December 2023 Archives by thread
Starting: Fri Dec 1 06:06:43 GMT 2023
Ending: Sun Dec 31 22:44:22 GMT 2023
Messages: 860
- [Git][security-tracker-team/security-tracker][master] Track proposed mariadb updates for bullseye-pu and bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-40188/freerdp2: notes on ghsa inconsistencies
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] track CVE-2023-35936 also for haskell-pandoc
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] give more info about regressions in some CVE related to samba/bullseye-and-older
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new tiles issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Tidy golang-1.11 buster triage
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-49081,CVE-2023-49082/aiohttp: buster postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add ncurses
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add intel-microcode
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] sgt-puzzles: buster end-of-life
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-45360/mediawiki: precise buster triage
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: claim ncurses in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] nghttp2, rabbitmq-server DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-49298/zfs-linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark i2p as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libsfml/libstb code copy fixed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-45286
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update todo item for CVE-2023-49277
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-44402/electron
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add roundcube
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: claim roundcube in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] dla: add spip
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add ansible
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-36811/borgbackup: follow stable triage for buster
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: claim spip in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Mark golang-1.19 as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup list of packages to ignore for bug reporting
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3680-1 for opendkim
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Reference commit from bleed for CVE-2023-47038
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2023-47100
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-49087 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2016-10730/amanda fixed with 1:3.3.9-1
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] CVE-2016-10729/amanda fixed with 1:3.3.9-1
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3681-1 for amanda
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-41678/activemq
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-49735/tiles
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for libowasp-antisamy-java via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Note version which landed in unstable for libsfml
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-46589,tomcat10: fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track proposed fixes for xen via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for amanda via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for qemu via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking for proposed opendkim update via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3682-1 for ncurses
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-4957/librespeed-speedtest, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5572-1 for roundcube
Sebastien Delafond ( at seb)
- [Git][security-tracker-team/security-tracker][master] arm-trusted-firmware fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new consul issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new htmlunit issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: add note
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-33202,bouncycastle: link to fixing commit
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-37706/ring
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark linux-wlan-ng as removed from every supported suite
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-5764/ansible-core
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-6378/logback
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in notes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-6378/logback
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on logback issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-48866/grocy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-5764/ansible-core
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3683-1 for roundcube
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: cacti status
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-49285/squid assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-49286/squid assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-49288/squid assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for logback via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49284/fish
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49080/jupyter-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new CVEs for traefik, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-49080 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-49284 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-49080
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-49284/fish
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] tinydir potentially affects a few source packages
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for r-cran-jsonlite via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2023-0011
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] data/ela-needed.txt: claim netatalk
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-45287/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-6277/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-45283/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-45285/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39326/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-43628/gpsd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2023-43628/gpsd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41835/libstruts1.2-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional note for libspf2 as this is a recurring question
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49297/pydrive2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new curl issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Annoate commits with upstream tags for curl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-39326 and CVE-2023-45285 for golang-1.20
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-39326 and CVE-2023-45285 for golang-1.21
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct upstream tag information for CVE-2023-45539
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take tzdata
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for curl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-49297/pydrive2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] xen updates for spu fixes and bullseye EOL
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Take haproxy from dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-40225: Reference commits in 2.2 and 2.6 repository
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two issues for mattermost
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49096/jellyfin, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-46751/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two curl issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove todo item for CVE-2023-46751
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-43628/gpsd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: add haproxy
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5384 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6560/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2023-30577/amanda
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3684-1 for tzdata
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim haproxy.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] nuget removed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-39968/jupyter-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50164/libstruts1.2-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new libheif issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issues in libde265 (upstream status not fully clarified)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-48958/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-46871/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues addressed via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Review list of bookworm-pu updates (likely) accepted in 12.3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct version for weborf via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark CVE of gpac as EOL in Buster
