October 2024 Archives by thread
Starting: Tue Oct 1 02:54:08 BST 2024
Ending: Thu Oct 31 22:31:19 GMT 2024
Messages: 798
- [Git][security-tracker-team/security-tracker][master] Add upstream bugs for freeimage's CVE-2023-47993 and CVE-2023-47994
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-27635/debian-goodies
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new giflib issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] pytorch fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2024-5480/pytorch as non-issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] correct pytorch reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-8088/python2.7: not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-9026/php7.4: reference introductory commit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2024-46
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add firefox-esr issues from mfsa2024-48
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2024-49
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2024-46839 as rejected
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge CVE changes from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert "CVE-2019-19244/sqlite3: Remove unimportant"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for CVE-2024-42472/flatpak
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-45752/logiops
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add information for CVE-2024-45752/logiops
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for firefox via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-39705/nltk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] rust-cargo is fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] rust-tonic n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new znuny issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] firefox-esr fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-0232/sqlite3 does not affect bookworm
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for sqlite3 via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add ckeditor
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: update horde* notes
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] wpewebkit 2.46.1-1 fixes some CVEs from WSA-2024-0005
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] dla: add perl
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add e2fsprogs to dla-needed
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: wordpress: Triage 2024 CVE for bullseye
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] dla: take e2fsprogs
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] dla: add firefox-esr and thunderbird
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-38497
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2024-47534
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: reference smcv's flatpak suggestions
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] php8.2 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new golang-github-containers-common issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] fix CVE list
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Remove notes from now rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three CVEs for juju, removed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: add fcgiwrap and ikiwiki-hosting
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark mbedtls as unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: take fcgiwrap
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] LTS: claim php7.4 and perl in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reference cloned bug for CVE-2024-3056
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Andres Salomon ( at dilinger)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-9341/golang-github-containers-common: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] clamav spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2021-47220 as rejected
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3909-1 for zabbix
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Add freeimage upstream bugs for CVE-2023-47995
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] new mediawiki issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs / xz-utils n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Re-claim unbound
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Update information for four freerdp2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-25590/pdns-recursor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8508/unbound
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference advisory for CVE-2024-8508
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for clamav issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-8508
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: FD assignment
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-25590
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-34535/mastodon, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new nvidia-cuda-toolkit issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" gitlab issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mysql-connector-python fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-32004/git: Document more details about the breaking change commit
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-32004/git: Remove link to LTS email that also contained outdated information
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] node-express n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-47191
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new libgsf issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2023-49092
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2024-9029/freeimage for bullseye
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2024-31570/freeimage for bullseye
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: add nvidia-cuda-toolkit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3910-1 for e2fsprogs
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] add commit reference for edk2
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] unbound fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reference oss-security post for CVE-2024-47191
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] firefox-esr DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for oath-toolkit update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for libgsf commits
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2024-8508/unbound
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for various rust-gix-* packages uploaded to unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-7207 (it was a duplicate of CVE-2024-45806)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-8197 (duplicate of CVE-2024-7859)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process several NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-47855/libjson-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-47554/commons-io
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add libgsf
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-9407/golang-github-containers-buildah
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-47850/cups-filters
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-47764/node-cookie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take libgsf
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] mediawiki CVEfied
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: add mediawiki
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-38474 regression
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] mediawiki DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-38475 regression
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-39884/regression
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Remove additional whitespace
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-47913/mediawiki does not affect bullseye
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-36472/gnome-shell
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2024-36472
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libgsf update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-47211/ironic
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-18483/binutils as fixed with 2.32.51.20190707-1
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-44082/{ironic,ironic-python-agent}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-47855/libjson-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2024-47764/node-cookie via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux changes from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-42363
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2024-46958
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim activemq for bullseye LTS
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3911-1 for libgsf
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for 7zip via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] node-elliptic fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] pdns-rec fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libgsf fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim opensc in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3912-1 for linux
Ben Hutchings ( at benh)
- [Git][security-tracker-team/security-tracker][master] LTS: claim python-git in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Add an explanation why the upload is stalled
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Claimed git for LTS.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] 2 commits: update notes
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add freeimage upstream bugrefs for issues reported in github.com/Ruanxingzhi
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2024-46544/libapache-mod-jk: add fixing commit
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] dla: retake
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] new redis issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new vim issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: FD assignment
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3913-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] sentry-python fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] apache regression DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] svn n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new cacti issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new fop issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim libapache-mod-jk.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] redis fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new firefox chemspill release
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] cleanup two rejected issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new wireshark issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new libarchive issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new node-elliptic issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs from Red Hat external check
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new lemonldap-ng issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new buildah issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] arm-trusted-firmware n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new libcoap issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3914-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reclaim exim4 and tomcat9 with notes.
