January 2026 Archives by date
Starting: Thu Jan 1 07:16:14 GMT 2026
Ending: Sat Jan 31 23:45:00 GMT 2026
Messages: 1213
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-69277/libsodium via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for gnupg2 via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-69412/messagelib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-69413/gitea
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4430-1 for net-snmp
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for gnupg2 via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-69412/messagelib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for starlette via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Apache rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Remove no-dsa annotations from fontforge CVEs which are marked unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] composer spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for fontforge issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15411/wabt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-21428/cpp-httplib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed rust-sequoia-openpgp update via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for smb4k security update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Document required followup for CVE-2025-64512/pdfminer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Trick fixed version for CVE-2025-60458/uxplay via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2025-68973
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new open5gs CVEs, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15412/wabt
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one more NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2023-50262 as not-affected for bullseye
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] dla: add back pdfminer
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-69277/libsodium: fix Debian bug reference
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Mark node-mongodb as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add libsodium
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-68431/libheif: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-66004/usbmuxd via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add libmatio
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-15284/node-qs: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-69412/kf5-messagelib: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-12816,CVE-2025-66030,CVE-2025-66031/node-node-forge: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-66516/tika: bullseye fixed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: claim gimp in dla-needed.txt
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-14424 (gimp) as not affecting bullseye
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-14424/gimp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2025-14180/php7.4: not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add php7.4
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2025-13836/python: reference introductory commit
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: claim php7.4 in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4431-1 for gimp
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes on rejected CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct status for CVE-2025-37884 and sync with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed: update NOTEs for gdcm
Emmanuel Arias ( at eamanu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2025-13836/python: vulnerable code temporarily reverted on 3.9 branch only
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for some CVEs for linux upload to unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add pypy3
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-21444/libtpms
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via unstable for CVE-2025-69412/messagelib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: python3.9: note to sync with renamed packages python3.11 and python3.13
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new gpsd issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15438/pluxml
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: drop hdf5 (limited support)
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] node-node-forge: proposed for EOL
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream issue for CVE-2026-21444
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-21444
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for mbedtls via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for curl via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-21444/libtpms via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for php-dompdf via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove planned twitter-boostrap3 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-21452/mspack-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-69261/wasmedge
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-50798/sox: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] compare-embed-usertags: Use correct mirror for rsync to get data
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-21428/cpp-httplib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-21452/msgpack-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add mapserver
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: add ruby-rmagick
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: clarify mapserver
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-66471 for trixie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add gpsd
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2025-69194/wget2: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: claim curl in data/dla-needed.txt
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Take ruby-rmagick
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Review list for candidates for Debian 13.3 point release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Move python-django down the list as it will likely miss the point release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Move ruby3.1 down the list as it is not yet accepted
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove CVEs whichare already covered in a DSA for ruby3.1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Move two proposed updates down the list as too late for point release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add edk2 for CVE-2024-13176
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for sogo via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] gimp DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Correct CVE id reference for sogo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2024-24510/sogo triaging for bullseye as ignored.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] CVE-2023-48104/sogo - triaging as ignored/too intrusive.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add notes for ceph and knot-resolver + unclaim; waiting on people
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4432-1 for curl
Carlos Henrique Lima Melara ( at charles)
- Processing 8fa92930da07073beff8ae636c2d19dc0442c04a failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] whisper.cpp is in the archive now
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] two ffmpeg issues fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-66034/fonttols via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] cbor2 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rust-rkyv issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rust-gix-date issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes on rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Some Linux CVEs rejected
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from rejected Linux CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag information for commit for CVE-2025-25473
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-gix-date issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-rkyv issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream pull request to fix some CVEs for frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: drop guix, as it is now EOL
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] sodium DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Take libsodium
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4433-1 for ruby-rmagick
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim pdfminer.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add two more products for Apache CNA rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two more NFUs from Apache CNA rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla-needed: re-claim pillow
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2025-46415, CVE-2025-46416, CVE-2025-52991, CVE-2025-52992,...