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-45866/bluez
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Align tracking for CVE-2023-25775 with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6606/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6610/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6622/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark busybox CVEs as no-dsa
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] chromium DSA
Andres Salomon ( at dilinger)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Drop bookworm entries for gimp-dds (removed from bookworm)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6507/python
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-47465/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-46932/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two issues in seafile (server part, seafile-server, itp'ed)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for jruby issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVEs for gpac as EOL in Buster
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50431/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-43628/gpsd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2023-45866/bluez
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-45866/bluez
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add bluez to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2023-32804 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: add curl
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2023-33202
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2023-36823/ruby-sanitize
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track new CVEs in zammad, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take curl
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] new libreoffice issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim bluez.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-618{5,6}/libreoffice
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2023-49355
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reclaim rabbitmq-server in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] libreoffice DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-39513/cacti: bullseye still affected, wrong patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-39513/cacti: add initial fix for clarity
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6679/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove listing of CVE-2023-39513 from DSA 5550-1 fixes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-5575-1
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39804/tar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2023-6536/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-39804/tar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2023-6535/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2023-6356/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for new wordpress issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim python-django.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3685-1 for debian-security-support
Holger Levsen ( at holger)
- [Git][security-tracker-team/security-tracker][master] Add new script to fetch CVE descriptions from MITRE
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Makefile: add an update-cve-descriptions target
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] new mattermost issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new espeak-ng issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-46837/xen
Salvatore Bonaccorso ( at carnil)
- Processing 18d41a1fc1dbfde21265aea0e624d10f556d2985 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] new ncurses issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-50495/ncurses
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2023-42805/rust-quinn-proto
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] correct version number for debian-security-support buster upload
Holger Levsen ( at holger)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-46751/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] correct version number for DLA-3685-1 to the wrong one really used
Holger Levsen ( at holger)
- [Git][security-tracker-team/security-tracker][master] Add two new xorg-server issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49921/elasticsearch, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5379/undertow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6710/libapache2-mod-cluster, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for xorg-server update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3686-1 for xorg-server
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5616/gnome-control-center
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: add chromium for another round
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for xorg-server via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for xwayland issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: retake suricata
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-39804/tar via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50428/bitcoin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new issues in php-dompdf-svg-lib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track two more embedded copies of php-dompdf-svg-lib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-46675/kibana
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-45725/couchdb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2015-8314/ruby-devise
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-5616/gnome-control-center
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-5616/gnome-control-center as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for php-dompdf-svg-lib issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-31210/check-mk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3687-1 for rabbitmq-server
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reference upstream merge request for CVE-2023-5616
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new Slurm issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2023-50781/m2crypto
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2023-50782/python-cryptography
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Clarify CVE coverage of CVE-2023-5078{1,2}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-48702/jellyfin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50262/php-dompdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream fix for CVE-2023-49463/libheif
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add budgie-extras issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one more NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3688-1 for haproxy
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add fixing commit for CVE-2023-49462
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixing commit for CVE-2023-49460
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional information for budgie-extras issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3689-1 for bluez
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50269/squid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5047{1,2}/cjson
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49786/asterisk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49294/asterisk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-46750/shiro
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-37457/asterisk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50268/jq
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50246/jq
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new glpi issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-34194/tinyxml
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via unstable for CVE-2023-49082 and CVE-2023-49081
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via experimental for CVE-2023-45866/bluez
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-46750/shiro
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add slurm-wlm Debian bug references for recent issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add slurm-wlm to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-50269
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bookworm/bullseye triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-49355/jq
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for two jq issues with fix in 1.7.1 upstream
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-45866/bluez via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two jq issues fixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ghostscript update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6291 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim intel-microcode in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Revert "CVE-2023-39366/cacti: all the code path for the CVE vector appears to...
