January 2026 Archives by date

Messages sorted by: [ thread ] [ subject ] [ author ]
More info on this list...

Starting: Thu Jan 1 07:16:14 GMT 2026
Ending: Fri Jan 23 17:19:23 GMT 2026
Messages: 848

[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-69277/libsodium via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for gnupg2 via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-69412/messagelib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-69413/gitea Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4430-1 for net-snmp Andreas Henriksson ( at ah)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for gnupg2 via bookworm-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-69412/messagelib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for starlette via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Apache rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Remove no-dsa annotations from fontforge CVEs which are marked unimportant Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] composer spu/ospu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for fontforge issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15411/wabt Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-21428/cpp-httplib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed rust-sequoia-openpgp update via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for smb4k security update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Document required followup for CVE-2025-64512/pdfminer Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Trick fixed version for CVE-2025-60458/uxplay via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2025-68973 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new open5gs CVEs, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15412/wabt Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process one more NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2023-50262 as not-affected for bullseye Abhijith PA ( at abhijith)
[Git][security-tracker-team/security-tracker][master] dla: add back pdfminer Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2025-69277/libsodium: fix Debian bug reference Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Mark node-mongodb as removed from unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: add libsodium Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2025-68431/libheif: bullseye postponed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-66004/usbmuxd via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: add libmatio Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2025-15284/node-qs: bullseye postponed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2025-69412/kf5-messagelib: bullseye postponed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2025-12816,CVE-2025-66030,CVE-2025-66031/node-node-forge: bullseye postponed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2025-66516/tika: bullseye fixed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] LTS: claim gimp in dla-needed.txt Andreas Henriksson ( at ah)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2025-14424 (gimp) as not affecting bullseye Andreas Henriksson ( at ah)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-14424/gimp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2025-14180/php7.4: not-affected Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] dla: add php7.4 Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2025-13836/python: reference introductory commit Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] LTS: claim php7.4 in dla-needed.txt Guilhem Moulin ( at guilhem)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4431-1 for gimp Andreas Henriksson ( at ah)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove notes on rejected CVEs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Correct status for CVE-2025-37884 and sync with kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla-needed: update NOTEs for gdcm Emmanuel Arias ( at eamanu)
[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2025-13836/python: vulnerable code temporarily reverted on 3.9 branch only Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for some CVEs for linux upload to unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: add pypy3 Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-21444/libtpms Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fix via unstable for CVE-2025-69412/messagelib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: python3.9: note to sync with renamed packages python3.11 and python3.13 Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new gpsd issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15438/pluxml Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: drop hdf5 (limited support) Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] node-node-forge: proposed for EOL Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Add reference to upstream issue for CVE-2026-21444 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-21444 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for mbedtls via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for curl via bookworm-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-21444/libtpms via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for php-dompdf via bookworm-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove planned twitter-boostrap3 update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-21452/mspack-java Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-69261/wasmedge Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-50798/sox: bullseye postponed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] compare-embed-usertags: Use correct mirror for rsync to get data Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-21428/cpp-httplib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-21452/msgpack-java Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: add mapserver Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] dla: add ruby-rmagick Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] dla: clarify mapserver Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-66471 for trixie Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: add gpsd Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2025-69194/wget2: bullseye postponed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] LTS: claim curl in data/dla-needed.txt Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] Take ruby-rmagick Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Review list for candidates for Debian 13.3 point release Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Move python-django down the list as it will likely miss the point release Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Move ruby3.1 down the list as it is not yet accepted Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove CVEs whichare already covered in a DSA for ruby3.1 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Move two proposed updates down the list as too late for point release Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add edk2 for CVE-2024-13176 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for sogo via bookworm-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] gimp DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Correct CVE id reference for sogo Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2024-24510/sogo triaging for bullseye as ignored. Tobias Frost ( at tobi)
[Git][security-tracker-team/security-tracker][master] CVE-2023-48104/sogo - triaging as ignored/too intrusive. Tobias Frost ( at tobi)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add notes for ceph and knot-resolver + unclaim; waiting on people Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4432-1 for curl Carlos Henrique Lima Melara ( at charles)
Processing 8fa92930da07073beff8ae636c2d19dc0442c04a failed security tracker role
[Git][security-tracker-team/security-tracker][master] whisper.cpp is in the archive now Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] two ffmpeg issues fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-66034/fonttols via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] cbor2 fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new rust-rkyv issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new rust-gix-date issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity Roberto C. Sánchez ( at roberto)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove notes on rejected CVE Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Some Linux CVEs rejected Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove notes from rejected Linux CVEs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add upstream tag information for commit for CVE-2025-25473 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-gix-date issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-rkyv issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference upstream pull request to fix some CVEs for frr Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] LTS: drop guix, as it is now EOL Roberto C. Sánchez ( at roberto)
