo for two webkitgtk issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28463/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-27419/uclibc unfixed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-0897/libvirt postponed on stretch
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3844[1,3] cyclonedds undetermined - no upstream tracking
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process an NFU
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41959/iotjs unfixed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs ; fix typo in rbpf NFU
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] lts: update notes
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] golang-github-endophage-gotuf removed & two NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-3618/nginx via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2022-24903/rsyslog
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-25033/admesh as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-27419 as unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-1616/vim as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-1619/vim as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2018-25033
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove note for CVE-2021-46380, duplicate of CVE-2022-22511
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30333/unrar-nonfree
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] qemu DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2998-1 for kicad
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] Claim waitress
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for xen issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-24761/waitress
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1632
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new vim issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag for commit for CVE-2022-1621/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2022-30333/unrar-nonfree
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take cifs-utils from dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update note for adminer.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30333/rar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2021-22573/google-oauth-client-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add redis to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Replace reference for CVE-2022-29869 with upstream repo commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for cifs-utils issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add curl to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add cifs-utils to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add clamav to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1649/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take cifs-utils from dla-needed
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1629/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-2999-1 for mutt
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27114/htmldoc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1012/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1537/grunt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1651/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1662 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1652/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27778/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27779/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27780/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27781/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-27782/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30115/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Added ffmpeg annotation
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] lts: take clamav and curl
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Fix triage for CVE-2022-27114/htmldoc as the issue does not lead to a crash only
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42581/node-ramda disputed upstream
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Claim package unzip
Dominik George ( at natureshadow)
- [Git][security-tracker-team/security-tracker][master] one vim issue unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Android updates
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] pidgin fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Give cifs-utils to Utkarsh
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] rewrite non-issue entry for node-ramda
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Remove note about broken url (fixed in meanwhile)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-30333
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-29968/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark some CVEs as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2021-26258 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-21151/intel-microcode
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-33117/intel-microcode
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove ecdsautils, DSA released
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark the two android-platform-frameworks-base as unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for some curl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop one doubled space in NFU annotation
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust fixed version for CVE-2022-1205/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-162{2,3}/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add libxml2 to dsa needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30594/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track mitigations in kernel for CVE-2021-26401
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new golang issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29162/runc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs & reviewboard ITP
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Move one older CVE from NFU status to the ITP'ed entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-34085/mp3gain not-affected
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] new linux issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new horizon issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Sync information for CVE-2022-1671/linux with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] OpenJDK 8, 11 n/a by CVE-2022-21449
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] several crate issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] also drop CVE-2022-21449 from DSA/list
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new postgres issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libgoogle-gson-java fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add ruby-nokogiri to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add openldap to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Correct openldap note.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Correct ordering
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] chromium DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] postgres DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add imagemagick to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2022-29526
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-28066,libarchive: Stretch and Buster are not affected
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Mark 1.6.2-1 version as fixed version for CVE-2021-34085
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit references for CVE-2022-1552
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two cifs-utils issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3000-1 for waitress
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for unrar-nonfree via buster and bullseye point releases
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim imagemagick
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1679/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-0171/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take lrzip
