June 2026 Archives by thread
Starting: Mon Jun 1 01:25:28 BST 2026
Ending: Fri Jun 19 11:51:03 BST 2026
Messages: 1082
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Andres Salomon ( at dilinger)
- [Git][security-tracker-team/security-tracker][master] 2 commits: lts: add prometheus to dla-needed
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4611-1 for keystone
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] 4 commits: lts: mark CVE-2026-41150,CVE-2026-41159/node-mermaid as postponed
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4612-1 for sentry-python
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim xrdp
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-8796/libsereal-decoder-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4613-1 for python-aiohttp
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Swap FD duties with Emilio as discussed via IRC
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] rails: postponed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Correct upstream tag for commit for CVE-2026-41401
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: claim openvpn
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Add two libusb-1.0 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add another product covered by the Apache CNA rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-48501/GitHub CLI (gh)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] older symfony non issue fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-44825/lucene-solr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-48827/mina
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-35563/apache-directory-api
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate CVE-2018-1337 with apache-directory-api
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add upstream tags for fastnetmon 1.2.9
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-41570
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new qemu issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new kas issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add commit references for qemu issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] various rust-coreutils issues fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-41440/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] rsync ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] pygments ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-41439/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] neutron spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lwip spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] pymatgen ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-41438/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-41437/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-41436/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFU CVE-2026-49328 Apache Fesod
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-41435/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-8341/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-45192/airflow
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] 2 commits: trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Some CVEs need re-evaluation, node-systeminformation is packaged
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add one more CVE-less Dulwich issue and commit references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: claim yelp
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Add Debian bug reference for CVE-2026-8796
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Review first batch of CVES for node-systeminformation
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Review second batch of node-systeminformation CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-8796 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Bump note for redis in dla-needed.txt.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] symfony DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] gst-plugins-good1.0 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-46243
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libunicode-linebreak-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2026-44903/prometheus: introductory commit + bullseye not-affected (bookworm neither)
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for FastNetMon issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes on one rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-45729/thorvg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: libcaca status update
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Process some Nextcloud server CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed 7zip update via {trixie,bookworm}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-44903/prometheus
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for rsync via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-44740/go-billy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-43958/rrdtool
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-45104/mapserver
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] twig triage for older suites
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-44227 n/a for RT4/5
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] netatalk fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Apache rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new activemq issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mpd fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update notes for CVE-2026-44227 now that release info has been updated
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new xorg-server issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed pygments update via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new gpac issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10532/logback
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10275/OpenSC
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new batch of assimp issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10118/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for sshfs-fuse via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-45249/echarts, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-37630/quickjs-ng
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for yelp
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Add AuthToken and RSS/iCal related changes for CVE-2026-44231
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Temporarily track yelp fixes until CVE assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Document Daniel is proposing to work on an update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take frr
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend vmware rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for xorg-server issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim sudo in dla-needed.txt
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Take expat
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] python-filelock ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mbedtls spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] tomcat10 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] fastnetmon fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] xorg-server/xwayland fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new orthanc issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new whisper.cpp non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new packagekit issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new node-babel7 issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track as well golang-github-go-git-go-git-v6 for some recent CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track separate bug for xwayland issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove tailing whitespaces
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed sshfs-fuse update via {trixie,bookworm}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add one more CVE addressed by pytho-filelock bookworm-pu update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-10118/poppler
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] php-twig DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] correct fixed version for php-twig DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new kafka issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] bugnums
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Remove notes from two rejected CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-49943/bird
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-24122 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] krb5: CVE-2026-40355 and CVE-2026-40356
Emmanuel Arias ( at eamanu)
- [Git][security-tracker-team/security-tracker][master] Revert "krb5: CVE-2026-40355 and CVE-2026-40356"
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for poppler via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust source package name for golang-golang-x-net
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed verison for golang-golang-x-net issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new firefox issues from mfsa2026-54
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for python-pip via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-49975/apache2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for advisories for libcpanel-json-xs-perl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add for now as well bird3 for CVE-2026-49943
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for apache2 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new go issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-5422/jupyter-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUsProcess some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-38978/transmission
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE assigned for one varnish issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-50031/freeipmi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-48682/fastnetmon
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new elixir-tesla issues, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new python-aiohttp issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add one issue in glpi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-5385/glpi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10650/libwebsockets
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-24712/cfengine3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add jupyterlab for node-systeminformation CVE
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add kind of embedding for node-systeminformation