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2025-50343/libmatio
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15444
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-69223/python-aiohttp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-69228/python-aiohttp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-69227/python-aiohttp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-69229/python-aiohttp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-69230/python-aiohttp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-69226/python-aiohttp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-69224/python-aiottp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-69225/python-aiohttp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for Ubiquiti
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] py-aiohttp fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-4558/sogo - triaging as ignored/too intrusive for bullseye
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-4556/sogo - triaging as ignored/too intrusive for bullseye
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4434-1 for sogo
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] dla: p7zip assessment
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: p7zip-rar assessment
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Update two CVEs based on kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync CVE-2025-68357 with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-8194
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: zabbix status update
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Correct status for two gpsd issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-68428/jspdf, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new CVEs for wolfssh, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage python-aiohttp for bullseye LTS (CVE-2025-69223,...
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Process two more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status on CVE-2022-50798/sox
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for two gpsd issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-50343
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add debian bug referene for CVE-2025-14569
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-13034/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-13034/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-14017/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-14524/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-14819/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15079/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15224/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2021-45340 is actually in libstb
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] fix note
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ceph fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] tornado fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add two new issues in foomuuri
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add foomuuri to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4435-1 for libsodium
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] record upstream fix for libcaca
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] foomuuri DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] foomuuri fixed in sid + oss-sec reference
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2021-45340/libsixel
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2021-45340/libstb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add another product for Apache CNA rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] cleanup rejected entry
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new tlp issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2025-14524 in curl for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2026-0628
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim mbedtls again
Andrej Shadura ( at andrewsh)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-15224/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new undertow issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Mediawiki rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new llama.cpp issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new kanboard issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new murky openldap issue, might also be an error in the use the function is used
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22184/zlib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-21441/python-urllib3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15346/wolfssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-13151/libtasn1-6
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct state for CVE-2025-15346
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add Commvault CNA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update two gitlab related CVEs for issues only starting in later versions
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] miniflux fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-60753/libarchive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-5918/libarchive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-25724/libarchive
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] slic3r removed from the archive
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add a dla-needed note for sudo
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Apache rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Take map-server/dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage python-urllib3 for bullseye LTS (CVE-2026-21441)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4374-2 for pdfminer
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] LTS: claim python-urllib3 in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] vlc DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dla-needed: update NOTE for gdcm
Emmanuel Arias ( at eamanu)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] cleanup rejected CVE
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Release maplexer
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-27236/zabbix
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-49641/zabbix ignored
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-49643/zabbix
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Take zabbix dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-66418/python-urllib3 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22034/snuffleupagus
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22028/node-preact
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-21892/python-parsl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-21885/miniflux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-21876/modsecurity-crs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-21860/python-werkzeug
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-68158/python-authlib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-68151/coredns, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-21895/rust-rsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Ad CVE-2026-0719/libsoup
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update tracking for CVE-2025-67859
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate some NFUs with itp'ed entry for pnpm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-22185/openldap
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-55780
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2016-1584
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-21892/python-parsl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-21876
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-0719
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Typo
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for kanboard issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update trcking for CVE-2026-22185/{openldap,lmdb}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0716/libsoup
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track as well libsoup2.4 for CVE-2026-0716
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct note on CVE-2026-22185
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add one CVE reference for the VLC 3.0.22 security issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFU, concludes external check
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] python-filelock spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openssh ospu/spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Remove one rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-68146 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2026-22185 in lmdb for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] according to #1119290 dnsdist is EOL in Bullseye, so there seems to be no need...
