July 2023 Archives by thread
Starting: Sat Jul 1 07:36:56 BST 2023
Ending: Mon Jul 31 21:59:16 BST 2023
Messages: 800
- [Git][security-tracker-team/security-tracker][master] Sync two linux CVEs with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for cdb-libs via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-2908/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3297/accountsservice
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-33201/bouncycastle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Clarify with TODO that we think CVE-2023-3117 should be considered duplicate of CVE-2023-3390
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts-do-call-me: move info from packages.yml LTS package database
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2023-33460 as postponed until newer releases got a fix
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2022-2309 as no-dsa for Buster
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2020-8908 and CVE-2023-2976 as no-dsa for Buster
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] cairo fixed in experimental
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mediawiki fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gst-plugins-bad fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] texlive-bin fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two linux CVEs via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new gradle CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-33201/bouncycastle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 5 commits: mark CVE-2023-36675 as not-affected for Buster
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] gst-plugins DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add fix references for CVEless entries
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-36191 /sqlite3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-37365/hnswlib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-37360/pacparser
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track version where whitedb starts using system yajl library
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] libheif fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] yajl fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-3439: Ass oss-security post reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3478-1 for yajl
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Fix version number of yajl upload
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Track proposed yajl updates via {bookworm,bullseye}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24795 and CVE-2017-16516 also affects yajl.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2017-16516 and CVE-2022-24795 for now as unfixed according to #1040036
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in embedded-code-copies for yajl.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] LTS: take openimageio
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Triage packages with embedded code copies of yajl for CVE-2022-24795,...
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] xqilla also embeds yajl, is vulnerable to CVE-2017-16516 and CVE-2022-24795.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Remove some source package listings for yajl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add gst-plugins-*
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] add tiff
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Fix one source package name
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-24809,nethack: fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed versions via unstable for nvidia-graphics-drivers-tesla-510 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track nvidia-graphics-drivers-tesla-510 as removed from everywhere
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take tiff
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] 3 commits: add yajl
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] dla: typo
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] also track legacy gst source packages for recent issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-36053/python-django
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim renderdoc in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ghostscript update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new nsis issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] osslsigncode CVEfied
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bogus report for obs-studio
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new openimageio issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove one copy paste typo in NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new pypdf issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] django fixed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-36813/kanboard
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2023-36810
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2023-36807
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2023-36807/pypdf2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-36464/PyPDF2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark rtpproxy as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Note CVE-2022-46871 (libusrsctp) as ignored for buster
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Fix syntax/ordering for CVE-2022-46871/libusrsctp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-1295/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Record necessary commit for CVE-2023-3428
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-36183/openimageio
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2023-37360/pacparser
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for pypdf issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via experimental for perl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: drop python-oslo.privsep, only open is marked 'unimportant'
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2023-22
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2023-23
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2023-24
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add rouca for ruby-redcloth
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: add nsis
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: add pypdf2
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr via unstable for mfsa2023-23 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox via unstable for issues in mfsa2023-22
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-23064/jquery
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3255/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-24535
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from now REJECTED CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reclaim qt4-x11
Scarlett Gately Moore ( at sgmoore)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3269/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2023-3269
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new ruby::uri issue, apply some hacks to mark Buster as affected
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new orthanc issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libpam-krb5 unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track two source-wise fixed issues in linux/6.1.37-1 but irrelevant for the DSA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark a few linux issues as non issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update CVE-2023-34256 and consider it unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take pypdf2
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] one more linux issue unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] two new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-33460 does not affect ruby-yajl
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] LTS: take over golang-yaml.v2 and qt4-x11
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] remove <postponed> for one mw issue which will be fixed in DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mediawiki DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-36649 fixed in older suites
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: unclaim python-glance-store
Jochen Sprickerhof ( at jspricke)
- [Git][security-tracker-team/security-tracker][master] LTS: CVE-2021-4235/golang-yaml.v2 will be fixed
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust comment to cover 6.1.y versions
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-31248/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-35001/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3515/gitea
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] DLA-3479-1 for golang-yaml.v2
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Add new glpi issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-34457/python-mechanicalsoup
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update CVE-2023-33460 information for ruby-yajl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2023-35170 (duplicate CVE)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: add xqilla
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] dla: claim nsis
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-32247/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-32248/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-32252/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-32257/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add docker.io NOTE in dla-needed about review testing
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-32258/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add ZDI references for linux issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add bug for CVE-2023-31606
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2023-2911 in bind9 for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reclaim libusrsctp
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-31606 as no-dsa for bookworm and bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new glpi issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in NFU for Uptime Kuma product
