September 2023 Archives by thread
Starting: Fri Sep 1 05:14:05 BST 2023
Ending: Sat Sep 30 22:46:23 BST 2023
Messages: 800
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4641/shadow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVEs for frr
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add new CVEs for graylog2, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bullseye/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Synapse CVEs fixed in 1.90.0-1
Andrej Shadura ( at andrewsh)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gitlab issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rails issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new moodle issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3553-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] LTS: mark gpac CVEs as end-of-life for buster
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] LTS: add file and frr
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Reference backports for CVE-2023-38802
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for three CVEs for frr fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag references for CVE-2023-38037
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-41080,tomcat10: fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2023-34457 in python-mechanicalsoup for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Clarify status for CVE-2021-34193
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-39616/aom
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process new gpac CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-38037
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-38037/rails
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-28362: Add short description and Debian bug reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40184
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-4641
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for CVE-2023-29383 commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add information for CVE-2020-23793
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41051/rust-vm-memory
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-36328/libtommath
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] php8.2 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-25775/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-36328/libtommath
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-41051
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-28938/mdadm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-28736/mdadm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove mipsel architecture from supported list from testing and sid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new vim CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39562/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: add some packages into the dla-needed.txt
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVe-2023-41180 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39663/mathjax
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: add elfutils to dla-needed
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: claim elfutils
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] dla: take gerbv
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Update information for some tcpreplay issues (fixed via unstable)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4751/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] catdoc non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new timg issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new jupyter-issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new jupyter-server issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" openjdk-11 issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage some wabt CVE as fixed in unstable and earlier versions.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] "new" issues in mongodb drivers
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] old, bogus xz-utils issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3777/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3995 but not track explicit versions
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4015/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] restrictedpython fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag for commit for CVE-2023-40968
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41164/python-django
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim libssh2 in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-41164/python-django
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-41164/python-django via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-34478/shiro
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for 1.13.1 for CVE-2022-45907/pytorch
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40968/timg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-39615/libxml2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bin/add-dsa-needed.sh: Package names can start with alphanumeric characters
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for file update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-32292/json-c as not-affected for buster
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reference assigned CVEs for gst-plugins-ugly1.0 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3554-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2023-3995 (rejected in favour of CVE-2023-4147)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add four new gpac CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-34321/xen
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] ATS fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for horizon for bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2023-37154
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage python-django for buster LTS (CVE-2023-41164)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 6 commits: Triage CVE-2023-4380 in ansible for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Process three more CVEs for vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40743/axis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40743/axis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3555-1 for php7.3
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Cleanup trailing whitespaces
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4781/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4778/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39515/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-30534/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-31132/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39516/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39514/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39513/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39512/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39510/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39366/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39365/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39362/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39359/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39358/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39364/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39357/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39361/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39360/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5490-1 aom
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2020-0478,aom: Mark buster and bullseye as ignored
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Claim frr in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-41051/rust-vm-memory
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-39616/aom
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-2089{7,8}/salt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new mosquitto CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2023-3592/mosquitto
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] open-vm-tools fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] cairo fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage cacti for buster LTS (CVE-2023-30534)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 5 commits: Triage CVE-2022-26592 & CVE-2022-43357 in libsass for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2023-40587 in python-pyramid for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2020-22570 in memcached for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 5 commits: data/dla-needed.txt: Triage memcached for buster LTS (CVE-2022-48571)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Update note for libraw.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add note re. CVE-2020-18839/poppler.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4540/lua-http
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41910/lldpd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41909/frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add librsvg reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4206/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4207/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4208/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark for now CVE-2023-4244 as duplicate (both CNAs contacted)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4623/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4622/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust unstable version for CVE-2023-1989
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39511/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim libraw in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for cacti issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2023-24626/screen
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-39511/cacti via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2023-3931{8,9}/golang-1.20
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for golang-1.21 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add information for CVE-2023-393{18,19,20,21,22}/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-1832 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41053/redis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] procps fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] chromium DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 6 commits: Triage CVE-2023-39741 in lrzip for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add missing commit for for CVE-2022-25901/node-cookiejar.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3557-1 for memcached
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Process two CVEs for electron, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40591/golang-github-go-ethereum, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-23623/electron
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track planned update for openrefine via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3558-1 for python-django
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3559-1 for libssh2
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] openssl n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add rustsec reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: claim python2.7
Helmut Grohne ( at helmutg)
- [Git][security-tracker-team/security-tracker][master] Add rouca and santiago for testing runc
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Remove quote from a NFU notation
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-2089{7,8}/salt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2022-47022 in hwloc for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 4 commits: data/dla-needed.txt: Claim e2guardian.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Update note for CVE-2020-18839
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2021-46310 & CVE-2021-46312 in djvulibre for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4782/terraform, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-4540/lua-http
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-41053/redis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage redis for buster LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2023-41053/redis via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for rust-webpki for RUSTSEC-2023-0052
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-41053/redis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via bookworm for CVE-2022-48502
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status of libreswan in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for timg via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new CVEs for mutt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add mutt to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for mutt issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct tracking for CVE-2023-32360 an associate with cups
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for mutt CVEs via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41915/pmix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3560-1 for libraw
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Revert 535390052, CVE-2022-40626/zabbix after revisting patch for jessie I'm...