[Git][security-tracker-team/security-tracker][master] sodium DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Take libsodium Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4433-1 for ruby-rmagick Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim pdfminer. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Add two more products for Apache CNA rule Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process two more NFUs from Apache CNA rule Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed: re-claim pillow Daniel Leidert ( at dleidert)
[Git][security-tracker-team/security-tracker][master] Triage CVE-2025-46415, CVE-2025-46416, CVE-2025-52991, CVE-2025-52992,... Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2025-50343/libmatio Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15444 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-69223/python-aiohttp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-69228/python-aiohttp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-69227/python-aiohttp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-69229/python-aiohttp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-69230/python-aiohttp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-69226/python-aiohttp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-69224/python-aiottp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-69225/python-aiohttp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for Ubiquiti Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] py-aiohttp fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] CVE-2022-4558/sogo - triaging as ignored/too intrusive for bullseye Tobias Frost ( at tobi)
[Git][security-tracker-team/security-tracker][master] CVE-2022-4556/sogo - triaging as ignored/too intrusive for bullseye Tobias Frost ( at tobi)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4434-1 for sogo Tobias Frost ( at tobi)
[Git][security-tracker-team/security-tracker][master] dla: p7zip assessment Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] dla: p7zip-rar assessment Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Update two CVEs based on kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Sync CVE-2025-68357 with kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-8194 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: zabbix status update Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Correct status for two gpsd issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-68428/jspdf, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new CVEs for wolfssh, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage python-aiohttp for bullseye LTS (CVE-2025-69223,... Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Process two more NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status on CVE-2022-50798/sox Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for two gpsd issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-50343 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add debian bug referene for CVE-2025-14569 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new chromium issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-13034/curl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-13034/curl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-14017/curl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-14524/curl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-14819/curl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15079/curl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15224/curl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2021-45340 is actually in libstb Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] fix note Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] ceph fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] tornado fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add two new issues in foomuuri Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add foomuuri to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4435-1 for libsodium Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] record upstream fix for libcaca Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] foomuuri DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] foomuuri fixed in sid + oss-sec reference Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-45340/libsixel Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-45340/libstb Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Add another product for Apache CNA rule Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] cleanup rejected entry Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new tlp issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Triage CVE-2025-14524 in curl for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2026-0628 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Claim mbedtls again Andrej Shadura ( at andrewsh)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-15224/curl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new gitlab issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new undertow issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Mediawiki rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFU Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new llama.cpp issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new kanboard issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new murky openldap issue, might also be an error in the use the function is used Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22184/zlib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-21441/python-urllib3 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15346/wolfssl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-13151/libtasn1-6 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Correct state for CVE-2025-15346 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Add Commvault CNA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Update two gitlab related CVEs for issues only starting in later versions Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] miniflux fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-60753/libarchive Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-5918/libarchive Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-25724/libarchive Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] slic3r removed from the archive Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add a dla-needed note for sudo Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Apache rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Take map-server/dla-needed Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage python-urllib3 for bullseye LTS (CVE-2026-21441) Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4374-2 for pdfminer Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] LTS: claim python-urllib3 in dla-needed.txt Guilhem Moulin ( at guilhem)
[Git][security-tracker-team/security-tracker][master] vlc DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] dla-needed: update NOTE for gdcm Emmanuel Arias ( at eamanu)