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-35936/pandoc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2023-3745{3,4}/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-21255/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3531/teampass, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-36823/ruby-sanitize
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issues in mastodon, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3480-1 for ruby-redcloth
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3481-1 for libusrsctp
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3523/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3482-1 for debian-archive-keyring
Jochen Sprickerhof ( at jspricke)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-26136/node-tough-cookie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-5449-1
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Drop notes for rejected CVE (duplicate)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fix note for CVE-2021-3838
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Claim php-dompdf for rouca
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add fix for CVE-2021-3902
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] setup-repo: ensure hooks directory exists
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] three duplicates
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new bitcoin issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gitlab n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new sqlfluff issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3483-1 for nsis
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] new yt-dlp issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new glpi issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] xpdf n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Python non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] KeePassXC non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add reference for qemu issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] node-tough-cookie fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new libcoap3 issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new librecad non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new kodi issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] historic firefox issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new node-dottie issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new nvidia-cuda-toolkit non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] firefox n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" scipy issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] firefox-esr DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] kodi div/zero was already tracked, merge entries
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new iotjs issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: EOL webkit2gtk in buster
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3484-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for CVE-2021-3838 commit upstream
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3902: Replace with commit inside the repository
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Revert "setup-repo: ensure hooks directory exists"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark glpi issues as unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2023-26132 upstream commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-37270/piwigo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-25399/scipy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-25433/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24439/python-git: clarify there's 2 fixes to apply
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3485-1 for php-cas
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3486-1 for ocsinventory-server
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-30362 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3487-1 for fusiondirectory
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2023-33466/orthanc via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track embedded copy of libzstd in python-zstd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for enigma embedding lua5.1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for lua5.3 via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some info to the glib2.0 CVE-2023-24593 and co notes
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Add new issues in teampass
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] node-dottie fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] fix CVE ID list
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Mark CVE-2023-36201 as ignored for buster
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Remove annotation from CVE-2023-34254 of unimportant severity
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3567/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new gitlab issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new jhead issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new node-semver issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new percona-xtrabackup issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libpano13 CVE duplicate
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" mujs issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" radare2 issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gnuplot non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" iotjs issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add wip note to glib2.0 in dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] "new" sogo issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" pdfcrack issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" vim issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new spip issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add spip reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: claim node-tough-cookie in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] nvidia-graphics-drivers-tesla-470 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Properly group source package entries together
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-23066 and sync with CVE-2020-17480
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-28550: Reference non-merge commit upstream and add upstream tag
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for upstream commit for CVE-2022-25883
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2021-33796
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2021-3249{4,5}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2020-25969
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track spip proposed updates via {bookworm,bullseye}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixing version via unstable for CVE-2022-2309/libxml2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Trck propose smarty4 update via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track proposed update for node-tough-cookie via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for node-dottie via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3488-1 for node-tough-cookie
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for nvidia-graphics-drivers-tesla-450 via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed updte for nvidia-graphics-drivers via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for nvidia-graphics-drivers-tesla-470 via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for nvidia-graphics-drivers-tesla-470 via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for tang via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for node-tough-cookie via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for node-dottie via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-36674,mediawiki: Buster is not affected.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-46165 as ignored
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libxml2 via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3108/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3490-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] LTS: claim pandoc in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] 5 commits: Triage CVE-2022-28550 in jhead for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3491-1 for erlang
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add new iperf3 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim bind9 in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3600/firefox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] qemu fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new airflow issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: claim xqilla in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] iperf3 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3492-1 for yajl
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Add four new sox issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-25193/harfbuzz via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix source package name for CVE-2023-33460/ruby-yajl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track masqmail as removed from every supported suite
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2021-4342
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-36824/redis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-36824/redis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-37378/nsis issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] qemu spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3493-1 for symfony
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Claim flatpak in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] firefox fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-29406/golang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2023-29406