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] open-vm-tools DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Follow maintainers assessment for CVE-2021-20255/qemu and consider issue fixes...
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for mutt update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-40187/freerdp2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for freerdp2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim xrdp in dsa-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for frr
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42467/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reclaim glib2.0
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] LTS: take c-ares
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2023-0008
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] timg spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add another required commit for CVE-2022-25901/node-cookiejar.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3561-1 for node-cookiejar
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Detangle non-common set of CVE fixes for bullseye and bookworm for DSA-5495-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-43151/timg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-41915/pmix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4881/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] vim fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41000/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40032/vips
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39070/cppcheck
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop redis from dla-needed.txt; buster not vulnerable to CVE-2023-41053.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-40032/vips
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] freeimage bugs and references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for gpac issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3562-1 for orthanc
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-41915/pmix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4863/chromium
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] rust-inventory n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rust-users issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFU, concludes external check
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one frr issue n/a for all suites
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bookworm/bullseye triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: claim ruby-rails-html-sanitizer and ruby-loofah
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3563-1 for samba
Lee Garrett ( at lgarrett)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-23518/ruby-rails-html-sanitizer: reference patch
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-4863
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop chromium from dsa-needed list, add libwebp instead
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issue in src:electrum
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3564-1 for e2guardian
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] security-team overview: Sync table with real situation
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference proposed patch for the (unmaintained) rust-users
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-users issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-39978/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream references for CVE-2023-41040/python-git
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2023-36191
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4921/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issue in jgit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track two new issues in airflow, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove fixed version for bookworm for CVE-2023-41361
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track mfsa2023-40 for CVE-2023-4863 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox issue addressed in mfsa2023-40
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track firefox-esr fixes for mfsa2023-40 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Document status for libwebp in dsa-needed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4527/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4806/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4813/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3866/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3865/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-3867/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes which entered unstable from the experimental upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3565-1 for ruby-loofah
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3566-1 for ruby-rails-html-sanitizer
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] new GCC issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add more GCC source package names
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gcc-12/gcc-13 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] hwloc fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mosquitto fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2022-47022
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track unfixed gpac issues as fallout from #1033116
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-4863/thunderbird via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two CVEs for linux with unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] firefox-esr DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-38039/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-38039/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] libwebp DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: take freeimage
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add several Debian bug references
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-38559 and CVE-2023-38560 in ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFU (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2023-4785/grpc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41081/libapache-mod-jk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track two new CVEs in routinator, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] claim tiff
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Associate one CVE with webmin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim open-vm-tools in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] curl fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-32200,CVE-2023-22665,apache-jena: fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-32360/cups
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references to upstream commits for CVE-2023-4527/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-41000/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-34321/xen
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-41081/libapache-mod-jk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2023-4527/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-4527/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark electrum issue as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate #1051726 to src:viagee as how it was reported
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-4244 got preferred instread of CVE-2023-4563
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4965/phpipam
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-41081,libapache-mod-jk: fixed in sid
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-4863/libwebp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3567-1 for c-ares
Anton Gladky ( at gladk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-4527/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Link to upstream issue for zbar CVE-2023-40889 / CVE-2023-40890
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] new tomcat issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" plexus-utils2 issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new binutils issues
Moritz Muehlenhoff ( at jmm)
- IoT Cold Chain Monitoring Device Latest Changes 市场洞察
Elaine
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage webkit2gtk CVEs as EOL on buster
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Take mutt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-36328 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag for CVE-2023-36328/libtommath
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] fix CVE list
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-32409 is fixed in webkit2gtk 2.42.0-1
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42503/libcommons-compress-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim flac in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-25588
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-25586
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2023-25585
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-25585
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-25584
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some webmin CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two CVEs for freeswitch, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4956 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2023-4330
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove check item for CVE-2023-1576 (duplicate of CVE-2022-47069)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-43091/gnome-maps
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3568-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-2222/binutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-43090/gnome-shell
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Expand todo for CVE-2022-3261
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2023-33461/iniparser
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] glibc fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Demote severity for CVE-2022-34038/etcd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tags for CVE-2023-3428
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-42503/libcommons-compress-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-43090/gnome-shell
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2023-42503
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust source package name for CVE-2023-2604{8,9} and track fixed version via experimental
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40167/jetty9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41886/openrefine
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41887/openrefine
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-41900/jetty9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3569-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2020-24904/viagee
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42464/netatalk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] take flac