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new xhtml2pdf issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Mark CVE-2024-47814/vim as postponed for bullseye
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] wireshark fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] cacti fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Triage chromium issues as EOL for bullseye
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3915-1 for libreoffice
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] openvpn-auth-ldap fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] znuny CVEfied
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one more CVE assigned for July Chromium update
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mosquitto issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new node-dompurify issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new h2o issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] fix reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new qemu issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] thunderbird in stable/oldstable is still on ESR1125, mark n/a accordingly
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] also track CVE-2024-9680 for thunderbird
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3916-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] DLA: Take docker.io
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add a note about DLA/docker
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2024-46292 as non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Adding some more information for git.
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Remove nodejs from dsa-needed which is going to be handled with SRM
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] jodd removed from sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark two NSS issues as ignored for bookworm
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] disassociatte CVE-2024-3056 from podman
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3917-1 for python-reportlab
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-31228 also affects redict
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Remove trailing whitespaces
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2024-424{58,59,60}/node-elliptic
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream advisory for CVE-2024-25590
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-36051 (duplicate of CVE-2024-38365)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-46503 (withdrawn by CNA)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove DLA reference for CVE-2024-42308 which was rejected
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tag for commit for CVE-2024-46544
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] node-dompurify DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] python-reportlab DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3918-1 for docker.io
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] vim fixed in sid
Moritz Muehlenhoff ( at jmm)
- Processing 61ba10d44f6c3a01a5253b9c7a4996935eed6f9b failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Take freeimage in dla-needed
Santiago R.R. ( at santiago)
- Processing 9a8ff55a8ec3879ae8cc86de6dd586fdb5a6a019 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Add apache2 to dla-needed
Santiago R.R. ( at santiago)
- Processing 62159fe35baedf5f526cecffe856482c1b61694f failed
security tracker role
- Processing 5f5a6e0d6bddb4a56db5a5d085faacae47952d80 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] furnace now in the archive
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new haproxy issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] update notes in dla-needed.txt
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3919-1 for libapache-mod-jk
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-5792-1
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3920-1 for php7.4
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Some Apple-only WebKit CVEs were incorrectly assigned to WebKitGTK
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-9936/firefox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] smarty4 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add salsa issue link to track openssl DLA
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Triage giflib in bullseye LTS
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-31449 and CVE-2024-31227 for redict
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tag for commit for CVE-2024-28168
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference mfsa2024-52 for CVE-2024-9680
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-1342
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2023-51847
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add python-cryptography to dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-48948/node-elliptic
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-9979/rust-pyo3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-47874/starlette
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-9676
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-49195/mbedtls
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lemonldap-ng fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new vbox issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new java issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mysql-connector-python issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: take python-cryptography
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] two golang-github-containers-buildah issues fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openjdk-21 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] containers-common fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mysql issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lucene-solr n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lemonldap spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new heif issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openjdk-17 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-49083/python-cryptography was fixed in 41.0.7-1
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-32020 for git ignored
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Add libsepol to dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Add note about libsepol in dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-26130/python-cryptography does not affect bullseye or buster
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3921-1 for apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] DLA-3921-1 mark as regression update
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-36087/libsepol: Also link to the code fix
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3922-1 for python-cryptography
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] LTS: claim libsepol
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] python-cryptography spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new openssl issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS triaging - libheif, openjdk-11, openjdk-17
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] python-certifi: CVE-2024-39689 CVE-2023-37920 CVE-2022-23491
Sebastien Delafond ( at seb)
- [Git][security-tracker-team/security-tracker][master] chromium references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openjdk-11/openjdk-23 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: take openjdk
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] starlette fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new issue in removed mlocate, possibly SuSE-specific but needs checking
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add and claim python-sql to dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] mysql-8.0 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rails issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: claim frr in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-41909/frr mark as fixed in bullseye - frr 7.5.1-1.1+deb11u3
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Document that frr had been previously fixed.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] remove frr from dla-needed.txt, as nothing left to be fixed
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] LTS: claim php-horde-turba in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] LTS: claim firmware-nonfree in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] new node-markdown-to-jsx issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rails issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new golang-github-gomarkdown-markdown issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new suricata issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new spring issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new jqueryui issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new jetty issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] two fishy mariadb CVE assignments
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-30287/php-horde-turby Note that upstream has an issue and
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim libheif.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] one more fishy mariadb issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new libhtp issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" wordpress issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new zoneminder issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] texlive-bin spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-4973/wordpress/bullseye was fixed in 5.7.8+dfsg1-0+deb11u1
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Reserver DLA-3923-1 for php-horde-turba.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] unassign after upload of php-horde-turba.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct version for php-horde-turba (DLA-3923-1)
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] LTS: claim php-horde-mime-viewer in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] chromium fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new sogo issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2024-47875
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-47875/node-dompurify via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-45403/h2o
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add buildah references from v1.37.5 tag
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update notes for furnace CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-49214/haproxy: Add reference from haproxy-2.9 repository
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2024-9407
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct upstream tag information for CVE-2024-9341