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new libssh issue (n/a)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] nvidia-graphics-drivers fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new tiff issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] redis fixed in sid/new issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2022-24834 in redis for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-20703 in vim for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3494-1 for ruby-doorkeeper
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] new apache-jena issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track proposed yajl upate via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-33460
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed nvidia-graphics-drivers update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track pproposed update for nvidia-graphics-drivers-tesla via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for yajl via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream commit in 7.0.12 for CVE-2022-24834
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-3618/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add four new gpac issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3106/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2023-28862/lemonldap-ng.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3019/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3640/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove flatpak from dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2023-37174, CVE-2023-37765, CVE-2023-37766 & CVE-2023-37767 in gpac for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage spip issue for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Remove crun listing from yajl issues as it has not security impact from embedded copy at all
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add iperf3
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-3902: not-affected
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add description for CVE-2021-3902
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Sort suites top down
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Use correct brackets for temporary description
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary description for CVE-2021-3838
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3495-1 for php-dompdf
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add and claim iper3 in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark crun's embedded yajl copy as unused (not-affected)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for linux via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for nvidia-graphics-drivers-tesla issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2023-26130
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3496-1 for lemonldap-ng
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] nvidia-open-gpu-kernel-modules fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] linux n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new wireshark issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new libjpeg issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new cmark-gfm issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new Qt issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] okio n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Correct triage for CVE-2023-35001
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new restrictedpython issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new opendkim issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new zabbix issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] change nftables duplocate to NOTE
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] cpp-httplib spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] nvidia-open-gpu-kernel-modules spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-36807 does not affect buster or bullseye
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] gpac DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: Add notes
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2023-37278
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2023-3783{6,7}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-37271: Reference commit from 5.3 version upstream
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3497-1 for pypdf2
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-2975/openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new CVE-2023-3825{2,3}/w3m
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38199/modsecurity-crs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38325/python-cryptography
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-38325/python-cryptography
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2012-66{98,99} and CVE-2012-6700
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] "new" freetype isue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] fill in details for openssl
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for wireshark issues fixed via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new issues in pnp4nagios
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38336/netkit-rsh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage python-django for buster LTS (CVE-2023-36053)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] xqilla's yajl is ancienct, around 0.2.2 and is not vulnerable to CVE-2017-16516 and CVE-2022-24795.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Document xqilla triage for buster. (embedded yajl ancient, not vulnerable to this CVEs.)
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] 6 commits: Triage CVE-2023-37463 in cmark-gfm for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-24439/python-git: reference follow-up fix
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] freetype duplicate
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new cjose issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rails issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] frr fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] node-semver fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Drop two entries for xqilla
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from two CVEs which are withdrawn by its CNA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for CVE-2023-37464/cjose
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update metadata for CVE-2023-28362
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-22995/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-23006/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] update notes
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] kanboard DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] move kanboard spu entry, implicitly released along with the DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for iperf3
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] lts: reclaim openjdk-11
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] re-claim libreoffice and update notes
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] LTS: claim libapache2-mod-auth-openidc in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] 2 commits: xrdp commit references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add fixed versions in bookworm/bullseye for temp iperf3 issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] iperf3 CVEfied
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new linux issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new chef issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new linux issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new wolfssl issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new openrefine issue (and rewrite older NFUs)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new faust issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] fix data/dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3498-1 for bind9
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] mark nettle as n/a in general
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2023-38431 with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2023-38432/linux with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2023-38430/linux with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2023-38427/linux with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop v prefix from kernel commits for kernel-sec consistency
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2023-38428/linux with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2023-38429/linux with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2023-38426/linux with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-38409/linux and sync with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-37788/golang-github-elazarl-goproxy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-33265/hazelcast
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for CVE-2023-3724 upstream commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-37476: Add reference to commit in 3.7.4
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-3618/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-47085 but with unclear status
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3499-1 for libapache2-mod-auth-openidc
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new curl issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new openjfx issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new Java issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new virtualbox issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mysql issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add comment for nodejs
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] fix comment
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] curl CVE-2023-32001: Update affected details and 'introduced by' commit
Samuel Henrique ( at samueloph)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3500-1 for python-django