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-17177/freerdp: reference sanctioned patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-17177/freerdp: stretch not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: unclaim tinymce, with a NOTE
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-50262/php-dompdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add myself for tomcat
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3690-1 for intel-microcode
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Give back tomcat9
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Take ansible
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-50262/php-dompdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50784/unrealircd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note about CVE-2020-1736 that is considered a documentatio issue upstream
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add note about CVE-2020-1736 documentation fix by ustream
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-3447 pull request
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3686-2 for xorg-server
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-3447 as fixed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add fix for CVE-2019-14858 for ansible 2.7
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-14905 add ansible 2.7 fix
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Document that CVE-2023-4237 is fixed by ansible/ansible-core fix in ansible
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Document ansible/ansible-core split in embedded-code-copies
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add fix for CVE-2023-4237
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-4237 as concern for ansible
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-4380 may be a AWX or RedHat only CVE
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add a note about triaging ansible
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Revert "Document ansible/ansible-core split in embedded-code-copies"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Wrap long note and remove duplicate information
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adapt information to directly reference upstream commits with upstream tags
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add upstream tag information for upstream commits for easier tracking
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adapt information for CVE-2023-4237
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-27534/curl: Add regression
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-27534/curl: This is a regression *fix*
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-46218/curl does not affect buster
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add libreoffice and haproxy to dla-needed
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2023-50781/m2crypto as no-dsa for buster
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-39804/tar as no-dsa for buster
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-4999{0-5}/espeak-ng as no-dsa for buster
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3691-1 for spip
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] 7 commits: Mark slurm-llnl CVEs as end-of-life for buster
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Take zfs-linux
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reference upstream fixes for CVE-2023-5047{1,2}/cjson
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add curl to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new libcrypto++ CVE entries
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add reference for asterisk
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2023-0012
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update notes of squid and bouncycastle in dla-needed.txt and reclaim the
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] freeimage DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2023-4879{5,6,7}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add oss-security reference for terrapin-attack post
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove additional space in note
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference commit from OpenSSH implementing strict key exchange
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add further set of packages needing fixes for CVE-2023-48795
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for putty via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add openssh to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commits for putty for CVE-2023-48795
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-5580-1
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Add references for asyncssh for CVE-2023-48795
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for paramiko for CVE-2023-48795
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add libssh references for CVE-2023-48795
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6918 and CVE-2023-6004
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2023-48795 for golang.org/x/crypto/ssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2023-48795 for dropbear
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add missing closing bracket in note
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] libssh: Reference fixes from stable branch
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two openssh issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for ldap-account-manager and adjust bug reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6817/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 5 commits: add openssh
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] LTS: claim dropbear and libssh2 in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] reclaim varnish in dla-needed.txt
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Track fixed issues in openssh via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for php-dompdf-svg-lib issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for libxml2 via experimental
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track upstream status for libssh2 for CVE-2023-48795
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2023-1192 with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2023-4273 with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2023-46813 with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2023-5178 with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-6610/linux as unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6927 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add erlang for CVE-2023-48795
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3692-1 for curl
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-48795/dropbear
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking bug references for CVE-2023-48795 in various sources
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new rust-zerocopy issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update information forCVE-2023-48795/libssh2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2023-28531/openssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-11096/freerdp: reference patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-49294/asterisk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-49786/asterisk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-48795/erlang in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove libssh2 from dla-needed.txt.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add tracking for jsch in CVE-2023-48795
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two asterisk issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tinyssh tracking in CVE-2023-48795
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new firefox issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new firefox-esr issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new thunderbird issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2023-38703 commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6931/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6932/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49006/phpsysinfo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-43826/guacamole-client
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2023-6135 (not yet public)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for tinyssh issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for additional libssh issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues (mfsa2023-55) via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-49284/fish via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed verison for CVE-2023-6135/firefox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for CVE-2023-6135/nss via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for espeak-ng issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for virtuoso-opensource issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6944 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-48303/tar via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2022-48303/tar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] espeakup commit references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for new gst-plugins-bad1.0 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] proftpd terrapin reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update information on to be rejected CVE-2023-49355
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream tag reference for proftpd commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add trilead-ssh reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Slightly re-arrange notes and more consistent ordering of source packages
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-48795/proftpd-dfsg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] proftpd fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-11096/freerdp: regression fix
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-51384: buster/bullseye not-affected
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-41444/cacti: buster not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-30534/cacti: buster postponed + patches
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] firefox-esr DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update upstream commit tag reference for CVE-2020-11096
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-46136 via experimental
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for followup issue in cpio
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50628/ming
