November 2023 Archives by thread
Starting: Wed Nov 1 04:25:43 GMT 2023
Ending: Thu Nov 30 23:51:12 GMT 2023
Messages: 829
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] document embedded-code copy of enet in assaultcube.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] golang-golang-x-image fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new golang-github-lucas-clemente-quic-go issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new nvidia issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] exim4 spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] freerdp2 spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new pypdf issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new synapse issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 11 commits: Triage CVE-2023-31022 in nvidia-graphics-drivers for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage lwip for buster LTS (CVE-2020-22283 & CVE-2020-22284)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage horizon for buster LTS (CVE-2022-45582)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Move notes about version to a NOTE entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Slighty update affected status for CVE-2023-46239
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-31022 for 460.x version packages
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag for upstream commit for CVE-2023-43796
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-5871/libnbd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-5871/libnbd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-5871/libnbd via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for mysql-8.0 issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-46695/python-django
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] wordpress fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add one additional chromium issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-46931/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process three more gpac issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-46724/squid assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove "not public yet" note
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE assigned for CVE-2023-46847/squid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-5824/squid assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-46848/squid assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-46846/squid assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix spacing between CVE and temporary description
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-46407/ffmpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: take freeimage
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3972 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] pesign fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for covering vlc fixes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add vlc reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2023-46927, CVE-2023-46928, CVE-2023-46930 & CVE-2023-46931 in gpac for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage keystone for buster LTS (CVE-2021-38155)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3644-1 for phppgadmin
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] bookworm/bullseye triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ATS fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] golang-github-nats-io-nkeys fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5876/mattermost-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Separate bug for squid based on upstream advisories and now assigned CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-46724/squid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42802/glpi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-30577/amanda
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-43796/matrix-synapse
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] vlc DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] chromium DSA
Andres Salomon ( at dilinger)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-46129/nats-server via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for CVEs in linux addressed with the sid upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2023-31794 in mupdf for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage curl for buster LTS (CVE-2023-28322 & CVE-2023-27534)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim tang.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-44271/pillow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42299/openimageio
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed versions for several WebKit CVEs from recent Apple advisories
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bzllseye/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gcc-12 spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5088/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-0778/libpod
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-47233/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new frr issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage netty for buster LTS (CVE-2023-44487)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 6 commits: Triage CVE-2023-46136 in python-werkzeug for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Document openmpi embedding pmix and where switching to system library use
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for pmix update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2023-46361
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for two wordpress CVEs via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take openvm-tools for DLA
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Trck fixed version for CVE-2023-46246/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Remove memcached from dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage node-json5 for buster LTS (CVE-2022-46175)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] matrix-synapse fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-46361/jbig2dec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] GraalVM is not in OpenJDK
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ATS, openjdk-17 DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] exfatprogs spu, python-websockets ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Consider now CVE-2023-5189 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Move listing CVE-2023-39456 to CVE entry only (only affects bookworm update)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add roundcube entry (no CVE yet)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new redmine issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-5574/xorg-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one more NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] more sudo-rs references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3645-1 for trafficserver
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3646-1 for open-vm-tools
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] update notes
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2023-5341/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-47272 assigned for roundcube issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take audiofile
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] lts: add vlc
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-43622/apache2 as n/a on buster
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2023-46361/jbig2dec as no-dsa on buster
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Remove historic top-level todo list for svn to git migration
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5678/openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-5678/openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38407/frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38406/frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop notes from CVE-2023-4610
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Review status for CVE-2023-4701
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from two CVEs for libeconf as confirmed duplicates
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new mattermost CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40660/opensc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40661/opensc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4535/opensc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional references for CVE-2023-40660 and CVE-2023-40661
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-44398/exiv2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-44398/exiv2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-46728/squid assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2023-20267 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-20246/snort
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-5678/openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for redmine issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3647-1 for trapperkeeper-webserver-jetty9-clojure
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2020-14940
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] relcaim freerdp2, update status.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-14940/tuxguitar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim python-django.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Process new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for two faad2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-3885{7,8}/faad2 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3648-1 for tang
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim mediawiki in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-46361/jbig2dec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2020-18781/audiofile
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove audiofile from dsa-needed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-20083 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2023-46254 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-4535/opensc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40660/opensc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] cacti commit references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40661/opensc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-46233/cryptojs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5998/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for vlc issue about MMS url parsing
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track CVE-2023-473{59,60}/vlc and drop temporary tracking entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5996/chromium
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add and assign chromium to dilinger
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4528{3,4}/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for opensc issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark opensc as no-dsa for bookworm and bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2023-47004 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] glusterfs fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Claim DLA-3649-1 for python-urllib3
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2023-5678/openssl as postponed for buster
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add postgresql-multicorn, python-requestbuilder and reportbug to...