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] LTS: take gnupg2
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2026-21892/python-parsl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct association of CVE-2020-26296 and track vega.js status
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup one rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-14505/node-elliptic
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-56225/fluidsynth
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one more NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-2648{6,7}/vega.js
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status CVE-2025-25304/vega.js
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-27793/vega.js
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-26619/vega.js
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-59840/vega.js
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-65110
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-66648/vega.js
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Clarify one older NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-0716
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-67859
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Andres Salomon ( at dilinger)
- [Git][security-tracker-team/security-tracker][master] Track fix for CVE-2025-12385/qtdeclarative-opensource-src-gles via experimental
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2025-13151/libtasn1-6
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22773/vllm, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-23649/cosign
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22703/cosign
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2022-35929/cosign
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-23649: Drop reference to upstrema tag which does not seem correct
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2022-36056/cosign
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-46737/cosign
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-2990{2,3}/cosign
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22702/python-virtualenv
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22701/python-filelock
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22693/harfbuzz
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tow new pypdf issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some new CVEs for ghost, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct version for suricata in trixie 13.3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Merge changes for updates with CVEs via trixie 13.3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Remove entries for pagure (removed from bookworm)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for pypdf issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for vega.js issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add ZDI reference for net-snmp issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for python-virtualenv issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for new python-filelock issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-14505/node-elliptic
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-22693/harfbuzz
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-21441/python-urllib3 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker] Pushed new branch users/ecite/fix-cve-2025-64344
Andreas Dolp ( at ecite)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix CVE-2025-64344 as fixed in suricata 1:7.0.10-1+deb13u2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker] Deleted branch users/ecite/fix-cve-2025-64344
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2025-13151 in libtasn1-6 for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two new issues in quickjs(-ng)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22610
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Add another product covered in Apache CNA rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-22693 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-22702 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] node-preact n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-68493/libstruts1.2-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15506/opencolorio
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed zabbix
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Retake netty
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-53900/spip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFU (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for net-snmp update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22776/cpp-httplib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new wlc issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-71063/errands
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new avahi issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-65105/apptainer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark errands as no-dsa
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new qemu issue (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new libpng1.6 issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add mlflow rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-0665/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15514/ollama
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add Emlog
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] new firefox issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add firefox-esr issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Apache rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-53900/spip
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for avahi issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for opencolorio issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reclaim apache-log4j2, dcmtk and jackson-core
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for qemu issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22791/opencryptoki
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22772/golang-github-sigstore-fulcio
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for wlc issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference full commit id for libpng1.6 upstream fixes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for libpng1.6 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update NOTEs and mark CVE-2025-9086/curl as not affecting bookworm
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Add final release tag for CVE-2025-9086/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track firefox fixes via unstable for mfsa2026-01
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track firefox-esr issues fixed via unstable for mfsa2026-03
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new nodejs issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for nodejs issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] parsl DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] direwolf DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] wget2 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVE changes from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4436-1 for linux-6.1
Ben Hutchings ( at benh)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Mediawiki rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove pgbouncer from dla-needed.txt
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4437-1 for gnupg2
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Claim libmatio in dla-needed.txt
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-0665/qemu via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4438-1 for mongo-c-driver
Roberto C. Sánchez ( at roberto)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-71144/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add a note about netty/dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new freerdp3 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-21889/weblate, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate two NFUs with weblate itp'ed entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22036/node-undici
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: re-claim ffmpeg in data/dla-needed.txt
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0532/kibana, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Remove one check item
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add one more product for Apache CNA rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add one more product for NVIDIA CNA rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-14242/vsftpd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Drop CVE-2025-9086/curl from DLA-4432-1 and mark bullseye not-affected