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop invalid CVE id for python-asyncssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit references for CVE-2023-4644{5,6}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2023-48795/tinyssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-48795/tinyssh via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for espeak-ng issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-7008/systemd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issue and add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-6873 only affects src:firefox
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rust-unsafe-libyaml issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-48795/tinyssh as unimportant and add explaining NOTE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for SMTP smuggling attack issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for postfix issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add oss-security reference for cpio issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for postfix details
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2019-16723/cacti: add patches versions
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] gst-plugins-bad1.0, thunderbird DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add cross reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Drop unneeded note on consequences for tinyssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for bluez update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim osslsigncode in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] chromium fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-43646/node-get-func-name via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-unsafe-libyaml issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6546/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-7042/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-6606/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-6610
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via experimental for three libsass issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for fish via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-3019/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-51655/intellij-idea, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-47118/clickhouse
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2023-7008 as postponed
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Update status for cpio issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42465/sudo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2023-7008/systemd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for cpio issue in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-39283/freerdp2: buster fixed in DLA-3654-1
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] new mediawiki issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-51713/proftpd-dfsg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new cacti issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] cacti commit references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new clickhouse issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFU / add tinydir references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for openssh update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new w3m issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-39319/freerdp: reference additional patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] add xen to packages not to flag as in need of bugs filed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] no bugs needed for GCC 9/GCC10
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add note about regression introduced by CVE-2023-6004/libssh fixes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add reference for proftpd-mod-proxy
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add openbabel reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for proftpd-mod-proxy issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for linux issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add oss-security reference for CVE-2023-6817/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for spip issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track spip issues fixed via point release update proposals
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference test script post for verifying SMTP smuggling issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] keepass2 issue unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] no bugs needed for py3.10, blocked from testind and soon removed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4256/tcpreplay
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] three QT issues fixed in the gles build
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gomarkdown fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] two more CVEs for tinyxml
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] tcpreplay unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Fix small typo in NOTE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for libssh issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for CVE-2023-49287
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-48795/proftpd-mod-proxy via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark along proftpd-dfsg proftpd-mod-proxy issue as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for spip issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim openssh in dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-39319,CVE-2022-39320/freerdp: fix version typo
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-39320/freerdp: reference introductory commit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-39320/freerdp: fix introductory commit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] take nodejs and curl
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] four nodejs issues ignored for bullseye
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-46490: Add additional references according to maintainer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add filezilla for CVE-2023-48795
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-24609/matrixssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add another set of new cacti issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50254/deepin-reader, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two CVEs for nextcloud-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE to verify for mp3gain
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-37369/qt6-base
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-48704/clickhouse
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix for postfix for #1059230
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track new CVEs for wolfssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-39741/lrzip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note about scope of CVE-2023-7008
Luca Boccassi ( at bluca)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark bullseye/buster as unaffected by CVE-2023-7008
Luca Boccassi ( at bluca)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-37819/libitext-java via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-37819/libitext5-java via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3693-1 for osslsigncode
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-7008
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track followup cpio fix for regression fix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-49088/cacti: clarify link
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-50250/cacti: buster not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-51448/cacti: reference introductory commit / previous CVE fix
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-39360/cacti: buster vulnerable
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Drop commited list.orig file
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for wolfssl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add exim4 for smtp smuggling attack issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-49356/mp3gain
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] curl DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] two nodejs issues n/a or ignored for bullseye
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-48704
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-51443/freeswitch
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Retake tomcat
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Remove bouncycastle from dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-32728/zabbix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-32727/zabbix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-32726/zabbix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-32725/zabbix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-20180
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] 5 commits: mark CVE-2023-48795 as no-dsa for proftpd-dfsg in Buster
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 2 commits: add sudo
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-7090/sudo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Split up temporary SMTP smuggling attacker entry as per assigned CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-51767/openssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2023-7008/systemd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug referende for CVE-2023-51766/exim4
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2023-51765 and add Debian bug reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim libssh in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Clarify situation around CVE-2023-49088 (incomplete fix for CVE-2023-39515)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-50250/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-51448/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop not-affected tagging for CVE-2023-39360/cacti in bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for putty update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add libssh to dsa-needed list (with a note on deferring the updates)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix affected versions for CVE-2023-7008
Luca Boccassi ( at bluca)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-20180: mark as not affected for buster and earlier
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Update fixed commits/versions for CVE-2023-7008
Luca Boccassi ( at bluca)
- [Git][security-tracker-team/security-tracker][master] LTS: claim haproxy in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-51767
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: add putty
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50247/h2o
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41337/h2o