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2022-48340
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-47248/apache-arrow, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Move two older NFUs to the itp'ed entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] opensc spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] cacti DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2023-23767
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-46998
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2023-5678/openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add two issues in jbig2enc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2018-11230 to in meanwhile packaged jbig2enc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track three more cacti fixes which went into the bookworm-security upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2023-43907
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference RUSTSEC advisory for CVE-2023-42456
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-39511/cacti as not-affected for bullseye according to maintainer followup
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-43907/optipng
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-39358 and CVE-2023-39360
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-46894/esptool
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6039/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-45857/node-axios
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39198/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Disable another discontinued data source from Red Hat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39197/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Remove mosquitto from dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for squid issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update tracking for workdpress 6.3.2 fixes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6069/froxlor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim ruby-sanitize.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2023-5072/jenkins-json as no-dsa on buster
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Mark CVE-2023-43642/snappy-java as no-dsa on buster
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: remove obsolete audiofile note
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] gitlab n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add new PostgreSQL issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add postgresql for dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4949/grub with additional TODO entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-47164/hoteldruid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three ne symfony issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-46733
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-47164/hoteldruid as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for symfony issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-46894
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-47164/hoteldruid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-41862/postgresql-13 in bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove postponed tags for issues to be fixed in the pending update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream advisory for three postgresql issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take care of releasing two DSAs for postgresql
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-47122/gitsign
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-468{49,50}/openvpn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] postpone fixes for CVE-2023-30534
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] sox fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for symfony issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for openvpn issues
Salvatore Bonaccorso ( at carnil)
- Processing 16945f055472c2263ee77c45962872a778a74ff2 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] CVE-2023-34462,CVE-2023-44487,netty: fixed in unstable
Markus Koschany ( at apo)
- Processing 62f81dd4abba17cd0b018c7ab988755facc14ddc failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] The uploaded jupyterlab version is fixed already
Jochen Sprickerhof ( at jspricke)
- [Git][security-tracker-team/security-tracker][master] Adjust tracking for CVE-2021-32797
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for openvpn issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-41160/freerdp2 - buster backport is not feasible, setting to ignored.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-39282 and CVE-2022-39283 (freerdp2) - link to likely patch
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-37453/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] ffmpeg DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42781/airflow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: add Thorsten as FD 18-12 to 24-12
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Claim netty in dsa-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-47037/airflow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3650-1 for audiofile
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] lts: take postgresql-11
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] qt6-svg n/a, could potentially affect experimental, but not really worth checking further
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rust-self-cell issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: add note
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] new tor issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dnstdist/HTTP2
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Clarify relation of CVE-2022-4949 with CVE-2023-34325 (XSA-443)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on tor issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-self-cell issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-46894 as unimportant with a reationale from maintainer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add clamav to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for postgresql-15
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for postgresql-13 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark two golang issues as unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for rust-self-cell issue via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new python-asyncssh issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3651-1 for postgresql-11
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: take clamav
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] lts: drop clamav and add libclamunrar
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] mark esptool as non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3652-1 for ruby-sanitize
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] qtbase-opensource-src-gles fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-23583/intel-microcode
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add intel-microcode for dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new xen issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] vips, QT spus