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-23853/ktexteditor via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-28085 and CVE-2022-27114 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Some clamav issues fixed in unstable via new upstream version
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29885/tomcat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1650/node-eventsource
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-25762/tomcat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1674/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-1674/vim as unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42863/iotjs unfixed, code not present in buster
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] new undertow issue, concludes external check
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] makr one clamav issue as n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Unclaim unzip
Dominik George ( at natureshadow)
- [Git][security-tracker-team/security-tracker][master] Add htmldoc to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add amd64-microcode and libgoogle-gson-java to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Claim libgoogle-gson-java
Dominik George ( at natureshadow)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-29885,tomcat9: Fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim htmldoc.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3001-1 for libgoogle-gson-java
Dominik George ( at natureshadow)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3002-1 for adminer
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] node-eventsource fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3003-1 for ruby-nokogiri
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3004-1 for htmldoc
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Fix typo in upstream tag information for CVE-2022-29885
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed verison for CVE-2022-29526/golang-1.18 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-21151
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3005-1 for lrzip
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] Process two NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3006-1 for openjdk-8
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add db5.3 as having a modified embed of sqlite3
Andrej Shadura ( at andrewsh)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-8457 entry for db5.3
Andrej Shadura ( at andrewsh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3007-1 for imagemagick
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] imagemagick - Fix correcting version
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix indentation for db5.3 entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2022-25762,CVE-2022-29885,tomcat8 for Stretch
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Take openssl
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3008-1 for openssl
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2019-8457/db5.3 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claimed ffmpeg
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Add tracking of node-eventsource via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for nginx via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30708/webmin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync information for CVE-2022-0854 with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-1537/grunt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: CVE-2019-8457,db5.3: Mark Stretch as no-dsa
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Ignore some eBPF related linux issues for stretch (sync with kernel-sec)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-1651/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-20008/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-1677 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit: CVE-2022-30293 and CVE-2022-30294
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-28919/dokuwiki unfixed 1011056
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30781/gitea
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim openldap
Dominik George ( at natureshadow)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add notes to packages
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Claimed DLA ID
Enrico Zini ( at enrico)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-21151/intel-microcode via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Postpone intel-microcode for bullseye and buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tags for vim and triage several CVE.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Marked CVE-2022-1650 as end-of-life for strech according as suggested by the lts triaging script.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] slurm-llnl is clearly vulnerable so added to dla-needed.txt since it is also in dsa-needed.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2022-30126/tika
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Marked CVE-2022-29973 as no-dsa for fuse-exfat in stretch following buster.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Marked CVE-2022-29977 and CVE-2022-29978 as no-dsa following buster. This is...
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-1154,vim: Remove no-dsa tag for Stretch
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Marked CVE-2022-30333 as no-dsa for rar and unrar-nonfree following buster.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1736/gnome-remote-desktop
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3012-1 for libxml2
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30776/atmailopen
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30767/u-boot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2022-1725/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1734/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1706/ignition
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Added 386-ds-base to DLA needed. The install base is small so the priority is...
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Corrected the package name of 389-ds-base in dla-needed.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Added exempi to dla-needed. Further analysis is needed but a lot of packages depends on libexempi8.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2022-29175 (CVE withdrawn)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Expand todo for CVE-2022-30779
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: update ckeditor status
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: claim rsyslog
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30688/needrestart
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for needrestart update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for upstream commit for CVE-2022-30688
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-30688/needrestart
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2022-30688/needrestart via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] waitress, openssl DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add oss-security reference for CVE-2022-30688/needrestart
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Remove no-dsa tagged entries covered by DLA-3000-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of nvidia-graphics-drivers-tesla-470 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of nvidia-graphics-drivers-tesla-460 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of nvidia-graphics-drivers-tesla-450 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Added needrestart to dla-needed since CVE-2022-30688 is already fixed in buster.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Add new set of nvidia-graphics-drivers-tesla-418 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of nvidia-graphics-drivers-legacy-390xx issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of nvidia-graphics-drivers-legacy-340xx issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of nvidia-graphics-drivers issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1769/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2022-1735/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30067/gimp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1116/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29581/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-29581/linux in bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take needrestart as already announced via DSA
