July 2025 Archives by thread
Starting: Tue Jul 1 07:16:20 BST 2025
Ending: Thu Jul 31 23:24:17 BST 2025
Messages: 899
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-6554/chromium
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Update Trellix rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for python-flask-cors via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for DataEase
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for ruby3.1 via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed clamav update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for MikroTik
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: claim snapcast in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2024-48869 as NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] chromium fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] rar spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-10963
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-35164 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-53076/rlottie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-6952/open5gs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add CNA based rule for ASR Microelectronics products
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-48379/pillow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dsa-needed: take ring
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-6297/dpkg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream tags and 1.22.x branch commit for CVE-2025-6297
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Andres Salomon ( at dilinger)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for Intelbras
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for Nokia
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mediawiki issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] junit5 n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add linux reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-53106
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reassocite some NFUs with itp'ed entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-52891/modsecurity-apache
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-52886/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-52559/zulip-server, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag reference for fixing commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-52615/avahi-daemon
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-2760/gimp with complete fix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] DSA for ring
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] take jpeg-xl
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] two mediawiki issues n/a for released suites
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-50182,python-urllib3: bullseye is postponed
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Cisco rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-43279/tcpreplay
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new thunderbird issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] modsecurity-apache fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mediawiki DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-52891
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for Linux upload via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-38167
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-5878/libowasp-esapi-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] remove notes from rejected CVE-2025-52969
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-7254
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for Docker
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2025-37991/linux with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-53367/djvulibre
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-53367/djvulibre
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add djvulibre to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] perl fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-46310/djvulibre
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark materialize as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark materialize as removed from everywhere
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] DSA for jpeg-xl
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] rar n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] take slurm-wlm
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] take pgpool2
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] update two mediawiki entries, thanks to Guilhem
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-53367/djvulibre via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-38177/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2025-4517
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-27465/xen
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7067/hdf5
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new CVEs for php
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-49809/mtr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-49600/mbedtls
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-49601/mbedtls
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new mbedtls issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2025-52886 on major refactoring before real fix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-52886/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for mbedtls issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: xmlrpc-c status update
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new hdf5 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-53603/sogo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Separate CVE assigned for RUSTSEC-2024-0437 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-53603/sogo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker] Pushed new branch pypy3-triage
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][pypy3-triage] 2 commits: automatic update
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-38235/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][pypy3-triage] 4 commits: automatic update
Stefano Rivera ( at stefanor)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-52555/ceph: Add note for regression fix
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-32918/check-mk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for hdf5 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4237-1 for xmedcon
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] dla: take ceph
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Add djvulibre to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add guix to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] dla: take djvulibre
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Add note regarding nvidia-graphics-drivers
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Correct typo in CVE id for slurm-wlm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim sslh.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-49014/jq via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track temporary entry for qbittorrent issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for djvulibre update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for Belkin
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7259/mongodb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Cover one more code-projects product
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issues in mongodb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-6663/gst-plugins-bad1.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct reference to repository commit for CVE-2025-6663
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-6663
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-32023/{redict,redis,valkey}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for libxml2 CVEs
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-48367/{redict,redis,valkey}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix for CVE-2025-48060 which rquired a dedicated trixie upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for slurm-wlm
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Add new AMD cpu issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of git issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add information for git issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct tracking for CVE-2025-6663
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-6663/gst-plugins-bad1.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-6032/podman via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-4748/erlang via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for CVE-2025-32023
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for CVE-2025-48367
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2025-46807 in sslh for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for git issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7345/gdk-pixbuf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two CVEs for juju, removed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] kubernetes spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track as well linux mitigations for CVE-2024-36350 and CVE-2024-36357
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two cloud-init issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new golang issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Update Microsoft rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for Asustor
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for valkey via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Update Microsoft rule + NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mruby issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts-cve-triage: fix cache freshness detection
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add git to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] new helm issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker] Pushed new branch fix-old-DSA-entries
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][fix-old-DSA-entries] Add missing -1 for old DSA entries
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add three "new" luajit issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4238-1 for sslh
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for gnutls28 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add information on gnutls issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7365/keycloack, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7370 for libsoup
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-3634{8,9 (associate it with amd64-microcode, hw vulnerability)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Add amd64-microcode to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Triage tidy-html5 for bullseye
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for amd64-microcode