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] k8s n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2023-46849 and CVE-2023-46850 in openvpn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for intel-microcde issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-45684/cfengine3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6111/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for intel-microcode update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to list of affected processors for CVE-2023-23583
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] apparently bogus CVE ID for openvpn
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Include one further reference for CVE-2023-23583
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Two chromium issues fixed via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-20592/amd64-microcode
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-20592/amd64-microcode
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new gimp issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add one more gimp issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] gimp references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2023-47641/python-aiohttp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new yt-dlp issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3653-1 for libclamunrar
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] new gpac issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Adjust version for CVE-2023-47641
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add libclamunrar for tracking under CVE-2023-40477 for the embedded unrar copy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update references for gimp issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Tentatively try to take care of the gimp DSA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for gimp issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] gimp fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] symfony spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openvpn DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5981/gnutls28
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2023-46121
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry for bookworm for CVE-2023-47641/python-aiohttp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2023-37276
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-37276/python-aiohttp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-46121/yt-dlp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-48219/tinymce
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new gpac issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-23549/check-mk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop notes and references for CVE-2023-4128
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-46446
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-46445
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2023-0010
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for yt-dlp issue via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some CVE for grocy, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct note about wpewebkit in bullseye
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for intel-microcode via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-44429 and CVE-2023-44446
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-44487: Add varnish
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add gst-plugins-bad1.0 to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-46233/cryptojs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6176/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-47470/ffmpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6174/wireshark
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6121/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream commit for CVE-2023-45857/node-axios
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-45857/node-axios
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-44446
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-44429
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6175/wireshark
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-5557-1
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Track new set of vim issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 8 commits: Add gnutls28 to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3654-1 for freerdp2
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Fix typo in list of affected CVEs for DLA-3654-1
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-45853: mark minizip as removed as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for wireshark via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update note for DSA needed on zbar, caution is in order as approaches cause regressions
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-44487/varnish
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Add gst-plugins-bad1.0 to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-45853/zlib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-44796/limesurvey
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim lwip in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] claim zlib and minizip
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add additional references for CVE-2023-5981
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-47471/libde265
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sort commits for CVE-2023-44441
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-5981/gnutls28
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5558-1 for netty
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-22284/lwip buster not affected
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] postponed libspf2 until there is some resolution in upstream and ZDI status
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3655-1 for lwip
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] dla: take wireshark
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2023-42118 as postponed for Buster
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] data/ela-needed.txt: claim varnish
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-46604/activemq via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed for audiofile via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-48052/httpie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-45853/zlib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] wireshark updates
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: claim amanda in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] wireshark DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add myself for node-json5
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add fix from upstream for node-json5 CVE-2022-46175
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] mark two barbican issues as RH-specific
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] janino unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] pixman non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixes which were included between 4.0.6-1~deb12u1 and 4.0.11-1~deb12u1...