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3013-1 for needrestart
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Take elog
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker] Pushed new branch users/tianon/nvd-severity
Tianon Gravi ( at tianon)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-1355/tiff via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2018-25033/admesh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-38711/gitit via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1379/plantuml not-affected, vulnerable code introduced in 1.2020.11
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] update note in dla-needed
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30976/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2022-30976/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-3097{4,5}/mujs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3014-1 for elog
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Fixed CVE-2022-0577 in python-scrapy 2.6.1-1
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] Restore reference to Debian bug for CVE-2022-0577
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1183/bind9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1795/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some moodle CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24903/rsyslog: documentation relationship with CVE-2018-16881
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-24904 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24903/rsyslog: reference more introductory patches
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2022-29165 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2022-29581
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1771/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-22970-1/libspring-java unfixed
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] mysql-8.0 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track some mysql-8.0 updates in earlier version (Oracle CPU October 2021)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim cgal
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24903/rsyslog: clarify introductory patches
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] nvidia-graphics-drivers-legacy-390xx fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] remove two entries for older nvidia drivers, there's no indication these affected < 470
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove "NVD severity" from the web UI
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker] Deleted branch users/tianon/nvd-severity
Tianon Gravi ( at tianon)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track some issues as fixed in Oracle CPU April 2021 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for openldap update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1796/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1785/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add back CVE-2022-21449 for DSA-5128-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update libpgjava notes in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28960/spip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28961/spip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-27548/texlive-bin unfixed 1011333
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add missing ref to CVE-2021-27548
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42700,2,4 inkscape 1.0-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-27548/texlive-bin neither buster nor stretch affected
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process a couple of NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-28948/golang-gopkg-yaml.v3 unfixed 1011338
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-29622/node-formidable unfixed 1011341
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-28959/spip 4.1.1+dfsg-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tags for ark/Stretch
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3016-1 for rsyslog
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3017-1 for openldap
Dominik George ( at natureshadow)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Drop note on typos in CVE description
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28959 for DSA-4798-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: drop dpac from dla-needed.txt as it is now EOL
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-26520,libpgjava: Mark as no-dsa for all distributions.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-26520,libpgjava: Mark as no-dsa for all distributions.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim subversion in dla-needed.txt
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Marked CVE-2021-44492 to CVE-2021-44510 as ignored in stretch following buster.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Marked 43 CVEs (some from 2020, some from 2021 and some from 2022) as...
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Marked CVE-2022-1785 and CVE-2022-1796 as no-dsa for vim in strech.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Add firefox, firefox-esr and thunderbird issues from mfsa2022-19
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1432/octoprint
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29177/golang-github-go-ethereum
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29170/grafana
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29163/nextcloud-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add firefox to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2902{1,2,3}/openrazer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Re-assiciate one older CVE to golang-github-go-ethereum, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-4070/golang-v2ray-core
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track firefox fixes via unstable for mfsa2022-19 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for firefox-esr for mfsa2022-19 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-33135/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29181/ruby-nokogiri
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] ckeditor3: link related ckeditor CVEs
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track some new tensorflow issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31258/check-mk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1789/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1729/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2022-28948
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2021-40403/gerbv
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libxml2 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-0577 as no-dsa for bullseye and buster
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track proposed update for python-scrapy via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add note for trafficserver in dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1809/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] php-dompdf: Even unstable has a version before CVE-2022-28368 was introduced
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-23409/golang-github-pires-go-proxyproto via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in CVE ID
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add DSA entry for DSA-5143-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for three nvidia-graphics-drivers-tesla-450 CVEs fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5144-1 condor
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-45101,condor: ignored for Buster
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove ansible from dla-needed.txt.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3019-1 for admesh
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: libspring-java no longer supported for stretch. Marking CVE-2022-22970 and...
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Added firefox-esr to dla-needed. It looks serious enough to not halt any...