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new python-django issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for python-django issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for freeipmi issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for python-aiohttp issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for thorvg issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for varnish issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: prepare for bullseye+bookworm LTS during June 12th -> September 1st 2026
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-48019/php-laravel-framework
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for apache2 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new ironic issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-41283/mistral
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3276/python
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for kas issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts-cve-triage.py: support package/dist entries
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Typo
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-6657/jupyter-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two issues in python-daphne
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issues in optee-os
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new glpi issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new issues in libnet-cidr-set-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new okular issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for ceph update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take popper from dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add temporary entry for nginx issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-37459/frr
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-8722 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed versionfor CVE-2026-50052/varnish via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust indentation
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes via unstable for golang-github-xenolf-lego issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-38978/transmission
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for redis issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-8829/libhtml-parser-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: lts-cve-triage.py: allow setting the target dists
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-5663/dcmtk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-50219/expat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts-cve-triage.py: display defaults in --help
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] lts: bullseye triage
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-8829/ibhtml-parser-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4614-1 for sudo
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] claim exim4
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] claim gsasl
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Take xorg-server from dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Record fact that Andreas is interested in providing an update for atril
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new gdal issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track new openstack related issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for edk2 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update on mesa.
Tobias Frost ( at tobi)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for frr
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-50292/libinput
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for neutron issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add announce reference for CVE-2026-8829
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-46739/libnet-statsd-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-46741 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for libnet-cidr-set-perl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take botan3 from dsa-needed
Aron Xu ( at aron)
- [Git][security-tracker-team/security-tracker][master] Add some commit references for CVE-2026-25243/redis
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Remove notes on CVE-2026-9642, which was withdrawn
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add perl for CVE-2026-7010
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-8916/rlottie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add cloned bugs for perl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE assigned for neutron issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-7774/python
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for python-daphne issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for two radare2 issues via experimental
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-49837/gobgp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed verison for two python-aiohttp issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for python-daphne issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-50219/expat
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for perl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for golang-1.25 issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for golang-1.26 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for thorvg issue fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new rlottie issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new froxlor issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-9496/npm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-9358/node-css-loader
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim openssl
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Two znuny CVEs assigned
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-50593/graphite2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVEs assigned for xorg-server issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-47774/envoyproxy, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for radare2 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for optee-os issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4615-1 for exim4
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add some NFUs in netty-incubator-codec-http
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new issues in golang-opentelemetry-otel
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-40898/quic-go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-37462/gobgp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-37460/frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] claim haveged
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 2 commits: NFU CVE-2026-34912 Revive Adserver
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] NFU Revive Adserver
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4616-1 for haveged
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2020-28200/dovecot: Mark as ignored/too disruptive for bullseye
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4618-1 for gsasl
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] update notes
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Decouple some CVEs in DSA 6322-1/frr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim u-boot in dla-needed.txt
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Track fixes via experimental for openbabel issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-6732/libxml2 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version gdal issues via unstable uploads
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-49014/gdal
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new mina issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for rlottie issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add CNA based rule for eltonika Networks CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-9088/keycloak, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-50589/ironic
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for CVE-2026-50265
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-11332/ansible-core
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10879/libdbi-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-36499 with unclear upstream status/validity
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new issues in libxls
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new koha issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-41259/swupdate
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Postpone some perl updates
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial indication for work in progress on apache2 and nginx
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts-cve-triage.py: typo
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Add another product for Apache CNA rule
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-45409/python-idna
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-45300/async-http-client
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-9698/libdbi-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10805/network-manager
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10796/nvm, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10305/rlottie
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10722/golang-github-cilium-ebpf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-60477/gpac
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10705/dask
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for libdbi-perl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for ironic issue via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for chromium via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10725/libprotocol-http2-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for okular issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-10725 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2026-43073
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for apache2 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for request-tracker5 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add libinput to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for perl issues fixed via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark graphite2 as no-dsa for trixie and bookworm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-39821/golang-golang-x-net
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-11332/ansible-core
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add apache2 dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-45409/python-idna
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-45300/async-http-client
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference or CVE-2026-11332
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for golang-opentelemetry-otel issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for quic-go issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-10305
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-46739
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for mina2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-10722/golang-github-cilium-ebpf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-10705/dask
