August 2023 Archives by thread
Starting: Tue Aug 1 00:46:30 BST 2023
Ending: Thu Aug 31 23:09:57 BST 2023
Messages: 962
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3513-1 for tiff
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4010/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3817/openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-3817 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2023-37450
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-38285/modsecurity via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-38199/modsecurity-crs via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-28439/ckeditor via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some webmin issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-34872/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for CVE-2023-25525/nvidia-cuda-toolkit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Note that cjose maintainer is asked to prepare updates
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Annotate fixing commit for CVE-2023-2731
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-34872/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2023-32731/grpc with findings from triage
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for sogo upstream commit for CVE-2020-22402
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2023-33466 in orthanc for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-36325/i2p
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixes for llvm-toolchain-13 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] "new" chromium issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixes for llvm-toolchain-14 issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] "new" chromium issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixes for llvm-toolchain-15 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2023-3750/libvirt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] fix email address format
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Add note to docker.io in dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2023-30549
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new ffmpeg issue (originally from Chromium)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-30549
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-32732/grpc: slight clarification
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1615: Add 'Introduced by' and mark buster as not affected
Samuel Henrique ( at samueloph)
- [Git][security-tracker-team/security-tracker][master] bugs.py: Hint towards a typo issue on check
Samuel Henrique ( at samueloph)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2023-38060 with znuny
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox issues from mfsa2023-29
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2023-30 and mfsa2023-31
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add missing CVE-2023-4058 from mfsa2023-4058
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim qt4-x11
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] openssl fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2023-30581/nodejs for buster.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2023-30588/nodejs for buster.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Revert "bugs.py: Hint towards a typo issue on check"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for firefox-esr issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Replace branch names with now existing tags for openssl commits
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2023-29409/golang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-385{59,60}/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3301/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove note from now rejected CVE-2023-3117 (was duplicate of CVE-2023-3390)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim bouncycastle.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Drop notes from now rejected CVEs which were duplicates of other xpdf assigned CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: retake openjdk-11
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3514-1 for bouncycastle
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] firefox fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] additional chromium issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: claim zabbix in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Update information on glib2.0 issues mentioning the regression CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking for CVE-2023-4016/procps
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-3301/qemu: buster not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Typo
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-28755/ruby*: reference follow-up CVE
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: tidy golang triage
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add note about chef
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] No DLA for chef needed. Conscern chef-server removed in 2012
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Fixup empty line
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Remove additional paste to dsa-needed file
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-34320/xen
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-21400/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new golang-golang-x-net issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-28864/chef: reference patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] new mozillavpn issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] chromium fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark chef debian package not-affected by CVE-2023-28864
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-4907/ffmpeg: buster not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add cakephp to embeded code copy
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] rxvt-unicode fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] firefox-esr DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-25435/tiff: reference prior CVE fixed with same patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2023-3978
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2023-4104/mozillavpn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-4907/ffmpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird from mfsa2023-32
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Followup thunderbird entries with mfsa2023-33
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track thunderbird fixes via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4138/rdiffweb, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: CVE-2023-34478 mark as no-dsa
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Django DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: add ghostscript
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4133/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4132/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take ghostscript
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Correct the reference for CVE-2023-38560
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3180/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4147/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4134/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38497/rustc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4012 for ntpsec issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ntpsec update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix indentation for CVE-2023-4132/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-4104/mozillavpn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove xqilla from dla-needed.txt; the two CVEs (CVE-2022-24795 and...