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Mark all open ansible CVE in Stretch as EOL
Markus Koschany ( at apo)
- Processing 2ca061f879b47aba252839d288e47fa0309f74b9 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Fix ordering
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Adjust source package name in CVE-2022-23639
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add postgresql-9.6
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: assign postgresql-9.6 to Christoph Berg as per data/packages/lts-do-call-me
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3020-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Remove postponed entry for CVE-2021-33515/dovecot in bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: dla: add mailman
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add cyrus-imapd
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add dpdk
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1311/xerces-c: harmonize triaging with buster
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24434/node-superagent not-affected, vulnerable code in added test support
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-29189-90/snowflake unfixed 1011457
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Unclaim cgal
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-29222/snowflake unfixed 1011458
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-28181,CVE-2022-28185/nvidia-graphics-drivers-legacy-340xx: stretch ignored
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20196/faad2: fixed through DSA-4522-1
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-20902/ffmpeg: fixed through DLA-3010-1
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-20196/faad2: drop postponed entry for stretch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add filezilla
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1000825/freecol: stretch end-of-life
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add glib2.0
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add haproxy
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: clarify comments made with front-desk hat
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] one grafana issue n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mariadb-10.6 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: add irssi
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add isync
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add lemonldap-ng
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add libdbi-perl
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add manila
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] one ATS issue fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: add libjpeg-turbo
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2022-3097{4,5}/mujs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop notes for CVE-2022-1588 (was incorrectly assigned)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-4258{5,6}/libredwg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Claim filezilla
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1836/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30065/busybox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: add modsecurity-apache
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2018-19211/ncurses: revert <ignored>
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3021-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Claim modsecurity-apache.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Sync some NFU names
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-40085/neutron: stretch unfixed, DLA-2781-1 has no new patch and changelog-only debdiff
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add openscad
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add pam-u2f
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add plinth
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add pngcheck
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] more nvidia fixes in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-16848/mistral: OpenStack EOL'd in jessie but not in stretch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-3866/mistral,python-oslo.utils: clarify/update stretch status
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add request-tracker4
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add ros-ros-comm
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-13124,CVE-2021-29488/sabnzbdplus: precise stretch status
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add sleuthkit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add libpgjava and smarty3 to dsa-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] dla: add systemd
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add ublock-origin
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: add vlc
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: lrzip DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] htmldoc spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process some NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add entry for Debian Printing/cups
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] claim atftp
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Take golang-go.crypto
Dominik George ( at natureshadow)
- [Git][security-tracker-team/security-tracker][master] Add and claim spip
Sebastien Delafond ( at seb)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2021-27548 for now
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-23639/rust-crossbeam-utils via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-21698/golang-github-prometheus-client-golang: stretch postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] chromium fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libxstream-java fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42218/ompl: stretch not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim neutron.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim redis.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] dla: add pjproject
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add freerdp
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-4229/node-ua-parser-js not-affected, versions not uploaded
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42248 golang-github-tidwall-gjson unfixed 1011616
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] new radare2 issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add and claim cups
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] LTS: update subversion notes in dla-needed.txt
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42612,3,4/halibut 1.3-1
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process YottaDB CVEs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1664/dpkg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2022-1664/dpkg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for dpkg update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3022-1 for dpkg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-1664/dpkg via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29248/guzzle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1786/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1348/logrotate
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-1348/logrotate
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust NOTE reference for CVE-2021-44974
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2021-4261{2,3,4}/halibut
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1678/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Try to clarify unimportant status for CVE-2022-29181
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via experimental for nvidia-graphics-drivers-tesla-510 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-24790,puma: Mark as no-dsa for Stretch
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-1348/logrotate via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1851/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: update note
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31263/mastodon, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate three older NFUs with the itp'ed entry for mastodon
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one more NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1726/zoneminder
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process 1 NFU
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Disentangle multiple projects called gibbon
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-3165{0,1}/sox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30595/pillow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2022-30595
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-30595/pillow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29710/limesurvey
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed clamav update via buster-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for clamav via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26691/cups
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add cups to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-29217/pyjwt unfixed 1011747
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3024-1 for python-django
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Track new set of ntfs-3g issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3025-1 for irssi
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2021-20267 in stretch LTS from no-dsa → ignored.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3026-1 for filezilla
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-29221/smarty3, smarty4 unfixed 1011757 & 1011758
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3027-1 for neutron
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-29358/epub2txt2 itp 1004115