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add tinyxml
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] add libde265
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] zfs-linux fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gitlab issues fixed in sid (more to investigate)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark postfix as no-dsa for bookworm and bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for postfix via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-51763 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-41337/h2o
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-37536
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] more gitlab issues fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add upstream reference for hamster-time-tracker
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: add paramiko
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] add cjson
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] LTS: claim tinyxml and xerces-c in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-51766/exim4 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for exim4 addressing CVE-2023-51766
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-7101/libspreadsheet-parseexcel-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] twisted fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one nodejs issue ignored for bullseye
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new Qt issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Take libssh for DSA release for updates by the maintainer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update entries wich are for opennds
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for opennds issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track some fixes (upstream versions) for opennds
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3694-1 for openssh
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Track as well libspreadsheet-parsexlsx-perl for CVE-2023-7101
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track cacti fixes via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert "Track as well libspreadsheet-parsexlsx-perl for CVE-2023-7101"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference and upstream issue for CVE-2023-7101/libspreadsheet-parseexcel-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Dupicate for now information in CVE-2023-50569
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for opennds issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take sudo
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-51779/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-51780/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-51781/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-51782/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take libreoffice
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] systemd spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-7104/sqlite3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark sqlite3 issue as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-51775/libjose4j-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-51774/ruby-json-jwt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference advisory for CVE-2023-3603/libssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference libssh specific advisory for CVE-2023-48795
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference advisory for CVE-2023-6918/libssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add advisory and short description for CVE-2023-6004
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference report about CVE-2023-51385 and CVE-2023-6004
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add mupdf issues and mark them straight as unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-49949 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50658/jose2go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed postfix update via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2023-51765/sendmail (addresseed inin 8.18.y)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for libde265 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for libde265 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for libheif via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for libheif issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add stable fixed version for CVE 2023-51764
Scott Kitterman ( at kitterman)
- Processing bc8c3df8fb13e63cc20a1f984c07e0f0cd9d7fb3 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] fix syntax for postfix issue, the fixed version will only with the next point update
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] librecad fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] remove three postponed nodejs issues lined up for DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one older nodejs issue fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2023-30259
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-50658
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50255/deepin-compressor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] nodejs DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6531/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50038/textpattern
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6879/aom
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust some older Textpattern CMS entries
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Clarify CVE-2023-26852 NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49469/shaarli
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for haproxy update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop notes from rejected CVE-2023-42927 (got unused from the CNA)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2023-32785
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via unstable for wolfssl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-51074/jayway-jsonpath
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libssh update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2018-1311/xerces-c: Reference fixing commit.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage h2o for buster LTS (CVE-2023-41337)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Triage CVE-2023-51767 in openssh for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3695-1 for ansible
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Revert "Reserve DLA-3695-1 for ansible" data/dla-needed.txt
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Mark ansible as partial released
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3696-1 for asterisk
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Claim asterisk in dsa-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Clarify followup fixes for xerces-c
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for cjson issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-7101 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3697-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3698-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage curl for buster LTS (CVE-2023-27534)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Drop haproxy from dla-needed; CVE-2023-45539 is already fixed
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Process two CVEs for mattermost
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-50572/jline3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add libspreadsheet-parseexcel-perl for dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-51704/mediawiki via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] espeak-ng spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add putty reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add phpseclib tracking for CVE-2023-48795
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for filezilla via {bullseye,bookworm}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for spip issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference blog post for spip issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for mariadb-10.5 via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage libspreadsheet-parseexcel-perl for buster LTS (CVE-2023-7101)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage edk2 for buster LTS (CVE-2019-11098)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2023-51663 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference fixing commit for CVE-2023-7101
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2023-50472 as not-affected for Buster
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libspreadsheet-parseexcel-perl update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add exim4 for pending clarification
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3699-1 for libde265
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3700-1 for cjson
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] libsass fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-50572
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-52263/brave-browser, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3701-1 for tinyxml
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] LTS: claim libspreadsheet-parseexcel-perl in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3702-1 for libspreadsheet-parseexcel-perl
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] LTS: claim php-guzzlehttp-psr7 in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-40462 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference applied patch for CVE-2023-34194 at least temporarily
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-7192/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2023-36546
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-46900/sympa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3703-1 for libreoffice
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-34194/tinyxml
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3704-1 for xerces-c
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] 5 commits: Triage CVE-2023-48795 in filezilla for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] gemmi fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Annotate upstream commits for CVE-2023-49093
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2023-2798 for htmlunit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2023-49287/gemmi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take tiff
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-52284 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3705-1 for php-guzzlehttp-psr7
Guilhem Moulin ( at guilhem)
Last message date:
Sun Dec 31 22:44:22 GMT 2023
Archived on: Sun Dec 31 22:44:27 GMT 2023
This archive was generated by
Pipermail 0.09 (Mailman edition).