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update upstream tag information for CVE-2023-49083
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update upstream tag for CVE-2024-26130
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstram tag information for various CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference branch commits for CVE-2024-9143
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for virtualbox issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] python-certifi: Update eariest upstram version matching unstable upload including the GHSA changes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Directly reference bug id from tracker so it keeps working if by chance CVE alias get dropped
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag references for fixes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-26874/php-horde-mime-viewer - Add addtional patch
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3924-1 for php-horde-mime-viewer
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Update fixed version for CVE-2024-9823
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for regression of CVE-2022-30287
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unify wordpress changes fo the 6.0.2 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reword note to better reflect the aim as followup bugfix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tag information for sogo commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Clarify followup for CVE-2022-26874
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-9774
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Note that santiago is working on an update for activemq for bookworm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa needed file
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for xfpt via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update tracking for CVE-2024-9676 and track golang-github-containers-storage
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update CVEs with openjdk-23 which references the CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking for dbeacon XSS issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] The latest redis CVEs are also on valkey/trixie
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add additional references for CVE-2024-31449 and CVE-2024-3122{7,8}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2024-8805
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Demote CVE-2021-40648 to unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sort two entries in DSA list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge changes for Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-9680/thunderbird via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3925-1 for asterisk
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add 6.2 fixing commits refs for redis' CVE-2024-31228 and CVE-2024-31449
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] dla: take redis
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] bullseye LTS triaging - fop, assimp
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2024-25763 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim unbound in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] clarify note for nginx
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: reclaim ffmpeg
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] mosquitto fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3926-1 for perl
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3927-1 for openjdk-17
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3928-1 for ffmpeg
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3929-1 for openjdk-11
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] updated note
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add p0 reference to Linux issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openjdk-17 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] python-sql DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark vncterm as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark yap as removed from every supported suite
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark mozillavpn as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 8 commits: Triage CVE-2024-25622 & CVE-2024-45397 in h2o for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark matrix-sydent as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark golang-github-crewjam-saml as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark flask-appbuilder as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference Debian bugs as reported for various CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs for kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Demote CVE-2024-4316{7,8}/unbound to unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3930-1 for libsepol
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] LTS: Claim ghostscript in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] new mbedtls issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: Claim openssl in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] dla: take dmitry
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3931-1 for ghostscript
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-7122
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3932-1 for python-sql
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark zeek as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark mod-gnutls as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-9050/network-manager-libreswan, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new collabtive issues, removed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-10234/wildfly, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker] Deleted branch 30-improve-gen-dsa-by-checking-cve-s-are-related-to-package
Ola Lundqvist ( at opal)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3933-1 for dmitry
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Triage CVE-2024-47764 in node-cookie for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3934-1 for libheif
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-50066/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark jqueryui as non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Remove notes on rejected (formerly Linux) CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from now rejected CVEs (they were unused in the end by the CNA)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] iAdd new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process batch of NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2022-48993 as rejected
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: remove bind9, updated through bullseye-pu
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-0684/coreutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage cacti for bullseye LTS (CVE-2024-43362,...
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 5 commits: Triage CVE-2024-47554 in commons-io for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2024-49195
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-28755/mbedtls via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-42643/smartdns
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-48936/slurm-wlm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking for new nvidia-graphics-drivers issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new pam issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add fixed-by upstream commit references for CVE-2022-41678/nss
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Remove dubious reference about the commit that introduced CVE-2024-7531/nss
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] new botan issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-48936/slurm-wlm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2024-50383 in botan for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-44331/gst-rtsp-server1.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3935-1 for distro-info-data
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-38796/edk2 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-8612/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-8612
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new assimp issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: take webkit2gtk
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] update assimp references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new openrefine issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2008-1447/dnspython as fixed by 1.7.1-1
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3936-1 for activemq
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Update bug reference for CVE-2024-48425
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Point to open and ongoing discussion on proper fix for CVE-2024-8612
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] twisted, libheif DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue/question for CVE-2024-10041
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update CVE-2022-41678 to released upstream tags
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tag information for CVE-2024-47883
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference fixes for 3.8.3 version upstream for new openrefine issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] two tiff ignored, GCC unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-48208 but retain TODO for analysis on impact
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update note for wording typo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference followup commit related to CVE-2024-48208
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-46478/htmldoc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-49766/python-werkzeug
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-49767/{python-werkzeug,quart}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-46478/htmldoc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-9287/python
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-49767
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2024-0126 in nvidia-graphics-drivers for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-46478/htmldoc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-46613 assigned for weechat issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] update state for some older bookworm no-dsa issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] activemq DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-7531: Reference upstream list post clarifying introducing version
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference directly upstream's answer to the question