[Git][security-tracker-team/security-tracker][master] bugnums Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] cleanup rejected CVE Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Release maplexer Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] CVE-2025-27236/zabbix Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] CVE-2025-49641/zabbix ignored Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] CVE-2025-49643/zabbix Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Take zabbix dla-needed Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-66418/python-urllib3 via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22034/snuffleupagus Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22028/node-preact Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-21892/python-parsl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-21885/miniflux Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-21876/modsecurity-crs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-21860/python-werkzeug Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-68158/python-authlib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-68151/coredns, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-21895/rust-rsa Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Ad CVE-2026-0719/libsoup Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update tracking for CVE-2025-67859 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Associate some NFUs with itp'ed entry for pnpm Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-22185/openldap Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-55780 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add note for CVE-2016-1584 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-21892/python-parsl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-21876 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-0719 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Typo Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Track fixed version for kanboard issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update trcking for CVE-2026-22185/{openldap,lmdb} Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0716/libsoup Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track as well libsoup2.4 for CVE-2026-0716 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Correct note on CVE-2026-22185 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] add one CVE reference for the VLC 3.0.22 security issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFU, concludes external check Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] python-filelock spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] openssh ospu/spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Remove one rejected CVE Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-68146 via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Triage CVE-2026-22185 in lmdb for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] according to #1119290 dnsdist is EOL in Bullseye, so there seems to be no need... Thorsten Alteholz ( at alteholz)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] LTS: take gnupg2 Roberto C. Sánchez ( at roberto)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2026-21892/python-parsl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Correct association of CVE-2020-26296 and track vega.js status Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Cleanup one rejected CVE Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-14505/node-elliptic Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-56225/fluidsynth Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process one more NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-2648{6,7}/vega.js Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status CVE-2025-25304/vega.js Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-27793/vega.js Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-26619/vega.js Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-59840/vega.js Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-65110 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-66648/vega.js Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Clarify one older NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-0716 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-67859 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] chromium dsa Andres Salomon ( at dilinger)
[Git][security-tracker-team/security-tracker][master] Track fix for CVE-2025-12385/qtdeclarative-opensource-src-gles via experimental Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2025-13151/libtasn1-6 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22773/vllm, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-23649/cosign Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22703/cosign Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2022-35929/cosign Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2022-23649: Drop reference to upstrema tag which does not seem correct Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-36056/cosign Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-46737/cosign Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-2990{2,3}/cosign Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22702/python-virtualenv Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22701/python-filelock Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22693/harfbuzz Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add tow new pypdf issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add some new CVEs for ghost, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Correct version for suricata in trixie 13.3 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Merge changes for updates with CVEs via trixie 13.3 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 3 commits: Remove entries for pagure (removed from bookworm) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for pypdf issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for vega.js issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add ZDI reference for net-snmp issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for python-virtualenv issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for new python-filelock issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-14505/node-elliptic Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-22693/harfbuzz Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-21441/python-urllib3 via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker] Pushed new branch users/ecite/fix-cve-2025-64344 Andreas Dolp ( at ecite)
[Git][security-tracker-team/security-tracker][master] 2 commits: Fix CVE-2025-64344 as fixed in suricata 1:7.0.10-1+deb13u2 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker] Deleted branch users/ecite/fix-cve-2025-64344 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Triage CVE-2025-13151 in libtasn1-6 for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process two new issues in quickjs(-ng) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22610 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Add another product covered in Apache CNA rule Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-22693 via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-22702 via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] node-preact n/a Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process two NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-68493/libstruts1.2-java Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15506/opencolorio Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla-needed zabbix Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Retake netty Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-53900/spip Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFU (concludes external check) Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for net-snmp update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity Roberto C. Sánchez ( at roberto)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22776/cpp-httplib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new wlc issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-71063/errands Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new avahi issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some new NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-65105/apptainer Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] mark errands as no-dsa Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new qemu issue (concludes external check) Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new libpng1.6 issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Add mlflow rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-0665/qemu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15514/ollama Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Add Emlog Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] new firefox issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] add firefox-esr issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Apache rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-53900/spip Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for avahi issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for opencolorio issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reclaim apache-log4j2, dcmtk and jackson-core Markus Koschany ( at apo)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for qemu issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22791/opencryptoki Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22772/golang-github-sigstore-fulcio Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for wlc issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference full