September 2024 Archives by thread
Starting: Sun Sep 1 04:00:35 BST 2024
Ending: Thu Sep 26 23:35:49 BST 2024
Messages: 658
- [Git][security-tracker-team/security-tracker][master] Add note about regression in CVE-2024-8088
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Reference as well reported Debian bug
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new issues in nvidia-cuda-toolkit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim ghostscript in dla-needed.txt
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2024-7592/python3.9 postponed
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] xfpt fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-42040/u-boot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark libolm issues as ignored for bookworm
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2024-24859 as fixed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-24859
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3858-1 for ruby2.7
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-43398/ruby2.7: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3859-1 for systemd
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3860-1 for dovecot
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two libpcap issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45508/htmldoc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add python-oslo.utils
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3861-1 for exfatprogs
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] dla: fix python-oslo.utils attribution
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3862-1 for calibre
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-44947/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3863-1 for nbconvert
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45306/vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-43801/jellyfin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-38858/check-mk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update note for git in dsa-needed file
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3864-1 for webkit2gtk
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3865-1 for frr
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45310/runc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2024-6609/nss
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-49582/apr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of opensc issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: drop h2o, DSA not tracked anymore
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3866-1 for ruby-tzinfo
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3867-1 for git
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3868-1 for ruby-nokogiri
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] LTS: Claim openssl in dla-needed.txt
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] 3 commits: dla: drop gpac
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage git for bullseye LTS (CVE-2024-32020)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2024-43788 in node-webpack for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-49284 in fish as ignored (from no-dsa) for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Mark a series of redis CVEs as ignored for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] new openssl issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add commit reference for openssl
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tag for commit for CVE-2024-6119
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new haproxy issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] vim fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for openssl update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new Django CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for python-django issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new python isue (CVE-2024-6232)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tags for commits of CVE-2024-45506
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2024-39
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2024-41
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8374/cura
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new CVEs for limesurvey, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new chromium CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] docker fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim gnutls28 and opensc in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] dla: retake
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox for mfsa2024-39 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct status for CVE-2024-8388
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr issues from mfsa2024-41
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for openssl issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark npgsql as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track golang-1.20 as removed from everywhere supported
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add entry for DSA-5765-1/firefox-esr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Reclaim redis for now.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] LTS: claim espeak-ng in dla-needed.txt
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3869-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] LTS: Claim ruby-sinatra in dla-needed.txt
Jochen Sprickerhof ( at jspricke)
- [Git][security-tracker-team/security-tracker][master] LTS: claim nss in dla-needed.txt
Arturo Borrero González ( at arturo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45160/lemonldap-ng
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-44082/{ironic,ironic-python-agent}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8088 regression commit fixes for python3.11 and 3.9
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3870-1 for python-oslo.utils
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3871-1 for cinder
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3872-1 for glance
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3873-1 for nova
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3874-1 for nsis
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3875-1 for gnutls28
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3876-1 for setuptools
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Add notes for unbound/CVE-2024-43168
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Remove reference to CVE-2024-40767
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bookkeeper removed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for two chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Andres Salomon ( at dilinger)
- [Git][security-tracker-team/security-tracker][master] rustc n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: take ffmpeg
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3877-1 for ruby-sinatra
Jochen Sprickerhof ( at jspricke)
- [Git][security-tracker-team/security-tracker][master] lts: swap fd with Thorsten
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3878-1 for libxml2
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] new clamav issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new aardvark-dns issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add reference to pull request for CVE-2024-8418
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45314/flask-appbuilder
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-4531{2,3}/overleaf, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two exiv2 issues now fixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take wireshark
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8445/389-ds-base
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new mbedtls issues (CVE-2024-4515{7,8,9})
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2024-8418
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for clamav issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-8418/aardvark-dns
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2024-8418/aardvark-dns via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45751/tgt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage various ffmpeg issues as n/a
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add new go issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage python3.9 for bullseye LTS (CVE-2024-8088)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2024-6232/python2.7 as ignored.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 7 commits: Triage CVE-2024-37568 in python-authlib for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-8250/wireshark is now fixed in unstable
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add commit references for golang issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference fix for CVE-2024-8250
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new airflow issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2024-3647 hardening
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take python3.9
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8517/spip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new thunderbird issues from mfsa2024-{43,44}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2024-23184/dovecot as <not-affected> for buster and stretch.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-8418/aardvark-dns
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8443/opensc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: data/dla-needed.txt: Triage thunderbird for bullseye LTS (CVE-2024-8381,...