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add entry for DSA 5497-2/libwebp in bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixes via unstable for CVE-2023-43090/gnome-shell
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add gnome-shell to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-29390/libjpeg-turbo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-43090/gnome-shell
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take libwebp
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3570-1 for libwebp
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] new rust-bcder issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: add notes
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] QT n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-43115/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] openssh spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2023-39017 as a non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-39914/rust-bcder
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-42464/netatalk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new roundcube issue, #1052059
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take lldpd from dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-36766/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium, flac, gnome-shell DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5502-1 xrdp
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add lldpd to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42752/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4237/ansible
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-26141/ruby-sidekiq
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream commit for CVE-2023-3153/ovn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for ovn via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track horizon update via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for electrum issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed fix for electrum via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: reclaim openjdk-11
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3571-1 for openjdk-11
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] gitlab n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] python-git fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ovn fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-32360/cups as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed udpate for python2.7 via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for freeimage issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3572-1 for libyang
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3573-1 for frr
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-28357/nats-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some new CVEs for mastodon
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark rkhunter CVE assignment as bogus
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-4998 not beeing Gitlab EE specific
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for electrum issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] rust-remove-dir-all fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-34322/xen
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new bind issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4504/{cups,libppd}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3574-1 for mutt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add ghostscrip to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Claim gsl in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] netatalk DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-43115 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-4236/bind9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-3341/bind9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop netatalk from bullseye-pu pending/tracking list (got a DSA)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] reserve DLA-3575-1 for python2.7
Helmut Grohne ( at helmutg)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-4504
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop notes for CVE-2023-4881
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issues in hoteldruid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two cups issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unify some naming for D-Link NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unify some TP-Link NFUs names
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] file ist not-affected
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Track proposed qemu update via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track followup round for coups via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking for cups update via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new rust-tungstenite issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add bind9 to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3576-1 for gsl
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-4236/bind9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-3341/bind9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-43669/rust-tungstenite
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-43309/webmin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-36234/netbox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two bind9 issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some CVEs for croc, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim lldpd in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] new node-graphql issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-43770 for roundcube's latest XSS vulnerability.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add roundcube to dla-needed.txt and assign it to Guilhem Moulin.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-4132
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3577-1 for roundcube
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-4132, associate it with jss
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42805/rust-quinn-proto
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add bind9 to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: claim tiff
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3578-1 for lldpd
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for bind9 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42753/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add python-git to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Mark one CVE as no-dsa as discussed in a related Debian bug
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-40619/phppgadmin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2015-5467
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-1194/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3579-1 for elfutils
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] claim bind9
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim ghostscript
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] LTS: claim suricata in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] LTS: claim nasm in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] LTS: claim firmware-nonfree in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-42805/rust-quinn-proto
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2019-6461/cairo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for some jetty9 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42821/golang-github-gomarkdown-markdown
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issues in dolibarr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 5 commits: CVE-2023-41081,libapache-mod-jk: link to fixing commit
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] claim cups
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libapache-mod-jk via {bullseye,bookworm}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 13 commits: CVE-2023-39663,mathjax: Buster is no-dsa
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-4132,jss: Buster is not affected
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 5 commits: Link to jss bug report
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] some gitlab issues fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] nvidia-cuda-toolkit fixed in experimental
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Upstream have changed and refactored function `finish_copydevice`
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] yt-dlp n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim puma
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3581-1 for flac
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Adjust comment ofr additional CVE-2020-21890 commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: unclaim open-vm-tools in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] LTS: claim ncurses in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] add references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gitlab fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3582-1 for ghostscript
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Reclaim again glib2.0. Currently preparing the upload
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3583-1 for glib2.0
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42755/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commits for CVE-2023-43669
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-35357
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for lldpd update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5156/glibc (and add note to CVE-2023-4806)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3584-1 for netatalk
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reference discussion thread for CVE-2023-5156
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5158/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3585-1 for exempi
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add a few CVE for DLA3457-1
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reference followup commit for CVE-2023-20588
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-19450/python-reportlab
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add xen as well for CVE-2023-20588
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5129 and retain entry for a short while until assigning CNA clarifies
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new mediawiki issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] nasm issues unimportant
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-40090/tiff: buster postponed; drop tiff from work queue
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for modsecurity via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2020-35357/gsl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Added python-reportlab to dla-needed since it has been fixed in all later...