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-46175: Add upstream tag information and adjust commit reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-5981/gnutls28 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new derby issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add golang-1.19 to ignored packages, will be RMed soon
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 21 commits: Triage gpac CVE as EOL in Buster.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-48011: link to correct fixing commit again
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-5157 does not affect galera-3
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] dla: give back libstb and add note to recommend waiting for upstream merging of fixes
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] dla: take gimp
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Take netatalk and libde265
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2023-48011
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: note in dla_neded
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-20031 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: follow sec team with ignoring CVE-2023-45853 for Buster
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] node-axios fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Remove now rejected CVE for binutils (as it was not a security issue)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim opensc and cryptojs in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-31022/nvidia-graphics-drivers-tesla-470 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] claim gst-plugins-bad1.0
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-44441: The DDS plugin used to be 3rd party in an own package
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Adjust source-package name for CVE-2023-44441
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-44443/gimp does not affect buster
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for vim issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2023-39999,wordpress: link to upstream changeset
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 3 commits: check-external: update: Gather CVE from the Red Hat Security Data API endpoint
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new gpac issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] allocate dsa for strongSwan
Yves-Alexis Perez ( at corsac)
- Processing aaf72b70f43e15cd7ce53224e96b403233f6aec5 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41913/strongswan
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3657-1 for activemq
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3658-1 for wordpress
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2023-41913/strongswan
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim gnutls28 in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-31022/nvidia-graphics-drivers
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: check-external/cronjob: Add comment for wgetrc settings
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6134 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5764 with TODO item
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Added strongswan to be fixed for LTS.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] nvidia-graphics-drivers-tesla fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag for CVE-2023-47471
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via unstable for CVE-2023-43887 and CVE-2023-47471
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3659-1 for gimp
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] dla: take vlc
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] add notes for CVE-2023-43887
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Drop todo entry as it is the plausible reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2023-49
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to DSA needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2023-50
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2023-52
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to DSA needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2023-31022/nvidia-open-gpu-kernel-modules
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for firefox-esr (mfsa2023-50) via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox issues (mfsa2023-49) via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed updte for nvidia-graphics-drivers via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6238/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6228/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add set of new issues for nextcloud-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-48230/capnproto
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49105/owncloud
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-47016/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim strongswan.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] new giflib issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] vlc n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-31022/vidia-graphics-drivers-tesla-450
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] firefox, tor DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Claim curl and symfony in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] tor updates
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for nodejs issues fixed with unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop now postponed entries for intel-microcode
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop notes from CVE-2023-45960
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two check-mk issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-48106/zlib-ng
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add myself for report bug
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] unadf fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 8 commits: Added firefox-esr to dla-needed. Already fixed in bullseye.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Added notes for httpie CVE-2023-48052.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-48706/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-46673/elasticsearch
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-48107/zlib-ng
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] ckeditor non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new cargo issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] record upstream fix for libcrypto++
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] thunderbird fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for intel-microcode update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5972/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-33202/bouncycastle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49208/glewlwyd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in source package name for thunderbird
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-6212/thunderbird via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Marked CVE-2023-20246 as not affected for buster.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Marked CVE-2023-40030 as no-dsa for buster following bullseye.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Added tinymce to dla-needed.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Marked CVE-2023-49208 as not affected for buster.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-48230
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3661-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-48570/libcrypto++
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update notes for outstanding freeimage issues
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3662-1 for freeimage
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-20246/snort
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3663-1 for strongswan
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] new clickhouse issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: claim cacti
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3664-1 for symfony
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] unadf spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove curl from dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-45853 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Postponed CVEs for buster just as for bullseye.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6251/check-mk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct NFU naming for CVE-2023-49298
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2023-49298 with zfs-linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6277/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-10370 with bluez-firmware commit information
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for gimp update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-46671/kibana, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-45853: Document bug for minizip package
Samuel Henrique ( at samueloph)
- [Git][security-tracker-team/security-tracker][master] Track fixes for zabbix via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-48161/giflib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-46118
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim opendkim in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for gst-plugins-bad1.0 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] opendkim has a RFS fixing the CVE - asked sponsoree details about confidence.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2023-31122
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2013-20001/zfs-linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark zfs-linux issues as no-dsa for bookworm and bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2013-20001/zfs-linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2022-48521
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] capnproto fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add two new perl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-6277/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-33202/bouncycastle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-49298/zfs-linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed fixes for minizip via {bullseye,bookworm}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-46337/derby
