September 2025 Archives by thread
Starting: Mon Sep 1 01:48:52 BST 2025
Ending: Tue Sep 30 23:03:17 BST 2025
Messages: 893
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4079-2 for openvpn
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-48924/libcommons-lang3-java via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-58068/python-eventlet via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim civetweb in dla-needed.txt
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4288-1 for ruby-saml
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] new dcmtk issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] bookworm/trixie triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] golang-github-ulikunitz-xz fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reference full commit id for CVE-2025-9732 fix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add patch link for CVE-2025-9689/mupen64plus-core
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-9688: Reference upstream commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Clarify waiting status for cpp-httplib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Shuffle packages not candidates for 13.1 to end of list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Move python-django to end of list, will be skipped again for 12.12
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop libxml2 entries, they got implicitly already included with last DSA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Move proposed updates not candidate for 12.12 down the list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new xmltodict issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new retroarch issue
Moritz Muehlenhoff ( at jmm)
- Processing 08392587b26f8d18a4c56eaf21456406b32cab98 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] first batch of tensorflow updates
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] more tensorflow updates
Moritz Muehlenhoff ( at jmm)
- Processing 86835dc64f71d9db5096c7ece4991f0b9c677f7f failed
security tracker role
- Processing 9ab1f257e99fe27af4ab307ea6f33f3999a77efc failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] tensorflow updates
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] edk2 fixed in sid
Moritz Muehlenhoff ( at jmm)
- Processing 7f93e584f5a30ca44beffcdf6307cc7a3bcf9ff2 failed
security tracker role
- Processing 715e97a433bfb1e789f8265f08fd393d00d3e060 failed
security tracker role
- Processing 244f683e68f332a779b4bec999270d8cf43c0bb3 failed
security tracker role
- Processing bc7fa71f75a2433b1b46bdb91e39f2ed86261702 failed
security tracker role
- Processing e5d7618391a4921f08460172255e29a2762fcf52 failed
security tracker role
- Processing 17b998583779b57ed147d39d54cfcebb759dd12f failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] reclaim nextcloud-desktop in dla-needed.txt
Abhijith PA ( at abhijith)
- Processing d9922835e9b0bd403ffd5afcc9285e90feec1060 failed
security tracker role
- Processing 75e45cb13c57520fe210353c88770cc38abc278a failed
security tracker role
- Processing 618c98036512ff6094f19e1d696b3f62e033ce0b failed
security tracker role
- Processing 0570a457eb6a8698b9478399bdbadd8a2ff456b4 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4289-1 for python-eventlet
Jochen Sprickerhof ( at jspricke)
- Processing 5be00601055eb2d501d267a3313145557e4a2ac1 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] add reference for rust-tracing-subscriber
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Patch for CVE-2025-57804/python-h2 is a two-parter
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] python-eventlet spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim python-future.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] dla-needed: notes for civetweb
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4290-1 for python-h2
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] dla: take jetty9
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2025-9375
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-9375/python-xmltodict
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-9784/undertow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-9714/libxml2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add Foxit
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] stardict spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add notes for wordpress
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add new wireshark issue, CVE-2025-9817
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: extend Apache rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for sail issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update linux CVEs based on updated information from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference tests for sail issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for sail upstream issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-38678/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for some CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new batch of chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-57833/python-django
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for python-django issue fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4291-1 for node-cipher-base
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-9901/libsoup
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-57052/cjson
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-55162/envoyproxy, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-46810 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE which got rejected by the CNA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for chormium via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4292-1 for clamav
Lucas Kanashiro ( at kanashiro)
- [Git][security-tracker-team/security-tracker][master] sail spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] phpmyadmin fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-9636/pgadmin4
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new netty issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for phpmyadmin via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add Android
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track two CVEs as fixed for recent linux upload to unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libsoup issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-9732/dcmtk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for two netty issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add required followup commit for CVE-2025-9732/dcmtk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes on now rejected Linux CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2025-9714
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-9019/tcpreplay
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track more fixed version for tcpreplay issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-9714 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Andres Salomon ( at dilinger)
- [Git][security-tracker-team/security-tracker][master] Remove notes from two rejected Linux CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-9566/podman
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] potential new libxml issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Take imagemagick/dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Fix small typo in temporary NOTE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add python-django to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7709/sqlite3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-57807/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new keycloak issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-55305/electron
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-58352/weblate
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-57807/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Merge changes for updates with CVEs via trixie 13.1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Merge changes for updates with CVEs via bookworm 12.12
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for shibboleth-sp issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for advisory for shibboleth-sp issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim amd64-microcode in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] LTS amd654-firmware, reached out to maintainer.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-26434: Record contact with Android CNA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-57807/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add shibboleth-sp to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2024-21977 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-9566/podman
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new mongodb issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for shibboleth-sp issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-58438/python-internetarchive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4293-1 for wireless-regdb
Ben Hutchings ( at benh)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for some imagemagick issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for imagemagick issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version via unstable for CVE-2025-5115/jetty9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-55212/imagemagick
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-55298/imagemagick