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] openjdk-11/openjdk-17 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] hnswlib fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new open-vm-tools issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new openssl issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] hnswlib spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] xqilla's embedded yajl is not affected by CVE-2017-16516 and CVE-2022-24795
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] virtualbox fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new imagemagick issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-35936/pandoc: Add links to regression commits.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] pcre2 non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Correct version for chromium version in last update round
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-34967/samba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-2127/samba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-34968/samba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-34966/samba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3347/samba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for samba issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Review list for accepted and not yet accepted packages for bookworm 12.1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-32001: Use full commit ids for the references
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in package notes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-3745/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38408/openssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2023-38408/openssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] openssh fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-1386/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3748/frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3750/libvirt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium DSA
Moritz Muehlenhoff ( at jmm)
- alioth-lists IT services decision makers
Ellie Madison
- [Git][security-tracker-team/security-tracker][master] new webkit issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add some note about SALT state
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] LTS: Add notes for pandoc/CVE-2023-35936.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3812/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop all notes from CVE-2023-25180 and CVE-2023-24593
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-37378/nsis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add WebKit version numbers for CVE-2023-37450
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Add two new nomad issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-37276/python-aiohttp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2023-37276
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track python-aiohttp embedding llhttp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-38408 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for three consul issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-34434/mosquitto
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new libsndfile issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two older issues in htmldoc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Merge linux changes for bookworm 12.1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-5457-1
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2023-0006
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Add description to CVE-2023-37450
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] bugnum
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3609/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3610/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3611/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3776/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] List CVE-2023-32393 for DSA 5396-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: precise note authors
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] bookworm/bullseye triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openjdk-8 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: claim grpc
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38633/librsvg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for linux upload via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new openbabel issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new monit issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new pygments issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] nomad n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new elfutils non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] binutils non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" redis issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new asn1c non issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-3750
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference fixing commit for CVE-2023-3750/libvirt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-38633/librsvg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-3750/libvirt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-32001/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust the fixing commit upstream for CVE-2022-26563/monit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag references for CVE-2022-40896
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add notes on pull request introducing issue for CVE-2021-31294
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-34457/python-mechanicalsoup
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-37769/pixman while retaining the TODO item
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for openssl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for mysql-8.0 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3417 and CVE-2023-3600 for thunderbird
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-3732{7,8,9}/gst* assigned in meanwhile
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] ruby-doorkeeper-openid-connect not directly impacted
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] glib2.0/buster: add note
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Fix date on latest glib2.0 note
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Add python-git to dla-needed.txt and assign it to Sylvain.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-20593/amd64-microcode
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add amd64-microcode
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add more zenbleed refs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-20593/amd64-microcode
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] amd64-microcode fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-34478/shiro
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3863/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-25513/nvidia-cuda-toolkit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove todo item from CVE-2023-34478/shiro
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track with cloned bug as fixed separately CVE-2023-25513
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] drop no-dsa from unimportant entries
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3501-1 for renderdoc
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Track linux for CVE-2023-20593
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3828{8,9}/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38745 and cross-reference from CVE-2023-35936
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3502-1 for python-git
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-35936/pandoc: Add bug number.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] new rackrabbit issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mysql-8.0 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3503-1 for gst-plugins-bad1.0
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3504-1 for gst-plugins-base1.0
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3505-1 for gst-plugins-good1.0
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3506-1 for iperf3
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Claim openimageio in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] NFU CVE-2023-38647
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] openjdk-17 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3507-1 for pandoc
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] LTS: take cairosvg
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-{35936,38745}/pandoc fixed in sid.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Revert back status for CVE-2023-38745 as the incomplete fixes were never applied in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-1428/grpc: introductory commit + buster triage
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for amd64-microcode
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-37464/cjose
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove CVE-2023-38745/pandoc from DLA-3507-1.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3772/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3773/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] "new" gbrowse issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] remove burp tracking for CVE-2023-33460, not a security issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add nvidia-graphics-drivers-tesla-418 to source packages to ignore for reporting
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ostree n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] track additional source packages for pdftk issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3637/neutron
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new gdb issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38502/tdengine, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-37920/python-certifi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new CVEs for envoyproxy, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] pandoc spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] curl DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update CVE-2023-3417: The issue affected thunderbird out of experimental and...