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3515-1 for cjose
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] chromium DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-38560
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-2940{7,8}/golang-golang-x-image
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-38559/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: add burp, poppler, thunderbird
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] dla: take poppler
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2023-0007
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4135/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38686/matrix-sydent
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Re-associate some older NFUs to now packaged matrix-sydent
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4156/gawk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39508/airflow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim burp in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2023-38497 with cargo and rust-cargo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2023-38497/{cargo,rust-cargo}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3516-1 for burp
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Remove listing of CVE-2023-33460 from burp update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-5468-1
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Mark new CVEs for webkit2gtk as end-of-line for buster
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3517-1 for pdfcrack
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for python-werkzeug update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for tmate-ssh-server issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-2940{7,8}/golang-golang-x-image
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-3632/i2p
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-3978/golang-golang-x-net
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-38686/matrix-sydent
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: add gawk
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3518-1 for openimageio
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Claim hdf5 and libhtmlcleaner-java in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Take libreoffice in dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4194/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38697/ruby-protocol-http1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take gawk
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] dla: thunderbird already uploaded
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] iortcw n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add note to glib2.0 in dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] foswiki CVE-2023-33756, CVE-2023-24698
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-4156/gawk: reference patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3519-1 for ghostscript
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-4156/gawk: drop confusing link to non-OOB-read-related fixes
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Mark ghostscript as postponed for bullseye and bookworm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-3180/qemu: reference sanctioned patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Fix typo
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Revert "CVE-2023-4156/gawk: drop confusing link to non-OOB-read-related fixes"
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-38559/ghostscript: buster postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Revert "CVE-2023-38559/ghostscript: buster postponed"
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reclaim samba and add status update
Lee Garrett ( at lgarrett)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-25515,CVE-2023-25516/nvidia-graphics-drivers-legacy-340xx: buster ignored
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-36617/ruby2.5,jruby: buster postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-3978/golang-golang-x-net-dev: buster postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3520-1 for libhtmlcleaner-java
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5471-1 libhtmlcleaner-java
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-48579/unrar-nonfree
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4205/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3896/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-36054/krb5
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-38795/gitea
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track openjdk-18 as removed from the archive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2023-1829
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional references for CVE-2023-31248 and CVE-2023-35001
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4155/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3521-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-30589/nodejs: Add links to report and upstream fix.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Retake imagemagick
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Update already the status for CVE-2023-39977
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39978/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add ruby-rmagick
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-20569 for "Speculative Return Stack Overflow (SRSO)"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-40982 for "Gather Data Sampling (GDS)"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-3896/vim: patches, affected versions, buster not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add reference for CVE-2023-20569
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add clarifying note about microcode update and Zen3 vs. Zen4 inclusions
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Old llhttp parser issues: Add links to PoCs.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-34319/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add information on intel-microcode CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] cjose DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: add rar and unrar-nonfree
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for intel-microcode CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via unstable for two linux issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix copy paste error for amd64-microcode version for bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-21264/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] orthanc DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2023-30590/nodejs for buster.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for intel-microcode via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add intel-microcode to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2022-40982
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-3750/libvirt via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to oss-security post for CVE-2023-20569
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3522-1 for hdf5
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Mark remaining hdf5 CVE as no-dsa/postponed.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Claim rar and unrar-nonfree in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] new undertow issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: add intel-microcode
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Take intel-microcode
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Take rails
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/embedded-code-copies: drop ruby versions <=wheezy
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] i2p: reference patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add i2p (with experimental issue-based LTS workflow)
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add datatables.js
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3523-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Triaging zabbix with focus LTS/buster
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] 2 commits: NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-37276/python-aiohttp: buster not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-36325: Replace merge commit id with isolated commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update note for amd64-microcode related fixes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Unify style for some notes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim datatables.js in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Associate mitigation for CVE-2023-20588 in kernel
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4273/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new trafficserver issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add oss-security reference for CVE-2023-3772
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-20564 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-20589 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3871{0,1,2}/libreswan
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new nodejs issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add ATS references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2023-{32002,32006,32559}/nodejs for buster.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] fill in details for procps issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-38497/cargo,rust-cargo: buster postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-20569: Note that 3.20230808.1.1 ships second batch of updates for 4th gen EPYC CPUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add mediawiki