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] CVEs I missed in python3.13 upload
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] lts: take thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] This is, of course, 3.13
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-6923
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-7592
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-49582/apr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tags for CVE-2024-8088
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tags for CVE-2024-6232
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for mariadb for bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] libvirt fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-7652
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3879-1 for bluez
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for various python3.12 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit references for CVE-2023-27043
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-37704/amanda: Add another followup
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3880-1 for amanda
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] dla: take flatpak
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3881-1 for aom
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Process some NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed verison for ruby-sidekiq issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for asterisk issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take node
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Retake cacti
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add tomcat9 to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Claim exim4 in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-29894/cacti [bullseye]
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rust-quinn-proto issue (n/a)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rust-gix-path issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Document that node-dompurify is embed in cacti
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Merge rust-quinn-proto RUSTSEC-2024-0373 with CVE-2024-45311 entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to oss-security ost for CVE-2024-45751/tgt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Specify version where switch to links happened
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-45751/tgt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] update notes
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage python-zipp for bullseye LTS (CVE-2024-5569)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-5992/opensc: Add link to regression-fixing PR.
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3882-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert "data/dla-needed.txt: Triage python-zipp for bullseye LTS (CVE-2024-5569)"
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] golang fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ruby3.3 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3883-1 for python-jwcrypto
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-42334
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-6716 (not a valid security issue)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from rejected CVEs (they were duplicates)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Update note for redis.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3884-1 for cacti
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Forget to close CVE-2024-31460/cacti
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] LTS: claim ring
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Update more ruby3.3 fixes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-45508/htmldoc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45411/php-twig
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-24510/sogo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-6572/check-mk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove uneeded TODO item
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-40643/joplin
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-37288/kibana
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add universal-detector embedding for of uchardet
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop rejected CVE-2024-43898
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3885-1 for redis
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] qtbase-opensource-src-gles fixed in experimental
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2024-6221
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-7730/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-6221
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-45508/htmldoc via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8645/wireshark
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8654/mongodb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45044/bareos
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-8645/wireshark was the temporary CVE
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] add expat
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Sync three CVEs for linux with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-27082
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add expat to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference oss-security post for CVE-2024-6655
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new intel-microcode issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for intel-microcode issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove firefox-esr entry form dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8096/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process batch of NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim expat in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] new node-express issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new node-send issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for CVE-2024-43799 commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new node-serve-static issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: update triage of CVE-2019-8457/db5.3 so bullseye matches most recent analysis
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add reference to upstream tag for CVE-2024-43800
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: add notes for ffmpeg
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-44070/frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45593/nix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-38531/nix via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2024-45845 and CVE-2024-45593
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark some CVEs of golang-1.15 as no-dsa
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] new node-path-to-regexp issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new node-body-parser issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: Unclaim openssl (no work done)
Sean Whitton ( at spwhitton)
- [Git][security-tracker-team/security-tracker][master] new ruby-saml issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag references for CVE-2024-45409
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference mailinglist post for CVE-2024-42040
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-42040/u-boot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add commit references for CVE-2024-42934/openipmi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary short description for CVE-2024-42934
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-45409/ruby-saml
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-45321/cpanminus
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-42934/openipmi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-8096/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-45411/php-twig
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-45845
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-38688 (witdrawn by its CNA)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45624/pgpool2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] arm-trusted-firmware n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-27082/cacti
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] expat commit references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-22018/nodejs
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Revert "CVE-2024-27082/cacti"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-5651/fence-agents
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for git update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-46604/activemq
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-22020/nodejs