commit id for libpng1.6 upstream fixes Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for libpng1.6 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update NOTEs and mark CVE-2025-9086/curl as not affecting bookworm Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] Add final release tag for CVE-2025-9086/curl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 3 commits: Add new chromium issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track firefox fixes via unstable for mfsa2026-01 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track firefox-esr issues fixed via unstable for mfsa2026-03 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new nodejs issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for nodejs issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] parsl DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] direwolf DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] wget2 fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVE changes from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4436-1 for linux-6.1 Ben Hutchings ( at benh)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Mediawiki rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove pgbouncer from dla-needed.txt Andreas Henriksson ( at ah)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4437-1 for gnupg2 Roberto C. Sánchez ( at roberto)
[Git][security-tracker-team/security-tracker][master] Claim libmatio in dla-needed.txt Andreas Henriksson ( at ah)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-0665/qemu via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4438-1 for mongo-c-driver Roberto C. Sánchez ( at roberto)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-71144/linux Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add a note about netty/dla-needed Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new freerdp3 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-21889/weblate, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Associate two NFUs with weblate itp'ed entry Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22036/node-undici Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] LTS: re-claim ffmpeg in data/dla-needed.txt Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0532/kibana, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Remove one check item Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Add one more product for Apache CNA rule Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Add one more product for NVIDIA CNA rule Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process two NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-14242/vsftpd Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Drop CVE-2025-9086/curl from DLA-4432-1 and mark bullseye not-affected Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] chromium dsa Andres Salomon ( at dilinger)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-14874/node-nodemailer via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new wireshark issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0861/glibc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-56226/libsndfile Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process one NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-70968/freeimage Salvatore Bonaccorso ( at carnil)
International Hardware Fair Cologne 2026 | Attendees List Access Juanita Garcia
[Git][security-tracker-team/security-tracker][master] CVE-2025-57052/cjson is already fixed in forky Adrian Bunk ( at bunk)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] dsa: mbedtls/stable got fixed via pu Adrian Bunk ( at bunk)
[Git][security-tracker-team/security-tracker][master] NFUs (concludes external check) Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22797/python-keystonemiddleware Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-71115 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4439-1 for firefox-esr Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] Align with CVE-2026-0708 with CVE-2025-11010 and CVE-2025-6499 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-14242/vsftpd Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] firefox-esr DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] errands spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-56226/libsndfile Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-59464 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new libxml2 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new gpac issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new glpi issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-0861 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-22036/node-undici Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-70968 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-22797/python-keystonemiddleware Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-22797 / python-keystonemiddleware only affects trixie Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] 4 commits: add patch/mr link for CVE-2026-0989/libxml2 Daniel Leidert ( at dleidert)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-22797/python-keystonemiddleware via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-22036/node-undici via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add introducing commit for CVE-2026-22797/keystonemiddleware Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for linux issues fixed with 6.18.5-1 upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0988/glib2.0 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0980 as NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-0810/rust-gix-date allocated for RUSTSEC-2025-0140 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for wireshark issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libxml2 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new airflow issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new golang issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new thunderbird issues from mfsa2026-05 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues fixes via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0915/glibc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22045/traefik, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0858/plantuml Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new openvpn issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFU Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Update information for glibc issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for wireshark issues via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove note from CVE-2022-50911 as it is rejected Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2025-10145 (duplicate of CVE-2023-7073) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23535/wlc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23528/dask.distributed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new mattermost-server issues (itp'ed) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2021-47844/xmind, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-15497/openvpn Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23490/pyasn1 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15104/vnu, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2021-47800/b2evolution Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2021-47793 but keep todo item for now Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2021-47779/doilbarr Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2026-0915/glibc as no-dsa Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-0915/glibc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for two glibc issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-0858 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-0988/glib2.0 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-23535/wlc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for pyasn1 issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4440-1 for ffmpeg Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] Add pull-request for CVE-2025-14505 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23745/node-tar Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23643/cakephp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new gradle issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new open5gs issues (itp'ed) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-22727/cakephp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for two pcsx2 issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for python-urllib3 update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] thunderbird DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version via experimental for CVE-2025-50343/libmatio Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new keras issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] data/CVE/list: CVE-2025-2337: Mark bullseye as not-affected Andreas Henriksson ( at ah)