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-29361/python-werkzeug undetermined, disputed upstream
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Specify upstream tag for CVE-2022-29221
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-44964/lua5.4
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1882/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-29242/libengine-gost-openssl1.1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] cups DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add references for ntfs-3g issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed for linux issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for ntfs-3g issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1899/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1886/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1462/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unclaim golang-go.crypto
Dominik George ( at natureshadow)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3028-1 for atftp
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3029-1 for cups
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 2 commits: claim slurm-llnl
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-26691/cups
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31624/mariadb*
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31623/mariadb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in version string used for CVE-2022-31623
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31622/mariadb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2022-31622
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31621/mariadb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2022-24735 in redis for stretch LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Drop redis from dla-needed.txt.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 4 commits: dla: add thunderbird
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-32627,CVE-2021-32628/redis: precise triage
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Claim pjproject
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Angular is the replacement for angular.js
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Process some Apple NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Undo incomplete change for CVE-2021-42859
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some Apple NFUs
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3030-1 for zipios++
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-21831 & CVE-2022-22577 in rails
Neil Williams ( at codehelp)
- [Git][security-tracker-team/security-tracker][master] pillow fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for pcre2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-428{59,60}/mxml
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2022-1586 commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2022-22577
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2022-21831
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add oss-security reference for CVE-2022-1462
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-189{7,8}/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-190{7,8}/libmobi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-26498, CVE-2022-26499 not affected for stretch
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libmobi issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: add golang-github-hashicorp-go-getter
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3031-1 for modsecurity-apache
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2022-1897,CVE-2022-1898/vim: stretch postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] asterisk uses packaged libpjproject-dev
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-42700,CVE-2021-42702,CVE-2021-42704/inkscape: add reference
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add for now back a todo item for CVE-2021-4270{0,2,4}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-12827,CVE-2019-15297/asterisk: precise stretch triage
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] lts-cve-triage.py: clarify report header
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31783/liblouis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add pidgin
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31782/freetype
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix typo
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Claim pidgin
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] dla: add pypdf2
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add halibut
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: take halibut
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add oss-security reference for CVE-2022-1786
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync status with kernel-sec for CVE-2022-1786
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove bug reference associated with CVE-2021-4261{2,3,4}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-31783/liblouis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Remove mysql-connector-java from dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2022-25844/angular.js: stretch ignored
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add jupyter-notebook
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1215/libinput: reference introductory commit + stretch not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim qemu
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] dla: add libmatio
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for rsyslog update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for slurm-wlm in dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] release slurm-llnl
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2021-30498{8,9}libcaca
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2021-3049{8,9}/libcaca
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for libmobi issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstrem tag information for libmobi commits
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for smarty4 issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-30763/janet, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-31783/liblouis as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-41043/tcpslice via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for composer via {buster,bullseye}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-27818,pngcheck: remove no-dsa tag
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3033-1 for smarty3
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5151-1 smarty3
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Claim haproxy in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] RTCP-FB handling is introduced in later versions.
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Move entries for CVE-2021-26119 and CVE-2021-26120
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new bottle issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-29361
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: semi-automatic unclaim after 2 weeks of inactivity
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] claim blender and golang-github-hashicorp-go-getter
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] claim ncurses
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2021-40401/gerbv
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference pull request for CVE-2021-40400/gerbv
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-31799/python-bottle assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1928/gitea
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1927/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for smarty3 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: claim libdbi-perl
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Claim liblouis
Andreas Rönnquist ( at gusnan)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5152-1 for spip
Sebastien Delafond ( at seb)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2022-0005
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tags for haproxy/Stretch
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Claim firmware-nonfree and libjpeg-turbo in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] ATS DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2014-10402/libdbi-perl: add patch reference
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2014-10402: Update note to directly reference the upstream commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add bugnum for sox
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3035-1 for libdbi-perl
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2019-19451/dia via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-29526/golang-1.17 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new libjpeg issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-31620/libjpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1943/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1934/mruby
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3036-1 for pjproject
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim libmatio
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] dla: claim mailman
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-1852/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2021-40400/gerbv
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2022-20
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2022-21
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-2201,libjpeg-turbo: Remove no-dsa tag for Stretch
Markus Koschany ( at apo)
Last message date:
Tue May 31 21:10:31 BST 2022
Archived on: Tue May 31 21:10:36 BST 2022
This archive was generated by
Pipermail 0.09 (Mailman edition).