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-36054/krb5: buster postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA numbers for intel-microcode and linux update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] libreswan fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new postgresql issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] additional fixes for CPUs in amd64-microcode
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Drop dupliate note for additional microcode fixes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3524-1 for linux and DLA-3525-1 for linux-5.10
Ben Hutchings ( at benh)
- [Git][security-tracker-team/security-tracker][master] Pinpoint upstream tag for two commits for CVE-2022-47185
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add commit references for CVE-2023-3941{7,8}/postgresql
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes for CVE-2023-4205 (CVE rejected)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4128/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process new CVEs for nextcloud-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-37625/netbox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-37543/cacti but retain a TODO as GHSA-4x82-8w8m-w8hj is not accessible
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for trafficserver issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for krb5 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-38697/ruby-protocol-http1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3495-2 for php-dompdf
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reference CVE-2021-3838 for DLA-3495-2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40225/haproxy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two GStreamer gst-plugins-ugly issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Bump date for DSA-547{4,5}-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-29449/zabbix does not affect buster.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2023-20569 tracking with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add links to patches for CVE-2023-29450/zabbix
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4304/froxlor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] consul n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add two new PHP CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-4016/procps: buster postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add otrs2
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add issue for otrs2
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-3824/php*: reference patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-3823/php*: reference patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: update ruby-loofah and ruby-rails-html-sanitizer status
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: new CVE issued for python-git
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40267/python-git
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2023-20569 mitications
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add opendmarc
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Take libreoffice as seen with santiago
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: add flask
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add issue for flask-security
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: update flask-security
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Associate some CVEs with mattermost-server, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39949/fastdds
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add more fastdds issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for three qemu CVEs fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Reference for CVE-2023-3180
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2023-3354/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bookworm/bullseye triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2023-3255/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39976/libqb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-31209/check-mk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for CVE-2023-382{3,4}/php
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Document zabbix state before VAC.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Add references for ZDI-CAN-2144{3,4}/gst-plugins-ugly1.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40267/python-git
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40225/haproxy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for gst-plugins-ugly1.0 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-3602{3,4}/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add netatalk
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-3180/qemu: buster postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: add gst-plugins-ugly1.0
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add orthanc
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-38223/w3m: reference follow-up fix
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add lxc
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: mention contributors should self-assign the (experimental) issues when claiming
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: take gst-plugins-ugly1.0
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-28840/jhead
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] gst-plugins-ugly1.0 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3236/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-25786/qpdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-36138/ffmpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-28429/ffmpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2023-40225/haproxy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-24221 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-3994{5,6,7}/fastdds
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for cargo and rust-cargo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue reference for CVE-2023-3153/ovn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-33953/grpc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim flash in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-26590 as not-affected
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-34432 as not affected
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Revert "Mark CVE-2023-26590 as not-affected"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2023-4265 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim flask-security in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-26590
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add todo item for CVE-2023-34432
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-34432
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-27585/asterisk via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-23537 and CVE-2022-23547
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2023-34432
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add todo item for CVE-2023-34318
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-34318: fixed by same fix as CVE-2021-23159
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-3153/ovn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim lxc in dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Add a note about the POC upstream of CVE-2023-32627
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] LTS: take orthanc
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3526-1 for libreoffice
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Claim sox
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3527-1 for sox
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Slightly wrap longer note line
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix typo in CVE identifier for DLA-3526-1/libreoffice
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] update notes
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3426-3 for netatalk
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40305/indent
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40303/inetutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40283/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: claim w3m
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim opendmarc.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-34872/poppler does not affect buster or bullseye
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3528-1 for poppler
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add NOTE with patch upstream about CVE-2022-47952/lxc in data/CVE/list
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-48579,unrar-non-free: Bookworm is not-affected
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40274/zola, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: take openssl again, it will be uploaded today
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: Remove nodejs from dla-needed.txt.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] add openssh
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] samba DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40303/inetutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-40305/indent
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40305/indent
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39950/efibootguard
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Annoate note for CVE-2023-34872