[Git][security-tracker-team/security-tracker][master] data/CVE/list: CVE-2020-36428: Note libmatio CVE likely HDF5 Andreas Henriksson ( at ah)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-68212/linux Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Eclipse rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-23745/node-tar via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-64512/pdfminer via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Mark postgresql-17 as removed from unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for postgresql issues in bookworm and trixie Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] ledgersmb removed from unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed verison via unstable for CVE-2025-55780/mupdf Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for hoteldruid issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-13151/libtasn1-6 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] docker fixed in experimental Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Mark python-django as WIP. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] wget2 spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for golang issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4441-1 for gpsd Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] LTS: Add note for php7.4 in dla-needed.txt Guilhem Moulin ( at guilhem)
[Git][security-tracker-team/security-tracker][master] 4 commits: dla-needed: add pyasn1 Daniel Leidert ( at dleidert)
[Git][security-tracker-team/security-tracker][master] Take pyasn1 from dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0943/libharfbuzz-shaper-perl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: claim pypy3 Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-23490/pyasn1 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for python-ldap issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-1144/quickjs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] 2 commits: Add notes for ceph and knot-resolver Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4442-1 for thunderbird Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] lts: triage CVE-2026-22693/harfbuzz as postponed Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-29943/amd64-microcode Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] first batch of HDF cleanups now that 12.13 and 13.3 are out Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] 2 commits: lts: triage gradle issues as no-dsa Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] Sync status for one CVE with kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-68431/libheif via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] more HDF updates Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] gpsd fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] 2 commits: dla: pypy3 status update Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Fix typo in dla-needed.txt Santiago R.R. ( at santiago)
[Git][security-tracker-team/security-tracker][master] more hdf updates Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add new freerdp3 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some more NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for freerdp3 issues addressed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add reference for introducing commit for CVE-2025-2337 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-21876/modsecurity-crs via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4443-1 for dcmtk Markus Koschany ( at apo)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4444-1 for apache-log4j2 Markus Koschany ( at apo)
[Git][security-tracker-team/security-tracker][master] dla-needed: take python-aiohttp Daniel Leidert ( at dleidert)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-54121/starlette Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add python-urllib3 to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: unclaim pypy3 Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23876/imagemagick Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23874/imagemagick Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22770/imagemagick Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23952/imagemagick Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23949/jaraco.context Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new node-tar issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-56226/libsndfile Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for new Foxit CNA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reference pull request for fix for CVE-2025-3549 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new assimp issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new mapnik issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] solr n/a Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4445-1 for python3.9 Andrej Shadura ( at andrewsh)
[Git][security-tracker-team/security-tracker][master] golang-github-hashicorp-go-getter removed from the archive Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15281/glibc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] pcsx2 spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-1180/keycloak Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0622/open5gs, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add unclear issue on ply (CVE-2025-56005) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Mark gitlab-ci-multi-runner as removed from unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new set of nvidia-cuda-toolkit CVEs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-1145/quickjs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process one NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] python-keystonemiddleware DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] associate CVE-2025-15536 with src:opencc Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] 2 commits: Add new chromium issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new inetutils issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Fix typo in temporary description Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove tracking of proposed curl update in bookworm-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-39822/linux syncing with kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22976/linux Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Cleanup trailing whitespaces Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-24061/inetutils allocated Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new virtualbox issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] 5 commits: lts: triage CVE-2025-13837/pypy3 as no-dsa Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] new Java issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new mysql-8.0 issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issue fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 4 commits: lts: add node-tar Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new gitlab issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] final batch of hdf5 updates Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new liblivemedia issue (concludes external check) Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22977/linux Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Add reference for upstream commit for CVE-2025-15506 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-23949/jaraco.context Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for nvidia-cuda-toolkit issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for imagemagick issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-23949 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Take vlc Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-15538 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-15537 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add inetutils to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian tracking bug for CVE-2026-24061/inetutils Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] assimp fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-3549/assimp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-13878/bind9 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add upstream commit references for bind9 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-31884/ceph Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new