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Partially revert bookworm status for CVE-2024-22020
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-5203
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-36137/nodejs
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add a note for dla-needed/nodejs
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] 3 commits: add activemq
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reference commit id from v22.4.1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-40430
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix in experimental for CVE-2024-45411/php-twig
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some CVEs for vaultwarden, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8775/ansible
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45305/rust-gix-path
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-32723/zabbix (bullseye, LTS not affected)
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-22121/zabbix is a vulnerability in the Windows installer.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] node-body-parser fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-32723
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] pgpool2 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-45411/php-twig
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-45296/node-path-to-regexp via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8768 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] python3.11 spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3886-1 for nodejs
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add php-twig to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-5991/wolfssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-1544/wolfssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional bug references for wolfssl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tag for commit fixing CVE-2024-25763/openNDS
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-25763/opennds
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2021-37706/ring
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] mark several CVEs of opensc as postponed until fixed upstream
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3887-1 for ring
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-36462/zabbix - vulnerable feature introduced with 7.0.0
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-36462/zabbix - add upstream patch reference
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-36460/zabbix
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2024-23984 and CVE-2024-24968 as postponed for Bullseye
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 4 commits: mark CVE-2024-8372 and CVE-2024-8373 as postponed for Bullseye
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Mark rust-failure as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Slightly reformat notes for CVE-2024-36460
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 9 commits: add pgpool2
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-6472/libreoffice
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] dla: take php-twig
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3888-1 for php-twig
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-43788/node-webpack
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-43796/node-express
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for various flask-appbuilder issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary TODO item for further investigation
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new nextcloud-desktop issue (n/a)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: claim zabbix in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3889-1 for pymongo
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] LTS: take squid
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2024-46958/nextcloud-desktop
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-22123/zabbix located patches
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug referene for CVE-2024-45314/flask-appbuilder
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-22122/zabbix located patches
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for weechat issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark weechat issue as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim python-git in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2023-43281
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-22116/zabbix locate patches
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Remove one invalid empty commit reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-22114/zabbix identified patches.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45801/node-dompurify
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update some mattermost-desktop CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-32084/MariaDB
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-32082/mariaDB
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-32081/mariaDB
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-32085/mariaDB
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-32086/mariaDB
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Unify some of upstream tag references
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark llvm-toolchain-15 as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-32087/MariaDB
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45800/snappymail, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-32088/mariaDB
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-32089
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-32091/mariadb
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3890-1 for galera-4
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-47015/mariaDB
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-22084/mariadb
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] new rust-lexical-core issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new clickhouse issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVEs with same fix for MariaDB
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-27449/mariadb
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-27452/mariadb
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-27456/mariadb
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] MariaDB/MDEV-24176
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-27378/mariadb-10.1
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-27377/mariadb-10.1
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-27381/mariadb-10.1
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Revert "MariaDB/MDEV-24176"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in note for CVE identifier
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove trailing whitespaces
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information in CVE-2022-32089
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add slight sorting of versions
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct source name for CVE-2024-8445
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update todo item for CVE-2024-22013 as unclear if an issue in src:u-boot per se
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8421
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-45801/node-dompurify
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new micropython issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8897/firefox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] expat DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Add CVE-2024-8796/ruby-devise-two-factor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add libreoffice to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream references for CVE-2024-7788/libreoffice
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Assign libreoffice to jmm for DSA release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] twig DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-46958/nextcloud-desktop
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bugnum
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2024-45405/rust-gix-path
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3891-1 for mariadb-10.5
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reference CVE for DLA-3891-1
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Put CVE listing before suite entries for consistency
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: CVE-2023-49288/squid, follow bookworm triage and mark <ignored> for buster