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Andres Salomon ( at dilinger)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-14874/node-nodemailer via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new wireshark issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0861/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-56226/libsndfile
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-70968/freeimage
Salvatore Bonaccorso ( at carnil)
- International Hardware Fair Cologne 2026 | Attendees List Access
Juanita Garcia
- [Git][security-tracker-team/security-tracker][master] CVE-2025-57052/cjson is already fixed in forky
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dsa: mbedtls/stable got fixed via pu
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] NFUs (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22797/python-keystonemiddleware
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-71115
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4439-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Align with CVE-2026-0708 with CVE-2025-11010 and CVE-2025-6499
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-14242/vsftpd
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] firefox-esr DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] errands spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-56226/libsndfile
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-59464
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new libxml2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new gpac issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new glpi issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-0861
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-22036/node-undici
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-70968
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-22797/python-keystonemiddleware
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-22797 / python-keystonemiddleware only affects trixie
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 4 commits: add patch/mr link for CVE-2026-0989/libxml2
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-22797/python-keystonemiddleware via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-22036/node-undici via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add introducing commit for CVE-2026-22797/keystonemiddleware
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for linux issues fixed with 6.18.5-1 upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0988/glib2.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0980 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-0810/rust-gix-date allocated for RUSTSEC-2025-0140
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for wireshark issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libxml2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new airflow issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new golang issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new thunderbird issues from mfsa2026-05
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues fixes via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0915/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22045/traefik, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0858/plantuml
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new openvpn issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update information for glibc issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for wireshark issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove note from CVE-2022-50911 as it is rejected
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2025-10145 (duplicate of CVE-2023-7073)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23535/wlc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23528/dask.distributed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new mattermost-server issues (itp'ed)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-47844/xmind, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-15497/openvpn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23490/pyasn1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15104/vnu, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-47800/b2evolution
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-47793 but keep todo item for now
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-47779/doilbarr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2026-0915/glibc as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-0915/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for two glibc issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-0858
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-0988/glib2.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-23535/wlc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for pyasn1 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4440-1 for ffmpeg
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Add pull-request for CVE-2025-14505
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23745/node-tar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23643/cakephp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new gradle issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new open5gs issues (itp'ed)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-22727/cakephp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two pcsx2 issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for python-urllib3 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] thunderbird DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via experimental for CVE-2025-50343/libmatio
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new keras issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: CVE-2025-2337: Mark bullseye as not-affected
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] data/CVE/list: CVE-2020-36428: Note libmatio CVE likely HDF5
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-68212/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Eclipse rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-23745/node-tar via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-64512/pdfminer via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark postgresql-17 as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for postgresql issues in bookworm and trixie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] ledgersmb removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed verison via unstable for CVE-2025-55780/mupdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for hoteldruid issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-13151/libtasn1-6
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] docker fixed in experimental
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark python-django as WIP.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] wget2 spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for golang issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4441-1 for gpsd
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] LTS: Add note for php7.4 in dla-needed.txt
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] 4 commits: dla-needed: add pyasn1
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Take pyasn1 from dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0943/libharfbuzz-shaper-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: claim pypy3
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-23490/pyasn1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for python-ldap issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-1144/quickjs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add notes for ceph and knot-resolver
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4442-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: triage CVE-2026-22693/harfbuzz as postponed
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-29943/amd64-microcode
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] first batch of HDF cleanups now that 12.13 and 13.3 are out
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: lts: triage gradle issues as no-dsa
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Sync status for one CVE with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-68431/libheif via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] more HDF updates
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] gpsd fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: pypy3 status update
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Fix typo in dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] more hdf updates
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add new freerdp3 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for freerdp3 issues addressed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for introducing commit for CVE-2025-2337