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add amd64-microcode to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove todo item from one now rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge two Linux CVEs from kernel-sec update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] jq spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gst-plugins-bad1.0 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: take gnutls28
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVE changes from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim git in dla-needed.txt
Lee Garrett ( at lgarrett)
- [Git][security-tracker-team/security-tracker][master] Comment on git dla-needed
Lee Garrett ( at lgarrett)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-6170/libxml2: Reference fixed commit
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for Symantec
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new chmlib issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new optee-os issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2025-49795/libxml2 for bullseye
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim redis.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 9 commits: CVE-2025-6297,dpkg: bullseye is postponed
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] LTS: claim php7.4 in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-5024 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take thunderbird
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-49014/jq
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-48172
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-49795/libxml2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-46733/optee-os
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new libxslt issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-53630/llama.cpp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-52473/liboqs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new apache2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new tomcat issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim libowasp-esapi-java in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Track fixes for linux via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker] Pushed new branch fix-6
Emmanuel Arias ( at eamanu)
- [Git][security-tracker-team/security-tracker] Deleted branch fix-6
Emmanuel Arias ( at eamanu)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for apache2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for Advantech
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] optee-os fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Identify CVEs covered by a DLA and not a DSA
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for golang issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for tomcat issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for two cpp-httplib issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-48924/libcommons-lang*-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for libxlt issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-53630
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Doc: from trixie python3-legacy-cgi must be installed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for commons-lang issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] doc/security_tracker: Update wording on the additional dependency
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-45582/tar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-5992/qt6-base
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4239-1 for thunderbird
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] cloud-init spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add direct commit reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Drop lts-needs-forward-port.py
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Take ruby-graphql for bullseye
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for libsoup3 issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7464/gobgp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add apache2 to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4240-1 for redis
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-7345/gdk-pixbuf via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for redis issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-53630/llama.cpp and add ggml
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Bug for llama.cpp and ggml reassigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 9 commits: CVE-2024-6174,CVE-2024-11584,cloud-init: bullseye is postponed
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add libcommons-lang{3}-java to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Link to rabbitmq-server upstream discussion in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] add reference for CVE-2025-1244
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rust-static-alloc issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for Cato
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mbedtls fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] python-urllib3 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new ghostscript issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: clarify rabbitmq-server status
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] new binutils issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libsoup3 spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-660{2,4,5}/ffmpeg are already fixed in trixie
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4241-1 for ffmpeg
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Take frontdesk week
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Associate some egroupware CVEs with removed package
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for rust-static-alloc issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-49087/mbedtls via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for mbedtls via unstable for CVE-2025-48965
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-47917 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-7462/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-7345/gdk-pixbuf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-7462
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for devscripts issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] track CVE-2025-21311 for squid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-49809/mtr: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-7345/gdk-pixbuf: Link to regression report
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-29606 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-7345 as postoned (but not DSA planned)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: reclaim libxml2 and mediawiki in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Update Linux CVEs based on triage in kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Detect issues fixed in buster and bookworm but not in bullseye
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-7462/ghostscript: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update Ubuntu CVE status URL
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add mbedtls
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2025-5992/qt6-base
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new policykit-1 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take apache2 and angular
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for OMRON
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add a note about apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Update status for policykit-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some new imagemagick issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new pandoc issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add apache2 to list of packages fixed by "micro releases"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference fixes for apache2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add gnutls28 to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new jackrabbit issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new python-aiohttp issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for Palantir
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for Directus
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] fix entry
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] nix n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new ruby issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts-cve-triage: filter out packages already in dla-needed.txt
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ruby-rack-session fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-53630
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Document ggml and llama.cpp (and whisper.cpp)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim jgit
Andrej Shadura ( at andrewsh)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-7464/gobgp as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim nagvis in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] LTS: claim u-boot in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] claim suricata
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker] Pushed new branch add-json-api-doc
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-27151/redis via unstbable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for ruby-rack issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-7519/policykit-1: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add reference for redis for CVE-2025-49112
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix previous introduced typo in package note for CVE-2025-7519
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-53689/jackrabbit: introductory commit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add additional upstream references for CVE-2025-53689
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-6965/sqlite3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new virtualbox issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add more products covered for Oracle CNA rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for some Linux CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add a note about CVE-2025-53014/imagemagick
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add more covered products for Oracle CNA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-53015/imagemagick
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Unify note style for fix reference in CVE-2025-53014
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2025-53019/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: two gnuplot issues fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Update Oracle list
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new java issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new vim issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] drop rejected libsoup issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one more gnuplot issue fixed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] some random matomo CVE from 2017...