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4294-1 for modsecurity-apache
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add note that maintainer proposed to prepare updates for imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unify sorting of two commits for imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for shibboleth-sp update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add reference to github mirror for sqlite commit for CVE-2025-7709
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2019-19191
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for python-internetarchive issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Update Apache rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVE changes from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-48042 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 7 commits: Add libxml2 to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] LTS: claim libxml2 in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add nova and watcher to dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Correct status for CVE-2025-9810 and associate with linenoise
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new lrzip non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] boomworm/trixie triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4295-1 for libhtp
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-53537/libhtp does not affect bookworm or bullseye
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] new jackrabbit issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-40930 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-40929/libcpanel-json-xs-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-40928/libjson-xs-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark JSON::XS related CVEs as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4168-2 for openafs
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-40928/libjson-xs-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for some Linux CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-48982
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add libjson-xs-perl and libcpanel-json-xs-perl to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark mydumper as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Partially revert changes for CVE-2025-53537
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream ticke reference for CVE-2025-53537
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note on amd64-microcode
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] libhtp spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Revert "Partially revert changes for CVE-2025-53537"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4296-1 for qemu
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-40929/libcpanel-json-xs-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-30224/mydumper
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-26434/libxml2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add reference for libxml2
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] "new" node-sanitize-html issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark two older Envoy issues as NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2025-6965
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new CVEs for XSA-472
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new CVEs for XSA-473
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-58146/xen-api
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-57052
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for qemu issue in bullseye
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim git in dla-needed.txt
Lee Garrett ( at lgarrett)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-26434
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] sqlite3 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] py-internetarchive fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update versions referenced for node-sanitize-html commits
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Record applied mitigations for CVE-2024-52615 and CVE-2024-52616
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-9951/ffmpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-8277/libssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2025-8114/libssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add python-internetarchive to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: add rule for typo3
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-52322/open5gs, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync some Linux CVEs with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Update naming of product for Apache HertzBeat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs now covered by auto-nfu rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-10148/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-9086/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim libxslt in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] update fixed version for hsqldb1.8.0
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add two new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: reclaim firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-27418/uclibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert change to parsers.py
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] reclaim libphp-adodb in dla-needed.txt
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] add cjson fix
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] podman fixed in experimental
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 3 commits: lts: add libcpanel-json-xs-perl
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE assigned for shibboleth
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: triage curl CVEs
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim python-django.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE reference for DSA 5994-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-8961/tiff via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] hsqldb1.8.0 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4297-1 for imagemagick
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59045/stalwart, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59037/duckdb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-10148 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-8277/libssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-58782/jackrabbit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add notes about CVE-2025-50817.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Update note for python-future.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add another NVIDIA covered product
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: lts: CVE-2024-7883/llvm-toolchain-19 ignored
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add two new cups issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for cups via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track commits for cups issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add cups to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references to advisories for cups issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-40300/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add additional commit for CVE-2025-40300
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] DSA for imagemagick
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Move two CVEs out of intersected list for CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for cups update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA numbers for libjson-xs-perl and libcpanel-json-xs-perl updates
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-40300/linux via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-58065/flask-appbuilder
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-48038/erlang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-48039/erlang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-48040/erlang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-48041/erlang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4298-1 for cups
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-58754/node-axios
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-58754/node-axios
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new ffmpeg issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one qemu issue fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add references for VMScape
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2016-1000107/erlang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add GHSA reference for CVE-2020-25623/erlang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add GHSA reference for CVE-2015-2774/erlang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-53846/erlang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add GHSA reference for CVE-2022-37026/erlang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add GHSA reference for CVE-2020-35733/erlang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add GHSA reference for CVE-2017-1000385/erlang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-27233/zabbix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-27234/zabbix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-27234/zabbix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-27238/zabbix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-27240/zabbix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark several AMD GPU issues as NFU: AMD