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-21876/modsecurity-crs via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4443-1 for dcmtk
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4444-1 for apache-log4j2
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] dla-needed: take python-aiohttp
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-54121/starlette
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add python-urllib3 to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: unclaim pypy3
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23876/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23874/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22770/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23952/imagemagick
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23949/jaraco.context
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new node-tar issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-56226/libsndfile
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for new Foxit CNA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reference pull request for fix for CVE-2025-3549
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new assimp issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mapnik issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] solr n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4445-1 for python3.9
Andrej Shadura ( at andrewsh)
- [Git][security-tracker-team/security-tracker][master] golang-github-hashicorp-go-getter removed from the archive
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15281/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] pcsx2 spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-1180/keycloak
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0622/open5gs, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add unclear issue on ply (CVE-2025-56005)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Mark gitlab-ci-multi-runner as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of nvidia-cuda-toolkit CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-1145/quickjs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] python-keystonemiddleware DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] associate CVE-2025-15536 with src:opencc
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add new chromium issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new inetutils issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in temporary description
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove tracking of proposed curl update in bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-39822/linux syncing with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22976/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup trailing whitespaces
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-24061/inetutils allocated
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new virtualbox issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 5 commits: lts: triage CVE-2025-13837/pypy3 as no-dsa
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] new Java issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mysql-8.0 issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issue fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: lts: add node-tar
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] final batch of hdf5 updates
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new liblivemedia issue (concludes external check)
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22977/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add reference for upstream commit for CVE-2025-15506
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-23949/jaraco.context
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for nvidia-cuda-toolkit issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for imagemagick issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-23949
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take vlc
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-15538
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-15537
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add inetutils to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian tracking bug for CVE-2026-24061/inetutils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] assimp fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-3549/assimp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-13878/bind9
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream commit references for bind9 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-31884/ceph
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new ollama issues, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-13465/node-lodash
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two libpng1.6 issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-47857/moodle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two keycloak issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add bind9 to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take care of releasing inetutils for DSA
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0865/python
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] modsecurity-crs DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] cleanup rejected CVE
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add imagemagick to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] link openjdk advisory
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for imagemagick issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add imagemagick to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for mysql-8.0 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed via unstable for openjdk-11
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for openjdk-17 issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for openjdk-21 issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for openjdk-25 issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-69209/arduino-core-avr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add back a todo item for CVE-2026-0865, should be reviewed/checked
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new python issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for inetutils update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] strip unimportant status from opencc, missed the lib
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add exploit references for CVE-2025-38352
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] node-tar fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new Python issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 5 commits: lts: triage CVE-2023-53900/spip as no-dsa
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2026-23949/jaraco.context
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed gpsd update via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: lts: CVE-2025-13878/bind9 n/a on bullseye
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] update status for some python issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Claim wireshark
Jochen Sprickerhof ( at jspricke)
- [Git][security-tracker-team/security-tracker][master] also track CVE-2026-23949 for setuptools, thanks to jpfc for the note
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: add apache2
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add two new incus issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix for CVE-2025-6536/tarantool
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track upstream fix for CVE-2025-15536/opencc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add pull request for CVE-2025-11468
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take bind9 for DSA release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for bind9 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from some withdrawn CVEs (by its CNA)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add incus to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24049/wheel
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24001/node-diff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issues in Mastodon, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Annoate wireshark that update is pinged to debian-security-tools team
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two new go-tuf issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23893/opencryptoki
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22807/vllm, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-1225/logback
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-71176/pytest