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add openjdk reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new n/a nodejs issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add initial CNA rule for Apache
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: add openjdk-11, openjdk-17
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] NFU CVE-2025-23267 NVIDIA Container Toolkit
Henri Salo ( at hsalo-guest)
- Processing 258d8deebebd6fd2d8792441a5c1d02eec627362 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix syntax error in previous commit
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] bin/lts-cve-triage.py and support scripts: add description and update copyright info
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] new libplack-middleware-session-perl issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gnutls28 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add refrences for two vim issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new bind issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2025-40918 with libauthen-sasl-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: gnutls stats update
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-40918
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-40923
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-40918
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-40918 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-53015/imagemagick: introductory commit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-40918/libauthen-sasl-perl: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] lts-cve-triage: improve reports documentation
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] new unbound issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new icingadb-web issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-24294/ruby2.7: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-21311/squid: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Take pam
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-53015/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop notes on CVEs which were withdrawn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to fixing commit for CVE-2025-5994/unbound
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for icingadb-web
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for imagemagick CVEs fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Return Not Found if the source pkg does not exist
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix links with extra trailing characters (Closes: #994897)
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] web_support: fix invalid escape sequence
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] LTS: re-claim systemd in data/dla-needed.txt
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] dla: add libxslt
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Take libxslt and keep an eye on upstream movement for unstable first
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-34120/limesurvey, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-40776/bind9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Sort lift of products for cisco CNA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add another product for eclipse CNA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] embedded-code-copies: precise pypy3 stdlib versions
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][add-json-api-doc] Add JSON API documentation to the tracker
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Give up jgit
Andrej Shadura ( at andrewsh)
- [Git][security-tracker-team/security-tracker][master] 2 commits: pypy3: reference tar-related CVEs, bullseye (& bookworm) not-affected, trixie/sid unfixed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] pypy3: note about tar-related CVEs fixed in experimental
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] check-new-issues: don't print stats with --auto
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for CVE-2025-5994/unbound
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] pypy3: reference recent py3-stdlib CVEs
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Sync pypy3 status according to maintainer triage
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status in sync with MR!219 for pypy3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker] Deleted branch pypy3-triage
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for openjdk-21 issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for virtualbox issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-49501
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-40924/libcatalyst-plugin-session-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-40924/libcatalyst-plugin-session-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-27558 and track mitigations in Linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7700/ffmpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new opencv issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add pypy3
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: drop jgit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-53905,CVE-2025-53906/vim: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2025-6965/bullseye: follow bookworm
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-7700/ffmpeg: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-39355/freerdp2: Stop claiming is was fixed in DLA-3606-1
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-39355/freerdp2: Also remove DLA annotation
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2025-53644/opencv
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-53644
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-38349/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: CVE-2019-13147/audiofile: bullseye postponed to align with other dists
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2025-40924/libcatalyst-plugin-session-perl: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-0634,CVE-2025-53074,CVE-2025-53075/rlottie: follow bookworm triage for bullseye
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: take exempi
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for three libxml2 CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE assigned for qbittorrent issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7339/node-on-headers
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new grafana issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: take modsecurity-crs
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add new goldendict issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two 7zip issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert "Update status for CVE-2021-46310/djvulibre"
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] dla: take batik
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Track progress of ceph regression with Debian bug
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-5992/qt6-base via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track imagemagick fixes via trixie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for openjdk-24 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for 7zip issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-38350/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: erlang status update
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-53014,CVE-2025-53019,CVE-2025-53101/imagemagick: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Remove todo from now (and finally) rejected CVE-2025-23090
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-38349/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-38351/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] AddCVE-2025-7797/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7784/keycloak, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for some wolfssl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new mattermost-server CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for 7zip related CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for openjdk-11 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for node-on-headers issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add p7zip-rar
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add CVE-2025-7783/node-form-data
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-7797/gpac: bullseye end-of-life
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-7395/wolfssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-7394/wolfssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-7396/wolfssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-7339/node-on-headers
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-53901/rust-wasmtime
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-7394/wolfssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2025-40777/bind9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference amd64-microcode changes needed for TSA mitiations
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-25844/angular.js
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4242-1 for angular.js