ollama issues, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-13465/node-lodash Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some more NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for two libpng1.6 issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2021-47857/moodle Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two keycloak issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add bind9 to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Take care of releasing inetutils for DSA Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0865/python Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] modsecurity-crs DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] cleanup rejected CVE Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add imagemagick to dla-needed Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] bugnums Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] link openjdk advisory Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] bugnums Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version for imagemagick issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add imagemagick to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for mysql-8.0 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed via unstable for openjdk-11 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for openjdk-17 issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for openjdk-21 issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for openjdk-25 issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-69209/arduino-core-avr Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process two NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add back a todo item for CVE-2026-0865, should be reviewed/checked Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new python issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for inetutils update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] strip unimportant status from opencc, missed the lib Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] add exploit references for CVE-2025-38352 Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] node-tar fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new Python issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] 5 commits: lts: triage CVE-2023-53900/spip as no-dsa Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2026-23949/jaraco.context Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed gpsd update via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: lts: CVE-2025-13878/bind9 n/a on bullseye Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] update status for some python issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Claim wireshark Jochen Sprickerhof ( at jspricke)
[Git][security-tracker-team/security-tracker][master] also track CVE-2026-23949 for setuptools, thanks to jpfc for the note Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] lts: add apache2 Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] Add two new incus issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fix for CVE-2025-6536/tarantool Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track upstream fix for CVE-2025-15536/opencc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add pull request for CVE-2025-11468 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Take bind9 for DSA release Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for bind9 update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove notes from some withdrawn CVEs (by its CNA) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add incus to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-24049/wheel Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-24001/node-diff Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new issues in Mastodon, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Annoate wireshark that update is pinged to debian-security-tools team Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process two new go-tuf issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23893/opencryptoki Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22807/vllm, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-1225/logback Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-71176/pytest Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Re-triage CVE-2024-45230 in python-django for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] chromium dsa Andres Salomon ( at dilinger)
[Git][security-tracker-team/security-tracker][master] Re-triage CVE-2024-41990 in python-django for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Te-triage CVE-2024-38875, CVE-2024-41990 and CVE-2024-45230 in python-django for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Add myself for apache2/dla Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Process one NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-12781/python Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for python-urllib3 regression update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update metadata for CVE-2024-24856/acpica-unix Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-13353/gokey Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for incus via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Adjust tracking for CVE-2025-47913/golang-go.crypto Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add references for CVE-2025-22869/golang-go.crypto Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4446-1 for python-urllib3 Guilhem Moulin ( at guilhem)
[Git][security-tracker-team/security-tracker][master] Add two new rekor issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for golang-1.25 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4426-2 for osslsigncode Abhijith PA ( at abhijith)
[Git][security-tracker-team/security-tracker][master] Remove notes from one withdrawn CVE Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-21441/python-urllib3: Add link to commit which introduced the issue Guilhem Moulin ( at guilhem)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-24515/expat Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add prefixes for commits Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new set of gitea issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0798/gitea Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] lts: add inetutils Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-67847/moodle Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new issue in dr_flac, bundled in various applications Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15059/gimp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] zvbi, gpsd ospu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-71074/linux Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for jaraco.context via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 3 commits: lts: jython and python2.7 EOL on bullseye Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] add some note for CVE-2024-45508 Thorsten Alteholz ( at alteholz)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add tracking bug for CVE-2025-34450/rtl-433 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixe/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Fix some notes Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-13465/node-lodash Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-15281/glibc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-15059/gimp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-23893/opencryptoki Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for golang-github-theupdateframework-go-tuf issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24001 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24049 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for rakor issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24515/expat Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new batch of CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-24515/expat via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-69209 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-15536 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-22185 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Adjust one CVE pending for zvbi via bookworm-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for taglib via bookworm-pu Salvatore Bonaccorso ( at carnil)

Last message date: Fri Jan 23 17:19:23 GMT 2026
Archived on: Fri Jan 23 17:19:28 GMT 2026

Messages sorted by: [ thread ] [ subject ] [ author ]
More info on this list...

This archive was generated by Pipermail 0.09 (Mailman edition).