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Re-triage CVE-2024-45230 in python-django for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Andres Salomon ( at dilinger)
- [Git][security-tracker-team/security-tracker][master] Re-triage CVE-2024-41990 in python-django for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Te-triage CVE-2024-38875, CVE-2024-41990 and CVE-2024-45230 in python-django for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add myself for apache2/dla
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-12781/python
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for python-urllib3 regression update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update metadata for CVE-2024-24856/acpica-unix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-13353/gokey
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for incus via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust tracking for CVE-2025-47913/golang-go.crypto
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2025-22869/golang-go.crypto
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4446-1 for python-urllib3
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add two new rekor issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for golang-1.25 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4426-2 for osslsigncode
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Remove notes from one withdrawn CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-21441/python-urllib3: Add link to commit which introduced the issue
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24515/expat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add prefixes for commits
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of gitea issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0798/gitea
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: add inetutils
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-67847/moodle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new issue in dr_flac, bundled in various applications
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15059/gimp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] zvbi, gpsd ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-71074/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for jaraco.context via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: lts: jython and python2.7 EOL on bullseye
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] add some note for CVE-2024-45508
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add tracking bug for CVE-2025-34450/rtl-433
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] trixe/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Fix some notes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-13465/node-lodash
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-15281/glibc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-15059/gimp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-23893/opencryptoki
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for golang-github-theupdateframework-go-tuf issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24001
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24049
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for rakor issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24515/expat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new batch of CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-24515/expat via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-69209
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-15536
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-22185
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust one CVE pending for zvbi via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for taglib via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-15536/opencc via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] incus DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track fixed version for CVE-2025-14523/libsoup3 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-1299/python
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new protobuf issue (CVE-2026-0994)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-0775 and associate it with npm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-0994/protobuf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-67125/docopt.cpp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2021-47888/textpattern
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Update status for python-django.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-22234/libspring-security-2.0-java
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed versions for golang-1.24 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for zabbix issues in last unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for one more CVE for zabbix
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-50343/libmatio via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4447-1 for php7.4
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24401/avahi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24401/avahi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libpng1.6 via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed sqlite3 update via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-11468/python2.7: not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla-needed: Re-add python3.9
Andrej Shadura ( at andrewsh)
- [Git][security-tracker-team/security-tracker][master] Claim modsecurity-crs
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libpng1.6 via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15523/inkscape
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4448-1 for imagemagick
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] LTS: modsecurity-crs add notes to dsa-needed.txt.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4449-1 for zvbi
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4450-1 for taglib
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4451-1 for shapelib
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim inetutils in dla-needed.txt
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4452-1 for apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4453-1 for inetutils
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim ansible
Lee Garrett ( at lgarrett)
- [Git][security-tracker-team/security-tracker][master] libuev ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openjdk-17 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Demote CVE-2025-14369/libsdl2-mixer to unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4454-1 for libuev
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-14010 as not affecting bullseye
Lee Garrett ( at lgarrett)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2026-0994/protobuf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove listing of CVE-2025-59775
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4455-1 for python3.9
Andrej Shadura ( at andrewsh)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24656/apache-karaf, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove undetermined status for CVE-2025-56005/ply
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-27821/hadoop, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-1425/smartdns
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new gpac issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2025-12084/python3.*: reference regression fix
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVE updates from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add gimp
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] gpac: bullseye end-of-life
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4456-1 for openjdk-17
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4457-1 for openjdk-11
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Update note for python-django.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add another product covered by Esri CNA rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new issues in hiawatha, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2019-8358 with hiawatha, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-50537/eslint
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add another product covered by Apache CNA rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one more NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] pypy3: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Update note for python-django.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-8194/pypy3: unfixed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] LTS: switch frontdesk shift with Emilio as agreed in the mailing list