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Mark two more CVEs no-dsa/postponed for angular.js
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for angular.js via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for angular.js via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference fix for CVE-2021-46312
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for commons-vfs, will be fixed via point release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Document that maintainer of redis is working on updates
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-7783
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for krusader issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for binutils issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-48734/commons-beanutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark imagemagick issues as no-dsa for bookworm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert tracking of fixed version for trixie for imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in note for CVE-2025-53644
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4243-1 for batik
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7738
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-54314/ruby-thor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two djvulibre issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2025-53367/djvulibre
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4244-1 for tomcat9
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4245-1 for libcommons-fileupload-java
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4246-1 for libowasp-esapi-java
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-50200,rabbitmq-server: link to pull request
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add new wordpress issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Annotate information on fix for CVE-2021-46312
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add another product for Trellix rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4247-1 for djvulibre
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] LTS: claim pytorch in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] LTS: claim jackson-core in dla-needed.txt
Emmanuel Arias ( at eamanu)
- [Git][security-tracker-team/security-tracker][master] Mark libitext1-java as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for wordpress issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add description based rule for IrfanView
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7962/jakarta-mail
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-54121/starlette
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-30761/openjdk-11 fixed in 11.0.28+6-1
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-38352/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add note from smvc
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-52046/mina2 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2025-40777 as postponed for Bullseye
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-51471/ollama
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for two iputils issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-50151/apache-jena
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add two new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr and thunderbird to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox issues from mfsa2025-56
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2025-58
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for firefox-esr via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop bullseye from backport releases
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2025-62
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: fix TP-LINK entry
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add secondary bug for CVE-2025-47268/CVE-2025-48964 in iputils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unify TOTOLINK NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2025-53603 with scope (where the vulnerable code lives)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-53603/sope
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4248-1 for openjdk-11
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add fixed version via unstable for CVE-2025-53689
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track firefox issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-54090/apache2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add a note about CVE-2025-49112/redis.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2025-32697/mediawiki: Mark as <ignored> for bullseye
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for firefox-esr update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-8058/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update note for CVE-2025-49112
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-54141/ViewVC
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-54140/pyload, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-54072/yt-dlp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-53538/suricata
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-50477/lbry-desktop, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2025-7345
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for mysql-8.0 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-30192/pdns-recursor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE of devscripts as postponed for Bullseye
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] dla: take node-form-data
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2025-8058/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add sope as well to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2-25-8058/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-53538/suricata
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-54121/starlette
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-50151/apache-jena
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-30192/pdns-recursor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4250-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Three CVEs finally rejected (where bogus and violating CNA rules)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2025-7962
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of gitlab issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-7783/node-form-data
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fix via experimental for pnds-recursor issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add javamail to CVE-2025-7962 for the 1.6.y branch
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-7962/javamail
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-53537/libhtp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new gitlab issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for redis proposed debdiff send for review
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-53537/libhtp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct freerdp2 version pending for next bookworm point release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-8114/libssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-6998/calibre-web, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add unbound
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for iputils issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two chromium issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark golang-1.{16,17} as removed eveywhere supported
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2018-9389 as NFU and Android specific
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-8114/libssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new qemu issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-46686 for redis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Try to clarify further the status for CVE-2025-46686/redis
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one more NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for two qemu issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-8129/node-koa, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2025-49604
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2025-3848
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2025-41662
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-8197/libsoup3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-45406/codeigniter, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: mark CVE-2025-30192 as EOL for Bullseye
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Mark glibc as no-dsa as agreed with maintainer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for sqlite3 issue via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new tiff issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new nvidia kernel modules issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4251-1 for libxml2
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2025-54314 as postponed for Bullseye
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2025-8114 as postponed for Bullseye
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4252-1 for snapcast