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2017-14250 (withdrawn by its CNA)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4322/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40360/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40359/xterm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-39950 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-36054/krb5
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed krb5 update via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed krb5 update for bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for libstb issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] netatalk proposed to be fixed trough upcoming bullseye point release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark netatalk as no-dsa and remove from dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference proposed patch for CVE-2023-32627/sox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove sox from dsa-needed list, no update required
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] libstb fixed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process two more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bookworm/bullseye triage (and also updates some older libstd entries)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Take over datatables.js
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3529-1 for datatables.js
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] LTS: claim otrs2 in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Demote CVE-2009-1143 to ignored
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-41401/openrefine
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-39950/efibootguard
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3530-1 for openssl
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for fastdds issue via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for gst-plugins-ugly1.0 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track CVEs for chromium upload to unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take openssh for buster
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new Python issue (CVE description is bogus)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-{18179,18180}/otrs2: Add links to fixing commits.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-18179/otrs2: Add follow-up commits.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] efibootguard fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] opensmtpd fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2009-1143/open-vm-tools as ignored for buster
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3531-1 for open-vm-tools
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-1776/otrs2: Add link to fixing commit.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Claim mediawiki in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] openjdk-11 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2023-38898 commits
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] efibootguard spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-33250/linux in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-2898/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2023-1206/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-18641/lxc/jessie as ignored
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2023-34872/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4385/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4389/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4387/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39975/krb5
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new faad2 issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-21439/otrs2: Add link to fixing commit.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-21441/otrs2: Add link to fixing commit.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-14889/stretch is being fixed
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-36100/otrs2: Add link to advisory and fixing commits.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Revert "Mark CVE-2017-18641/lxc/jessie as ignored"
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3532-1 for openssh
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add two issues from INTEL-SA-00690 in mdadm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new harmless r-cran-readxl issues (CVE description is nonsense)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3533-1 for lxc
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] add forthcoming bullseye fixes for unimportant kernel issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage samba/buster: mark as <ignored> samba as AD DC related issues
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3534-1 for rar
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3535-1 for unrar-nonfree
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] one more bullseye fix for unimportant issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2021-21439
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-21441
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream tag references to several znuny commits
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed qemu update via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for several linux issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4394/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: add libreswan
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-37476,openrefine: fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39741/lrzip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate issues from INTEL-SA-00766 with firmware-nonfree
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] more fastdds references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new qtsvg issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFU (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: retake suricata
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2021-28025
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from two rejected CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-40283/linux via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4413/rkhunter
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-27576/phplist
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: mark CVE-2023-40359 as no-dsa for Buster
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Tag CVE-2022-36440 as ignored for frr
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-20212 and CVE-2023-20197 for clamav
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for clamav issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40175/puma
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3932 for gitlab
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-24904/gnome-gmail
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-24187/iotjs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40175/puma
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for rar via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2023-39975
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39743/lrzip-next, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2023-39908 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-40165 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2023-4135
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for faad2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: update w3m status
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2023-40305 as no-dsa for Buster
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 4 commits: mark CVE-2023-33953 as postponed for Buster
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] add php7.3
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Take care of releasing updates for librsvg prepared by maintainer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim php7.3 in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Track clamav fixes via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for unrar-nonfree via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-40305/indent via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-28429/ffmpeg as wel in 4.1.y branch
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] fastdds DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3536-1 for flask
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-40303/inetutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for xen for CVE-2023-34320 / XSA-436
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track mitigation for xen for CVE-2023-20593
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-4492,undertow: fixed in experimental
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40360/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-4135/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note about glib2.0 in dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Change fixed versions of undertow to 2.3.8
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: add qpdf
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 2 commits: add clamav
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Take clamav
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Move tracking for fixes via experimental for CVE-2022-4492 and CVE-2023-1108
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] qemu fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] qemu triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] set more unfixed qemu issues as <postponed>
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one qemu issue n/a for bullseye/buster
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark two qemu issues as ignored for bullseye
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] disassociate CVE-2023-20593 from src:xen, this is not an issue in Xen itself