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-15281/glibc via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] imagemagick DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] openjdk-21 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVE changes from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new rust-oneshot issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-61728/golang: bullseye not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24686/golang-github-theupdateframework-go-tuf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24486/python-multipart
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24476/shaarli
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issues in pnpm, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2025-61594/ruby2.7: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: add freerdp2
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-58150/xen
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-58151/xen-api
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23553/xen
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove tracking for libsdl2-mixer for CVE-2025-14369 and add note in embedded-code-copies
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new openssl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add information for CVE-2025-11187
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2025-15467
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add information for CVE-2025-15468
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2025-15469
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2025-66199
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add information for CVE-2025-68160
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2025-69418
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2025-69419
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2025-69420
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2025-69421
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2026-2279{5,6}/openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add openssl to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for openssl update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24881/gnupg2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24882/gnupg2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24883/gnupg2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new firefox issues from mfsa2026-06
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24810/rethinkdb, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24808/rawtherapee
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate one CVE to rethinkdb, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24688/pypdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23892/octoprint
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24408/sigstore-python, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24137/golang-github-sigstore-sigstore
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new suricata issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for openssl via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24116/rust-wasmtime
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new grafana issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new glib2.0 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-1467/libsoup
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-68670/xrdp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new libpng1.6 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-14911/mongodb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-61795,CVE-2025-48989,tomcat10: fixed in unstable
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Remove now python-django from dsa-needed, updates can go via pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Revert "Remove now python-django from dsa-needed, updates can go via pu"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim containerd
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-13881/keycloak, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add RUSTSEC-2025-0143/rust-capnpc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in source package name: it is rust-capnp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: update note for epiphany-browser
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-2816{2,4}/libpng1.6
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add new chromium issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24910/bun, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24842/node-tar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24779/vllm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24778/ghost, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24747/pytorch
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24765/phpunit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0818/thunderbird from mfsa2026-08
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-68670/xrdp bug reference
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-1425/smartdns
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2026-1484/glib2.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24116
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add glib2.0 Debian bugs references
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-1467
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24137
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24476/shaarli
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24486
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-13878/bind9 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23014/linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add openssl
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-22243/egroupware
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new libsoup issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new open5gs CVEs, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-1520/rethinkdb, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-1237/juju
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-36993/limesurvey
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-36992/nordvpn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-36986/prey
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new monit issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-31884/ceph
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24688/pypdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for four glib2.0 issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Update note for python-django
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4458-1 for python-django
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: Add a reference to the Debian bug# for bookworm SPU for python-django.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for pyasn1 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-23643
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] gimp DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track upstream fixes for CVE-2025-275{4,6}/assimp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix in 1.24 release branch for CVE-2025-68119
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: reference vlc DSA
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: ansible status update
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs from external check
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24686
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4459-1 for libmatio
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Claim openssl in dla-needed.txt
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-66399/cacti: postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issue fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-68276,CVE-2025-68468,CVE-2025-68471/avahi: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Typo
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] glibc: add git tags
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24835/podman-desktop
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24739/symfony
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two firefox issues from mfsa2026-06
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of FreeRDP issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add another product covered in NVIDIA CNA rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one more NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-33220
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-25068/alsa-lib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24413/icinga2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new CVEs for open5gs, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some new issues in monkey