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add missing epoch for DSA-5997-1/bookworm
Adam Barratt ( at adsb)
- [Git][security-tracker-team/security-tracker][master] Mark some more CVEs as NFU for AMD
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2016-1000107/erlang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for erlang issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][fix-old-DSA-entries] 2261 commits: automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Review some older DSAs with missing incremental updates
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker] Deleted branch fix-old-DSA-entries
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two minor lemonldap-ng issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for intel-microcode issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two libssh issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed: take libcpanel-json-xs-perl, libjson-xs-perl
Paride Legovini ( at paride)
- [Git][security-tracker-team/security-tracker][master] cjson DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] node-sha.js fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4299-1 for jetty9
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add annotation that Adrian proposed debdiffs for jetty*
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] jetty9 required for both bookworm and trixie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed: take shibboleth-sp
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4300-1 for shibboleth-sp
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] add references for two linux issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] node-axios fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla-needed: Remove civetweb - bullseye not affected
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] new guix issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new expat issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2025-55763
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2025-59378
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-59375/expat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-59378
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert "one qemu issue fixed in sid"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge CVE changes from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] disassociate CVE-2025-50817 from python-future
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] erlang fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-46653/node-formidable via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2025-6375/poco
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some new CVEs for mattermost
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add Apache Fory to list of products to consider as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim pytorch in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] LTS: claim u-boot in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4301-1 for python-django
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4302-1 for node-sha.js
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for CVE-2025-24293/rails
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2025-24293/rails
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for rails issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add commit references for CVE-2025-24293/rails
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-28998 CVE-2023-29000 and CVE-2024-52510 ignored for
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-47792 as <postponed> for bullseye.
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59436/node-ip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59437/node-ip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for some Linux issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from now rejected CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox issues from mfsa2025-73
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2025-75
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2025-78
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] node-sha.js DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add link to the ELTS tracker in the CVE page
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via unstable for protobuf issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-59375/expat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59161/element-web, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59160/node-matrix-js-sdk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-58174/ldap-account-manager
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-4953/podman
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add expat fixes
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Marking CVE-2025-54119 as postponed for bullseye. This version only
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] update notes in dla-needed.txt
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new spring issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: take thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-6020 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] One lemonldap-ng issue CVEified
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update ntoe for python-internetarchive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libssh via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] firefox-esr fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ffmpeg triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] poco fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add note on rtpengine
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] the source package was openafs
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2025-59160 as EOL for Bullseye
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add libpod as well for CVE-2025-4953
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] libtheora n/a for older suites
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ros-dynamic-configure fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-23259/dpdk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add missing unstable entry for CVE-2024-39483
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for some upstream commits for ffmpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2024-39780
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference fix for CVE-2025-2914/hdf5
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-40933 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: add zabbix
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Remove python-future from dla-needed; CVE-2025-50817 was determined as bogus.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Update status for two Linux CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from one rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2025-9375 as postponed for Bullseye
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4303-1 for nextcloud-desktop
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-9862/ghost, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-55904/open5gs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate some older NFUs with ghost, itp'ed entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-58767/ruby
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new dnsdist issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for pam via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: add cjson
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] LTS: claim lemonldap-ng in dla-needed.txt
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Update NOTES for packages I'm working at
Paride Legovini ( at paride)
- [Git][security-tracker-team/security-tracker][master] firefox-esr DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-30187/dnsdist
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-4444/tor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-58767/ruby3.3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-58174/ldap-account-manager
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2025-4444 as EOL for Bullseye
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4305-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add WindRiver
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-21751
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] one tiff issue unimportant
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla: claim gimp
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] jetty DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-58174 as no-dsa for trixie and bookworm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-4444 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-4444/tor
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync some status of Linux CVEs with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two keras issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new mattermost-server issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new snipe-it CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59431/mapserver
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add Supermicro
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: claim python-internetarchive in dla-needed.txt