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2023-41
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2023-42
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed and assign to jmm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-40167,jetty9: link to fixing commits
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-39914/rust-bcder
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2023-5156
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new jetty issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-5156/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2023-1633
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixing version information for CVE-2022-44370
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5197/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-39347/cilium, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2023-36479/jetty9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40619/phppgadmin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr issues from mfsa2023-42
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5189/ansible, keep for now undetermined until better understood
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5115/ansible
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-43040/ceph
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Improve triaging for CVE-2020-21686
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two CVEs for shadow in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take vim
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] LTS: mark two buster ncurses fixed versions
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] firefox fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ring fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] curl spu, roundcube ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add issue in foot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sort un-CVE-ifed entry last as cannot merged with merge-cve-files after review
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed roundcube update via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-41900,jetty9: Buster is not affected
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-5156/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] rust-tungstenite fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 5 commits: Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42822/xrdp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-42756/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one additional NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new thunderbird issues from mfsa2023-43
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed and assign to jmm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-4047{4,5,6}/gst-plugins-bad1.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new exim4 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2023-5129
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2016-1243 and CVE-2016-1244
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-1354/tiff: reference introductory commit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: mark two more buster ncurses fixed versions
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] LTS: mark another buster ncurses fixed version
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3586-1 for ncurses
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] chromium fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add firefox, firefox-esr to CVE-2023-5217
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-32409 is fixed in wpewebkit 2.42.0-1
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Add comment for CVE-2023-4738
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] dla: retake suricata
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-18768/tiff: fix was shipped in DLA-2777-1 through CVE-2020-19144
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add gst-plugins-bad1.0 to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add exim4 to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim qemu in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] glibc spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-5217/libvpx
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Change order of commits for libvpx
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libvpx issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-36479,jetty9: mark it as fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Added exim4 to dla-needed following decision for bookworm.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-5507-1 for jetty9
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Added gst-plugins-bad1.0 to dla-needed following decision for bookworm.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] claim gst-plugins-bad1.0
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Take salt
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add upstream bug for CVE-2023-20897
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Document advancement on SALT
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] LTS: claim python-reportlab and python-git in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-0809,mosquitto: link to fixing commit
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-40090/tiff: precise affected versions
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-44466/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-44469/lemonldap-ng
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3587-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Track proposed ghostscript updates for bullseye and bookworm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3588-1 for vim
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim phppgadmin
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Add note about salt and vendoring python3-attr in dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Take exiv2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2020-18832 does not affect buster
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Remove exiv2 (only no-dsa remaining cve) from dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Further triage CVE-2020-18831/exiv2
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] chromium, firefox DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3589-1 for python-git
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Marked a few CVEs as end-of-life for buster.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Take prometheus-alermanager
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-5217/libvpx
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-{2019-19450,2020-28463}/python-reportlab: Add links to patches.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Mark lemonldap-ng as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Move electrum tracking to end of list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed lemonldap-ng for bullseye and bookworm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Document file move for prometheus-alertmanager for CVE-2023-40577
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Switch firefox and firefox-esr entries to unimportant for CVE-2023-5217
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3590-1 for python-reportlab
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Map upstream issues with ZDI advisories (not public yet)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add clarifying information for three exim4 issues which are unfixed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5289/rdiffweb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libvpx update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add a note about ring for dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Track pypy3 for now as well for CVE-2023-40217
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2023-5217
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take poppler
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-43646/node-get-func-name
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-5215/libnbd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Move one very specific note to package note specific for suite
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-44270/node-postcss
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some mattermost-server CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for gst-plugins-bad1.0 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-5215/libnbd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-43646/node-get-func-name
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3591-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3592-1 for jetty9
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for cpio via bullseye-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3593-1 for gerbv
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3594-1 for cups
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3595-1 for trafficserver
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-28366,mosquitto: Link to regression fixes
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-44270
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-42822/xrdp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for matrix-synapse issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3596-1 for firmware-nonfree
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Add CVE-2023-43655/composer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim freerdp2 in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Claim exim4 and open-vm-tools in dla-needed.txt
Markus Koschany ( at apo)
Last message date:
Sat Sep 30 22:46:23 BST 2023
Archived on: Sat Sep 30 22:46:34 BST 2023
This archive was generated by
Pipermail 0.09 (Mailman edition).