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-37002/ajenti, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-25068/alsa-lib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for libsoup3 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for gnupg2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for some scilab issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-37011/gnome-font-viewer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-25210/expat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-15281,CVE-2026-0861,CVE-2026-0915/glibc: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: take clamav
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2026-22702/python-virtualenv: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-28162,CVE-2025-28164,CVE-2026-22695,CVE-2026-22801: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Andres Salomon ( at dilinger)
- [Git][security-tracker-team/security-tracker][master] dla: add xrdp
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-0989,CVE-2026-0990,CVE-2026-0992/libxml2: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-24049/wheel: bullseye not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] the latest scilab upload no longer contains ezxml
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Update tag for introducing commit for CVE-2026-0962
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-14932..13936/netcdf,netcdf-parallel: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-24688/pypdf2: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-25063/gradle-completion
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-25061/tcpflow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-1665/nvm, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-45160/cacti
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-69209/arduino-core-avr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add VE-2025-33219/nvidia-graphics-drivers and variants
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-61594/rubygems: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Yop Yi
- [Git][security-tracker-team/security-tracker][master] CVE-2026-24883/gnupg2: introductory commit, bullseye not-affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-24883/gnupg2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-24049 in bookworm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-13151/libtasn1-6: upstream commit, advisory and possible follow-up
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-22185/lmdb: precise bullseye triage
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Update references for CVE-2025-13151
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference do upstream advisory for CVE-2024-12133
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark zulucrypt as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-14369/libchdr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-45160 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to commit including fixing changes for CVE-2026-25061
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-25061/tcpflow
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-25063
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-25210
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2026-24515 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-13151/libtasn1-6: drop similar fix
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-25128/node-webfont
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bookworm/trixie triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Re-associate CVE-2024-41818 with node-webfont
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-69662/python-geopandas
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two salt issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add "new" undertow issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-36966/dolibarr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-37014/tryton-sao
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-25068/alsa-lib: introductory commit
Sylvain Beucler ( at beuc)
- Processing 57d0b9e5d0f805c607ff7bf6387e4185a14d8255 failed
security tracker role
- Processing 57d0b9e5d0f805c607ff7bf6387e4185a14d8255 failed
security tracker role
- Processing 57d0b9e5d0f805c607ff7bf6387e4185a14d8255 failed
security tracker role
- Processing 57d0b9e5d0f805c607ff7bf6387e4185a14d8255 failed
security tracker role
- Processing 57d0b9e5d0f805c607ff7bf6387e4185a14d8255 failed
security tracker role
- Processing 57d0b9e5d0f805c607ff7bf6387e4185a14d8255 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Process two NFUs from external check
Salvatore Bonaccorso ( at carnil)
- Processing 6b035e817f83477b7cc3e965fa759fb4cac4f553 failed
security tracker role
- Processing 6b035e817f83477b7cc3e965fa759fb4cac4f553 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- Processing 4b576cd01158ed17d27884804a4fce5a2edd25f9 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- Processing 549c845f5608daa137918ea77076161a57e27c50 failed
security tracker role
- Processing 0ea74e6ee01d77667b031ff117b081ab413750a3 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] dla: add alsa-lib
Sylvain Beucler ( at beuc)
- Processing 2c258f53846d12891c12685a95cdff11a88314ec failed
security tracker role
- Processing 2c258f53846d12891c12685a95cdff11a88314ec failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2026-23893/opencryptoki: bullseye postponed
Sylvain Beucler ( at beuc)
- Processing b3da337fcd91225f09af8a2f2bb8623269de0286 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] CVE-2026-24515/expat: bullseye postponed + link to upstream details
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-24401/avahi: bullseye postponed
Sylvain Beucler ( at beuc)
- Processing 0c819084afee0b6d1fca858ba8e23c5c3f027bac failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] CVE-2025-56005/ply: link oss-security thread
Sylvain Beucler ( at beuc)
- Processing 7b7edd58831e346aba9984cb90f92b54d1ccb1b8 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] dla: add glib2.0
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-15537/mapnik: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-1299/pypy3: bullseye postponed
Sylvain Beucler ( at beuc)
- Processing 6a9e86e7e662002ebe6b15dd7eaa136759c8c4ff failed
security tracker role
- Processing 3e4e4ec04b0c75de52ccd5e782aefc07d322f102 failed
security tracker role
- Processing 3e4e4ec04b0c75de52ccd5e782aefc07d322f102 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] golang-github-bep-imagemeta is in the archive now
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-24883: Add Debian bug reference back for additional information
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tags for commit for CVE-2026-25210
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2026-24515 /expat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] django DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-10925
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark fixed version for linux CVEs as fixed with 6.18.8-1 upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes of one rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate two CVEs with codeblocks
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 6 commits: CVE-2026-23528/dask.distributed: bullseye postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Update metadata for containerd update via DSA 6067-1
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-24476/shaarli
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: typo
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-15059/gimp via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add golang-github-theupdateframework-go-tuf for CVE-2024-47534
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add golang-github-theupdateframework-go-tuf for CVE-2022-29173
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-25210/expat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporarily todo item for CVE-2026-24842
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24747
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-14369/libchdr via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-68670: Reference commit with fix directly
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-23949/setuptools
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-23528/dask.distributed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-22865/gradle
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed: take alsa-lib
Paride Legovini ( at paride)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4460-1 for ceph
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] take xrdp
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] Fix patch link for CVE-2025-67725/python-tornado
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] dla-needed: update NOTEs for alsa-lib
Paride Legovini ( at paride)
Last message date:
Sat Jan 31 23:45:00 GMT 2026
Archived on: Sat Jan 31 23:45:03 GMT 2026
This archive was generated by
Pipermail 0.09 (Mailman edition).