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3665-1 for node-json5
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] fix list of CVEs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] perl fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] nvidia, opendkim spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for derby issue via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] tiff fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Correct source package name for phppgadmin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add myself for python-requestbuilder
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Mark zchunk as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-33202 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take python3.11 for reviewing
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3666-1 for reportbug
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] hoteldruid fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track perl update proposed via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for perl via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for xen issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-26652 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-47016/radare2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3667-1 for python-requestbuilder
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Take postgressql-multicorn
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2023-4535/opensc for buster and bullseye.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3668-1 for opensc
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for tiff
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2023-41913/strongswan
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2023-46118/rabbitmq-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add zfs-linux
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add gimp-dds
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add bouncycastle
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-14744/kde4libs: precise stretch context
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-6277/tiff: buster postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add additional CVEs for hoteldruid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional CVE for glewlwyd bullseye-pu update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim bouncycastle and squid in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3669-1 for cryptojs
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] fastdds DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] samba fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2023-6121/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2022-44034/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6287/check-mk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some CVEs in Mattermost (mark as mattermost-server)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49316/php-phpseclib3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-49316
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two more Mattermost issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two more Mattermost CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] libde265 spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] nvidia-graphics-drivers-tesla,glewlwyd spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] glewlwyd ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3670-1 for minizip
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-45360/mediawiki as no-dsa for buster.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Remove duplicate tracking of pending update for glewlwyd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-22084 for MariaDB
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2020-21428 as not-affected for stretch
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] php-phpseclib3 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add new busybox issues (need further triage)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some additional NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3671-1 for mediawiki
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] dla: add bouncycastle note
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] php-phpseclib3 spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-46589/tomcat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-46589: Add references to upstream commits
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3672-1 for postgresql-multicorn
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Mark gtkpod as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Document status for ldap-account-manager and phpseclib variants
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-45539/haproxy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add myself for zbar
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Revert "Mark CVE-2020-21428 as not-affected for stretch"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2018-14628/samba
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3673-1 for gst-plugins-bad1.0
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for gst-plugins-bad1.0 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-6111/linux via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add roundcube to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unify NFU name for one entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Move rabbitmq-server to DSA needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2023-5981/gnutls28
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-48052/httpie: clarify note + buster not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Typo
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-23583,intel-microcode: clarify postponed reason
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-46589/tomcat10
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add tomcat8
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: tomcat8->tomcat9
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-21426/freeimage: buster postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add mariadb-10.3
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49092/rust-rsa (RUSTSEC-2023-0071)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues fixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via experimental for jupyter-server issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-49092/rust-rsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-48052/httpie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40170/jupyter-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] postgresql-15 removed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] consul removed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-34054 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-45286/golang-github-go-resty-resty
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-39968/jupyter-server via experimental
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-38703
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-6378/logback
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-49083/python-cryptography
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libssh2 via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-49083/python-cryptography
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dsa-needed.txt: started to backport samba patches to bullseye - santiago
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for xen issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2022-28958
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take gimp-dds
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2023-34854, CVE-2022-45592/hoteldruid: follow stable triage for buster (too little information)
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: Claim tinymce in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] 6 commits: CVE-2023-39358,CVE-2023-39360/cacti: buster not-affected + more links
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-6378/logback: buster postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3674-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3675-1 for zbar
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: add note about CVE-2022-3437/samba. regression risky
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] LTS: claim horizon in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Track fixes for linux via upcoming point release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new aiohttp issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new virtuoso-opensource issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-6111 in sync with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add one missing CVE which is fixed as well (sync with kernel-sec)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3676-1 for libde265
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3677-1 for gimp-dds
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-39350,CVE-2023-39351/freerdp2: reference introductory commit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-2906/wireshark does not affect buster
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2023-49082
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2023-49081
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note about zbar fixes and upstream status
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two issues for phpmemcachedadmin, itp'ed, #776613
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate two older NFUs with phpmemcachedadmin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] track proposed update for gnutls28 via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for gnutls28 for bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4770 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-33201,CVE-2023-33202,bouncycastle: fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for python-aiohttp issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove flatpak from dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3678-1 for horizon
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3679-1 for vlc
Adrian Bunk ( at bunk)
Last message date:
Thu Nov 30 23:51:12 GMT 2023
Archived on: Thu Nov 30 23:51:17 GMT 2023
This archive was generated by
Pipermail 0.09 (Mailman edition).