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-3417/thunderbird via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update CVE-2023-1428 for all suites
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-30577/amanda
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-38496 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] yasm non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38285/modsecurity
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from now rejected CVE CVE-2023-21261
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add libmail-dkim-perl to dla-needed.txt and assign it to Sven Bartscher.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Remove openjdk-8 from CVE-2023-22041 and CVE-2023-22044
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-1401 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3508-1 for linux
Ben Hutchings ( at benh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3509-1 for libmail-dkim-perl
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] new qt issue (fixed in sid along with another one)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Drop whitespace.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-38408
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one CVE for yii, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Re-associate one CVE to yii, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2023-3269
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3598/chromium
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark src:kfreebsd-10 as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-3748/frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-37788
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-38285/modsecurity
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-39018 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-32001 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFU CVE-2023-36542
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-37895,jackrabbit: triage as no-dsa for all suites
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-23064,jquery: mark as ignored for Buster
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2023-38633/librsvg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark nomad as removed now from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tempoary item for ntpsec issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add ntpsec to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2021-37819,libitext*-java: no-dsa for Buster
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-33064,CVE-2022-33065,libsndfile: mark Buster as no-dsa
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for linux issues fixes via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA numbers for linux update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: set myself as a FD for next week
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add upstream tag reference for CVE-2022-34927 fix upstream
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2023-38408,openssh: triage as no-dsa for Buster
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-30577,amanda: Link to fixing commit
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-28864,chef: Link to CVE description, impact, remediation
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-3648 does not affect buster or bullseye
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] librsvg fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] older binutils issue fixed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Adjust commit id for CVE-2018-12934 upstream commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via unstable for ntpsec issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] binutils fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] fill in details for tiff issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: update note
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reverse order of the CVEs for tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 9 commits: Add cjose to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] LTS: claim nodejs and cjose in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] 9 commits: CVE-2023-38199,modsecurity-crs: mark buster as postponed
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] change jackrabit to unimportant severity
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] claim frr
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4004/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take pdfcrack
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3510-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2014-8130/tiff is fixed since 4.0.5-1 (or earlier)
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim orthanc.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-2731/tiff does not affect buster or bullseye
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Claim amd64-microcode
Jochen Sprickerhof ( at jspricke)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-2908/tiff does not affect buster
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] two Ubuntu-specific Linux issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3511-1 for amd64-microcode
Jochen Sprickerhof ( at jspricke)
- [Git][security-tracker-team/security-tracker][master] new quartz issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: update notes
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim open-vm-tools
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Take chef
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add commit for fixing bouncycastle CVE-2023-33201
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Fix amd64-microcode version
Jochen Sprickerhof ( at jspricke)
- [Git][security-tracker-team/security-tracker][master] amd64-microcode add missing CVE
Jochen Sprickerhof ( at jspricke)
- [Git][security-tracker-team/security-tracker][master] Properly fix DLA-3511-1
Jochen Sprickerhof ( at jspricke)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2023-32731/grpc: precise links + buster not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] tiff: Fix the metadata for the CVE-2022-3599/CVE-2022-4645/CVE-2023-30086/CVE-2023-2908 mess
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] LTS: take openssl
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-25434/tiff had the same fix as CVE-2023-0795
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-22402: mark as not-affected for buster
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-25435/tiff had the same fix as CVE-2023-0795
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-0330/qemu: fix is available, update buster triage
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-25434/CVE-2023-25435: fix my off-by-one in the releases
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-30774/tiff also has the same fix as CVE-2022-3599/...
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3512-1 for linux-5.10
Ben Hutchings ( at benh)
Last message date:
Mon Jul 31 21:59:16 BST 2023
Archived on: Mon Jul 31 21:59:21 BST 2023
This archive was generated by
Pipermail 0.09 (Mailman edition).