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] 2 commits: update libreoffice info (DSA-5772-1)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two issues in tryton-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8900/firefox (from mfsa2024-33)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45679/assimp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3892-1 for tinyproxy
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-45751/tgt via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3893-1 for expat
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-35515/sqlitedict
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVEs from INTEL-SA-00731 with src:intel-mediasdk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Re-associate issues from INTEL-SA-00935
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add libreoffice to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] new pcp issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Remove duplicate entries
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8354/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of envoyproxy issues, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new logiops issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new puma issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new freeimage issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new protobuf issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new exiftags non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-457{69,70}/pcp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2024-45614/puma
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ruby-saml update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8612/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-8612
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] "new" puredata issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for micropython issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-47992/freeimage upstream bug report
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for intel-microcode fixes via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-47226/netbox, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-47220/ruby-webrick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2024-47220 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for linux via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reapply "MariaDB/MDEV-24176"
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Retake libreoffice
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-21096/mariadb
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2021-4183/wireshark does not affect bullseye
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] 22 commits: CVE-2024-45769,CVE-2024-45770,pcp: triage bullseye
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Upadate exim4 and tomcat9 notes in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for weechat issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2024-23848 as fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] wolfssl fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-4854/wireshark: Add note that only the MONGO fix applies to <= bookworm
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] LTS: claim unbound in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim opensc in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] dla: take puredata
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add note for reason to re-claim unbound
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: take nghttp2
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-23848/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-48945
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage tryton-server for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Retriage CVE-2024-21633/apktool for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] postponed → ignored for 2 LTS issues.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] add reference for CVE-2024-42259
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-47220/ruby-webrick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from now rejected CVE-2023-36268
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-45801
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-6135: mark as ignored for debian bullseye
Arturo Borrero González ( at arturo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track proposed update for dnsmasq via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-6609: bullseye: mark as fixed in nss > 3.61
Arturo Borrero González ( at arturo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-9014/pgadmin4
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert "CVE-2024-6609: bullseye: mark as fixed in nss > 3.61"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-46544/libapache-mod-jk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track two issues in centreon-web, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-38286/tomcat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new node-rollup issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new linuxptp issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" chromium issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2024-40918 as unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Retriage apktool/CVE-2024-21633 for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage knot-resolver for bullseye LTS (CVE-2023-46317)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3894-1 for booth
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Note that CVE-2023-3724/wolfssl fixed in stable update; my bullseye chroot was out-of-date.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Update status for some linux CVEs syncing with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tag for commits of CVE-2024-47068
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-45817/xen
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typos in notes for CVE-2024-45801
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2018-20072, a new chromium CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-38023/chromium
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-47068/node-rollup
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-46544/libapache-mod-jk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2024-42861
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim ansible in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Update URL and add possible patch for CVE-2019-2435
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-42861
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add booth to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-23454/hadoop
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new spring issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add reference for CVE-2024-42154
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for node-rollup via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2024-47068 in node-rollup for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2024-26020, CVE-2024-29073, CVE-2024-32152 & CVE-2024-32484 in anki for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage mediawiki for bullseye LTS (CVE-2023-51704)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] dla: take mediawiki
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-46461/vlc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3895-1 for puredata
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-8805/bluez
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new PHP issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim python-asyncssh in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2024-0005
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] puredata spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] rust-sqlx fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: take trafficserver
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add libseccomp to dla-needed, with a note
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Revert "Add libseccomp to dla-needed, with a note"
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Revert fixed status for libxml2 issue in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new cups related issues to tracker
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage webkit2gtk for bullseye LTS (CVE-2024-27830,...
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Track new mattermost-server CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-3897-1 for trafficserver
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track fixing commits for CVE-2024-47175, CVE-2024-47076 and CVE-2024-47176
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-47176/cups-filters
Salvatore Bonaccorso ( at carnil)
Last message date:
Thu Sep 26 23:35:49 BST 2024
Archived on: Thu Sep 26 23:35:52 BST 2024
This archive was generated by
Pipermail 0.09 (Mailman edition).