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-40925 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track CVE-2024-22365 as well as fixed with pam bookworm-pu update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-10492/jasperreports
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update on the amd64-microcode situation.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Update on the amd64-microcode situation - add remark that AMD is working on a solution.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Fix year in entry for ceph.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] LTS: claim watcher in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] ffmpeg fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla-needed: retake pam
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] LTS: claim nova in dla-needed.txt
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4306-1 for pam
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] one tiff non issue fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ffmpeg DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4307-1 for jq
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reference upstream tag for CVE-2025-8534 commit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-53605/rust-protobuf via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: mark CVE-2025-55763 as postponed for Bullseye
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: claim expat in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-59431/mapserver
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] two more tiff non issues fixed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] two more tiff non issues fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rust-ammonia issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59800/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] more older tiff non issues resolved
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] parsers: include advisory date in the header description
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] one older tiff non issue fixed
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add two new ghostscript CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59801/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for wordpress
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] d'oh -- off by 2 minutes; reclaim wordpress
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Pinpoint upstream tag information for two tiff issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-{59518,XXXXX}/lemonldap-ng as postponed for bullseye
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Trck fixed version via unstble for CVE-2025-30187/dnsdist
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-ammonia issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add commit reference for CVE-2025-59431 from rel-8-4-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-9566/podman via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove one rejected Linux CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2023-51767
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update in trixie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update in bookworm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for dovecot issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: claim spim
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] dla-needed: take ceph
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] fix typo
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59420/python-authlib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] disassociate CVE-2023-51767 from openssh
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add Carrier Global
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new libscram-java issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] rust-ammonia fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new tiff issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new go issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new asterisk issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] two fio non issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2025-0006
Alberto Garcia ( at berto)
- [Git][security-tracker-team/security-tracker][master] Reference directly commit for CVE-2025-59432
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-59432/libscram-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-37463/ruby-commonmarker
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-47910/go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-1131/asterisk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-59432/libscram-java via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new nncp issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2025-59437/node-ip as postponed for bullseye
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add webkit2gtk to dla-needed
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Mark several CVEs for wpewebkit as end-of-life for bullseye
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add a note for wordpress
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] LTS: claim varnish in dla-needed.txt
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: update notes for libphp-adodb
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Track fixes via experimental for vim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: claim ghostscript in dla-needed.txt
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-51006/tcpreplay
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note on libscram-java update (and consequence for libpgjava)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libphp-adodb {bookworm,trixie}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take webkit2gtk
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Remove typo in package note for CVE-2025-54119
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-59432 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add linux reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rust-astral-tokio-tar issue (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-58674/wordpress
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-55780/mupdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for RTI
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] tcpreplay non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-60020/nncp assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-59432/libscram-java as postponed for bullseye
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2025-9905/keras as not-affected for bullseye
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] unimportant issue, not really a security issue
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-2924
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for some radare2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add one more wordpress issue (no details yet)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-55780/mupdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for libxslt
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-8869/python-pip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59343/node-tar-fs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-58457/zookeeper
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: update notes on gdk-pixbuf in data/dla-needed.txt
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-57352/node-min-document
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-60020/nncp via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add links to follow-up changes for CVE-{2024-8176,2025-59375}/expat
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add two new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new nvidia-cuda-toolkit issues (Security Bulletin: NVIDIA CUDA Toolkit - September 2025)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update software name
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4309-1 for libxslt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] two more issues in nvidia-cuda-toolkit
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for nvidia-cuda-toolkit issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 6 commits: Add Debian bug reference for CVE-2025-8869/python-pip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new glib-networking issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-10911/libxslt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4310-1 for ceph
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] 3 commits: bookworm/bullseye triage of CVE-2025-8671/varnish
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference fix for CVE-2025-6269/hdf5
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-6516/hdf5
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-59343/node-tar-fs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4311-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59830/ruby-rack
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add pytorch issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-57632/libsmb2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-54831/airflow, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-55559/tensorflow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-55556/tensorflow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add four new pytorch issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update upstream tags for some commits for pytorch