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4253-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Fix bug number association for CVE-2025-49796/libxml2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed djvulibre update via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for some libarchive issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for thunderbird update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new binutils issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unify upstream reference for CVE-2025-8225
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add PR link that fixes CVE-2024-30916 and CVE-2024-30917
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Add patch links for CVE-2023-50716
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4254-1 for php7.4
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Adjust upstream tag for CVE-2023-50716 commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take care of DSA release for php8.2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix for glibc via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for bookworm-pu for glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for nvidia-graphics-drivers-tesla-535
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for qemu issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-7783/node-form-data back as unfixed in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim mbedtls
Andrej Shadura ( at andrewsh)
- [Git][security-tracker-team/security-tracker][master] Revert "dla: take node-form-data"
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4255-1 for audiofile
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4256-1 for libetpan
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4257-1 for libcaca
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libxml2 issues via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from now rejected Linux CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for libxml2 issue fixed via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for pdns-recursor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-52886/poppler via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-54121/starlette via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-38468/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] fix typo
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE assigned for CVE-2024-58266/rust-shlex
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim node-form-data.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Update some Linux CVEs based on kernel-sec information
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4258-1 for libfastjson
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-53882/mailman3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-58265/rust-snow assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2024-58264 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-53161/rust-buffered-reader assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-53160/rust-sequoia-openpgp assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim luajit and unbound in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-53159/rust-openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-53158/rust-gitoxide, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-53157 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-53156/rust-transpose
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-50237/rust-curve25519-dalek
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream issues for gnutls issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2025-49656 with apache-jena
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for php8.2 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-48386/git does not affect the binaries in Debian
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-27614
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2024-58263 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-58262/rust-curve25519-dalek assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-58261/rust-sequoia-openpgp assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add another quite frequent product of code-projects
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-8283/netavark
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-54418/codeigniter, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add ZDI reference for CVE-2025-38350/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-3808{4,5}: Provide Google p0 cross-reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-8194/pythonAdd CVE-2025-8194/python
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-54419 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-54090/apache2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for apache2 via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-43023/hplip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7458/sqlite3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-27514/glpi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add a note dla-needed/apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-43204/apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add sope to dla-needed
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add patch link for CVE-2025-48924
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tag for CVE-2025-48924
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync status for CVE-2023-52735/linux with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-38498/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2025-8292/chromium
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7777 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-2814/libcrypt-cbc-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-43018/piwigo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-4264{4,5}/flashmq, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-23279 & CVE-2025-23286 as ignored for bullseye
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Document that CVE-2025-25724/libarchive is not yet fixed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-36357 and CVE-2024-36350
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim libcommons-lang3-java in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Mark Bullseye as not affected by CVE-2024-31584
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Add note for sope in dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim sope.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Mark python3.12 as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark python3.12 as removed from everywhere supported
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for openjdk-8 issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-54090/apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2023-2593/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-54576/oauth2-proxy, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-54572/ruby-saml
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some new glpi issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark ruby-saml as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-7783/node-form-data: Already fixed in unstable
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4259-1 for systemd
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Revert "CVE-2025-7783/node-form-data: Already fixed in unstable"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for git issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track pending request of node-form-data for bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark luajit issues as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reapply "CVE-2025-7783/node-form-data: Already fixed in unstable"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new docker.io issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-50059/openjdk-8 n/a
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] dla-needed/ca-certificates
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] dla: Add note about git updates done yesterday
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2023-2593/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for qemu issues via experimental
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for redis update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-45770/php-lcobucci-jwt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two jspwiki issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate some old NFUs with itp'ed entry for gestioip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-4227/gsoap
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-53399/rtpengine
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for advisory for CVE-2025-53399
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for sope update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add a note for sope
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4260-1 for sope and add a note.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4261-1 for node-form-data
Chris Lamb ( at lamby)
Last message date:
Thu Jul 31 23:24:17 BST 2025
Archived on: Thu Jul 31 23:24:21 BST 2025
This archive was generated by
Pipermail 0.09 (Mailman edition).