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim intel-mediasdk in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Add trackiong for docker.io update via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] update status of some older issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] firmware-nonfree/LTS - add link to email thread.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] intel-mediasdk - document mail sent to lts-team.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] add references for pam/CVE-2024-10041
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] record python-cmarkgfm upstream fixes
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] python-cmarkgfm/CVE-2020-5238 already fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] psql-15/CVE-2024-4693 already fixed in bookworm
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-45322/libxml2 suggested patch is broken
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-45322
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] deluge fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] botan fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19882/shadow was fixed in 1:4.8.1-1
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] mark dmidecode issue as unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] some updates on older issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-29383/shadow: Add note for regression fix
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: gnuchess commit reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2019-19882/shadow: Link the actual commit, not the merge, for the fix
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Unclaim freeimage
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Fix typo for compile arguments as mentioned in notes for assessment of CVE-2019-19882
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for commit for CVE-2021-30184
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process CVE-2023-26248 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-50066/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-50602/expat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-50602/expat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2024-44331
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-42643
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues addressed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-48208, still kept TODO item
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2024-45310/runc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2024-9143/openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed bookworm-pu update for tgt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-20696
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2024-9143/openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-20696/libarchive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-50602 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] triage of older issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-7531/nss: does not affect bullseye
Arturo Borrero González ( at arturo)
- [Git][security-tracker-team/security-tracker][master] one audiofile issue unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3937-1 for nss
Arturo Borrero González ( at arturo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2024-46478 in htmldoc for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] openssl spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] curl spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-50067/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new tinyxml2 issues for initial tracking
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: update squid notes
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3938-1 for exim4
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reclaim tomcat9
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] new squid issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for libsndfile issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim python-aiohttp in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] kmail-account-wizard n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] kmail-account-wizard is actually affected in older branches as well
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gsl issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] list two commit references for avahi
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bpfcc fixed and unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bpftrace unimportant (and record revised fix)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] burp fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] triage for older busybox issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one more burp fix in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track further CVE for openssl update via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] iperf3 ignored
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Clarify why fixed version for Debian is 6.12-1 for CVE-2024-45802
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] intel-mediasdk removed from unstable
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] record upstream fix for CVE-2021-46312, might also fix CVE-2021-46310, needs testing
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-50624
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for micropython issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark epics as n/a for two yajl issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark fprintd as non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark one more intel-mediasdk issue as ignored, given it's removed from sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for avahi upstream commits
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Replace some avahi references with moved namespace
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8013/mongodb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-10214/mattermost-server, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-50624
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-50610/gls
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Document more fixing commits for exim4 DLA-3938-1
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-43885 (rejected)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-50610/gsl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2024-49761
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new Tiki issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] track CVE-2020-23884 for Qt
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-36811 (rejected as duplicated assignment)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-23884 (now associated with qtimageformats-opensource-src)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fixup wrong NFU note from last review
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add qemu reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3939-1 for python-git
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Take libarchive from dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] triage for older issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark two modbus CVEs as non issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] record libmodbus fixes / resolved in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-9632
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] claim xorg-server
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-9632/{xorg-server,xwayland}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2024-55
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2024-56
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2024-58
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some upstream tag meta information to upstream commits
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream announce for CVE-2024-9632
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3940-1 for xorg-server
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Restore CVE-2023-42115
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for xorg-server update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2024-50610/gsl as ignored for bookworm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track some new mattermost-server issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take texlive
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3941-1 for texlive-bin
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Bullseye is not affected by CVE-2023-37276 for the same reason as Buster
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-9632/xorg-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr via unstable for mfsa2024-56 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2019-25219/asio
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new waitress issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-4695{1..6} for tracking
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] update the tracking for libyang to cover libyang 1/2/3 correctly
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] firefox fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2023-40175 as ignored for bullseye
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2024-0217 as non-issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track issue in mpg123, for #1086443
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark firmware-nonfree issues as ignored for bookworm to start with
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-10525/mosquitto
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-3935/mosquitto
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for waitress issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note about enabling test suite for unbound
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] dd notes about python-aiohttp
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3942-1 for openssl
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for xwayland issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two waitress issues fixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2024-0006
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2024-22641
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: lts: add libarchive
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3943-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE assigned for mpg123 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2024-44331
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2024-44331/gst-rtsp-server1.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2023-49582
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-51482/zoneminder
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-48910/node-dompurify
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVEs for consul
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take libarchive
Adrian Bunk ( at bunk)
Last message date:
Thu Oct 31 22:31:19 GMT 2024
Archived on: Thu Oct 31 22:31:24 GMT 2024
This archive was generated by
Pipermail 0.09 (Mailman edition).