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-59825/rust-astral-tokio-tar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-10921/gegl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new gimp issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-10990 for further checking
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for three hdf5 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-6750/hdf5
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some new pytorch issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of openbabel issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some gitlab CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for nncp update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Retake squid on dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Take ruby-rack
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-55763/civetweb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59842/jupyterlab
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59362/squid
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-11021/libsoup3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add missing bug reference for CVE-2025-23272/nvidia-cuda-toolkit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-53643/python-aiohttp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for glib-networking issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-59830/ruby-rack
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add Seagate
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-6001{8,9}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2025-11010
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new gitlab issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-59800/ghostscript
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for ghostscript issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-57632/libsmb2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-10925/gimp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-10924/gimp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove spurious additional whitespace in note for CVE-2025-10924
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-10923/gimp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-10920/gimp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-10911/libxslt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note-tar-fs to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dsa-needed: Sort entries
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add dovecot to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-0649 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4312-1 for squid
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for gimp issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for openbabel issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim node-tar-fs in dla-needed.txt
Yadd ( at yadd)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-4404/freeipa [bookworm]
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Align status for CVE-2025-4404 with same class issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-11021/libsoup3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-10921/gegl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mapserver spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4313-1 for node-tar-fs
Yadd ( at yadd)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-8014/gitlab
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add gegl to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2024-55601/hugo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-47910/golang-1.25
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for golang-1.24 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-11083/binutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-11082/binutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-11081/binutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new ogre issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for pytorch issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-11065/golang-github-go-viper-mapstructure
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] node-tar-fs DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] record DSA-6003-2
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gimp DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed versionfor two log4cxx issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-11065
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tiff to dla-needed
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add gegl to dla-needed
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Mark CVE-2025-59431/mapserver as postponed for bullseye
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Mark several CVEs for openbabel as postponed for bullseye
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Update note about tiff in dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4305-2 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] add vmscape reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] tomcat11 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Claim log4cxx in dla-needed.txt
Lukas Märdian ( at slyon)
- [Git][security-tracker-team/security-tracker][master] LTS: claim tiff in dla-needed.txt
Jochen Sprickerhof ( at jspricke)
- [Git][security-tracker-team/security-tracker][master] tomcat10 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-4124{4,5,6}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for radare2 updates via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for ghostscript issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for some CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference patches for CVE-2025-41244
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for unstable CVE-2025-58457/zookeeper
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for some pypy3 issues with unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-6069/python
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-9648/civetweb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend rule for Esri CNA to cover Portal for ArcGIS product
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: update NOTEs for libcpanel-json-xs-perl, libjson-xs-perl
Paride Legovini ( at paride)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4314-1 for python-internetarchive
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: remove varnish from data/dla-needed.txt
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Update status for gimp issues in unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-58040 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4315-1 for tiff
Jochen Sprickerhof ( at jspricke)
- [Git][security-tracker-team/security-tracker][master] Add new CVEs for freshrss, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59952/minio
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark golang-gopkg-pg.v5 as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new openssl issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add reference for VE-2025-9232/openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-10725 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-41244 [bullseye]
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-9648/bullseye
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-59933/vips
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-7493/freeipa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4316-1 for open-vm-tools
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add openssl to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4286-2 for libcommons-lang3-java
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-45337/golang-go.crypto via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-41244/open-vm-tools
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed open-vm-tools update via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-53538/suricata
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-8671/varnish as no-dsa for trixie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-55780/mupdf [bullseye]
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] add to dla-needed python-authlib
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed add python-pip
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4317-1 for libjson-xs-perl
Paride Legovini ( at paride)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4318-1 for libcpanel-json-xs-perl
Paride Legovini ( at paride)
- [Git][security-tracker-team/security-tracker][master] dla-needed add libxlst
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add firefox issues from mfsa2025-80
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-59933/vips [bullseye]
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add note on requirements for CVE-2025-7493
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-10911 as postponed (wait until fix merged upstream to decide)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-7425/libxslt as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4319-1 for libxml2
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4262-2 for libcommons-lang-java
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-7425/libxlst: Mention mitigation in bullseye's libxml2
Guilhem Moulin ( at guilhem)
Last message date:
Tue Sep 30 23:03:17 BST 2025
Archived on: Tue Sep 30 23:03:21 BST 2025
This archive was generated by
Pipermail 0.09 (Mailman edition).