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4459/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3537-1 for intel-microcode
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Remove CVE-2023-39949 from listin in DSA-5481-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark fastdds 2.1.0+ds-9+deb11u1 as fixed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3538-1 for zabbix
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] qemu/bullseye triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new Rust webpki issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-38197: add security blog article link
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Annoate tag for fixing commit for CVE-2022-2962
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-1108 and CVE-2022-4492
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38961
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for rust{,-rustls}-webpki
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add information on CVE-2020-27418
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-37154
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Annoatate status for libreswan
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Revert "Remove CVE-2023-39949 from listin in DSA-5481-1"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for CVE-2022-48579
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit references for faad2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-48571/memcached
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-48570/libcrypto++
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-48554/file
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial information on three new nasm issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3539-1 for qt4-x11
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3540-1 for mediawiki
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] LTS: re-add qt4-x11, which still has an open CVE
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Claim libreswan in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Oh no, use apo instead of my real name
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-48541/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-30079 and CVE-2023-30078
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-47069/p7zip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-47022/hwloc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-36648/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-34038/etcd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-38349/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-37052/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-37051/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-37050/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update reference for fixing commit in poppler issues: Add prefix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-23804/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-18839/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-22628/libraw
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-22570/memcached
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-19909/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-40090/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] "new" python issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Drop CVE-2022-35229 from data/DLA/list, as it had been fixed (security wise)...
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Drop as well cross reference to DLA in CVE-2022-35229
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] "new" python issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add two new batik issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] inetutils spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] update entry for CVE-2021-30047, vsftpd is the archvie, but the ID is still bogus
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bitcoin removed, good riddance
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41105/python
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-48547/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-48538/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-48174/busybox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via experimental for CVE-2023-3019/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-4806{3,4,5}/binutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-48522/perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more binutils CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2022-45582/horizon
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more binutils CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-29654/nasm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add python2.7 entries to some "new" python CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-30570,libreswan: Buster is not affected
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2016-1585/apparmor via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-43358/libasass
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct severity of CVE-2022-29654
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new k8s issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Correct version for CVE-2022-29654
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new wireshark issues: CVE-2023-451{1,2,3}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] rust-rustls-webpki fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3541-1 for w3m
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] batik fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-29654/nasm as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4042/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new CVEs for airflow, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-43357/libsass
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new CVEs for radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-26592/libsass
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new CVEs for djvulibre
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-46179/upx-ucl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-46174/binutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35342/binutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust notes for two older binutils CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new (old) freeimage CVEs (yet with open upstream issue)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] tryton-server DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] track tryton fix in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-41444/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-41444/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-40211/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-34193/opensc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-33390/dpic
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new "old" set of dpic CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop information on CVE-2023-38288 and CVE-2023-38289
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-34040/kafka
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] wireshark fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-32292/json-c
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-26683/mupdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track some new "old' freeimage CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-22219/flac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-21896/mupdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2022-48566
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2022-48560
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some additional reference for CVE-2022-4856{4,5}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4320 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38831 and CVE-2023-40477
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-46884/firefox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-29390/libjpeg-turbo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-35357/gsl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] fix tag
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: drop gawk, aligning with other dists
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: reference samba status update e-mail
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] new ansible issue (sparse information)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new python issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-37154 as unimportant for monitoring-plugins
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-22218/libssh2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-22217/c-ares
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-21890/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new CVEs for oggvideotools
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-21710/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-21679/graphicsmagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-21583/util-linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-21528/nasm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-21490/binutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three nasm issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4508/gerbv
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4478/mattermost-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark batik issues as no-dsa as per discussion with maintainer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for batik trough {bookworm,bullseye}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39742/giflib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-18781/audiofile
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-38831 for now as WinRAR specific
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tags for CVE-2023-40217
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-41105/python3.11 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40577/prometheus-alertmanager
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two old bianryen CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-19726/binutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-18768/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-21047/elfutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-19724/binutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-18831/exiv2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-18780/nasm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-18770/zziplib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-1865{1,2}/exempi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-2906/wireshark
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41080/tomcat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40587/python-pyramid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-4508/gerbv
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40577
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add and claim unrar-nonfree and rar again.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Really claim rar and unrar-nonfree
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-20212/clamav as not-affected ofr buster and bullseye
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3542-1 for unrar-nonfree
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3543-1 for rar
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Fixup up back introductory sentence
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for unrar-nonfree and rar via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop CVE-2023-32001 as rejected
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2023-4508/gerbv
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-48522
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for librsvg update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2023-40577
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust one source package name for NFU product
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some "new" CVEs for ncurses
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2022-39269 for src:ring
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add flac to dla-needed
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add tiff to dla-needed
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] 19 commits: Add trafficserver to dla-needed
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Mark poppler CVEs as no-dsa for buster
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3544-1 for clamav
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Take flac
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Update status for ncurses issues according to the maintainer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] fix entry for labstack echo
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3545-1 for flask-security
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] LTS: claim opendkim in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Revert "LTS: claim opendkim in dla-needed.txt"
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Fill in information for now re-assigned CVEs for tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: update note
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Reclaim opendmarc.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3546-1 for opendmarc
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tag for CVE-2023-40577
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2020-22219
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two "new" hdf5 CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Exand todo item for CVE-2020-23793
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for nodejs issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40587/python-pyramid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1000656,CVE-2019-1010084/flask: clarify situation a little more
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39810/busybox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bullseye/bookworm/samba triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openssl spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openssl ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4563/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4569/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark two hdf5 issues as unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-21469
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] indent spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41361/frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41360/frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: take openjdk-11
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Take tryton-server
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] new libpf4j-java issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new firefox issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] yara non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Document expected behaviour for check_by_ssh in monitoring-plugins
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41359/frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41358/frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3547-1 for tryton-server
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Add buster tryton-server 5.0.4-2+deb10u2 entry in data/CVE/list
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: take orthanc and tiff
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-31102 and CVE-2023-40481
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-4082{6,7,8}/libpf4j-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-24165/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two zbar issues, with unclear upstream status
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for clamav via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for clamav via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3548-1 for qpdf
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3549-1 for ring
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Take file from dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for oggvideotools issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox via unstable for mfsa2023-34 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr for mfsa2023-36 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-3153/ovn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] python3.12 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4611/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41153/webmin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-4586 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4567/ansible
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4572/chromium
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39615/libxml2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed rar update via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-34193: Add additional reference confirmed/mentioned by upstream to...
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3550-1 for opendmarc
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim python-mechanicalsoup.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] firefox-esr, json-c DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: take trafficserver
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41037/node-openpgp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-36811/borgbackup
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-36811: Reference upgrade procedure for CVE-2023-36811 fix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41039/restrictedpython
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40184/xrdp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38802/frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3551-1 for otrs2
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] libpf4j-java fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new openbgpd issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] python-git n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] chromium issue fixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new thunderbird issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add exfat reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-20900/open-vm-tools
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-39615/libxml2 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-20900/open-vm-tools
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2023-39552
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2023-36119
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes for rejected CVE-2023-37151
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add four new gpac issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for linux issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3552-1 for gst-plugins-ugly1.0
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] ZDI-CAN-2144{3,4}/gst-plugins-ugly1.0: Add buster fixed versions
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add new freerdp2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more freerdp2 CVEs
Salvatore Bonaccorso ( at carnil)
Last message date:
Thu Aug 31 23:09:57 BST 2023
Archived on: Thu Aug 31 23:10:00 BST 2023
This archive was generated by
Pipermail 0.09 (Mailman edition).