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-10650/libwebsockets
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-10532/logback
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-35563
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-10194/dcmtk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-9496/npm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-9358
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-24712
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed graphite2 update via {trixie,bookworm}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for ruby-css-parser via {trixie,bookworm}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4619-1 for tomcat9
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2026-0992/libxml2: Add reference to follow-up commits
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reassociate CVE-2025-68618 to src:weasyprint
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15646/libhtml-gumbo-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-46739/libnet-statsd-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-40021/log4net fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issues in mariadb
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2026-42859
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2026-10705 as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take care of releasing DSA for nginx update prepared by maintainer
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-10650/libwebsockets
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4620-1 for apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-15646/libhtml-gumbo-perl as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-47430
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] dla: attribute request-tracker4 to its maintainer
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Adjust tracking for src:ansible for CVE-2026-11332
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-10275/opensc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-6732
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Take snapd
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for nginx update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for libxml2 via {trixie,bookworm}-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for freeipmi issue fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for opensc issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for mutt issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for request-tracker4 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-8732/libxml2: Reference fixing commit
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4621-1 for glibc
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for two gitsign issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2026-44544/gittuf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt:update status of ruby-rack and ruby2.7
Abhijith PA ( at abhijith)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-11487/neovim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4622-1 for libxml2
Guilhem Moulin ( at guilhem)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-48977/openslide
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for network-manager issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4623-1 for jackson-core
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-6328-1 for tomcat10
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-6329-1 for tomcat11
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] allocate DSA for strongSwan
Yves-Alexis Perez ( at corsac)
- Processing 42ee1d80908f8b40b5d7fe6b9c55b9e3a5fd976e failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-47895/strongswan
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim samba in dla-needed.txt
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] Take libdbi-perl from dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update information for CVE-2025-8732/libxml2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Document that sogo has a debdiff for review
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add okular to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] ironic n/a for released suites
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add commit link for CVE-2026-23479/redis.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add commit link for CVE-2026-23631/redis.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Follow dsa and add dla-needed to libdbi-perl
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Follow dsa for libinput
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add sogo to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add apache-directory-api
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Triagge assimp bullseye
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Correct reference to commit for CVE-2026-25243
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tags for two redis upstream commits
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2020-37248/offlineimap3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-37248/offlineimap3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-47895/strongswan via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] keystone DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-36489/allegro4.4
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] track two keystones originally lined up for spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-10194/dcmtk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from now rejected CVE-2026-50265
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add correct set of backport commits for libinput issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issues for check-mk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-7186/check-mk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issues in routinator
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new apache2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-48507/snipe-it, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-7774/bullseye
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] cargo/bullseye triagging
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] dask/bullseye triagging
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] etcd/bullseye triagging
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] skanpage fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for apache2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add apache2 to dla needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4624-1 for openssl
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Claim giflib
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Update giflib, unclaim
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Add reference to applied patch in 6.1.3-1 for CVE-2026-26740
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim dnsmasq
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] update CVE-2026-8328 commit references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-9669
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new 389-ds issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Update vmware rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-11623/tmux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2026-9698
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2009-10007/libcatalyst-plugin-authentication-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Bump deb version for DLA-4624-1
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] new spring issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-28370/vitrage
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] php-guzzlehttp-psr7 spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new xen issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add one additional xen issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issues in openssl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] okular, mistral DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add two new issues in librabbitmq
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-49839/jq
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from now rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for linux issues fixed via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add openssl to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] gdown spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libxpm, python3.13 spus
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Triagge freeipmi
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Claim libreoffice in dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for poppler update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2026-23479 in redis for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add openssl in bullseye
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2026-25243 in redis for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Remove redis/bullseye from dla-needed.txt; all CVEs properly triaged.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] bullseye triagging
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] libcpanel-json-xs-perl/bullseye
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for openssl update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bullseye triagge
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add two issues in limesurvey, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new issues in FreeSWITCH, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-49762/elixir-lang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new 389-ds-base issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-11526/libgd-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] cleanup rejected CVE
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10846/ldns
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new mongodb issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add new mongodb issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim openssl (again)
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add Everpure CNA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-11526/libgd-perl via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new debusine issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference mitigations for CVE-2025-10263 in src:linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for coturn issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4625-1 for dnsmasq
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] new sqlfluff issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new libspring-security-2.0-java issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for ldns issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2009-10007
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-48019
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new onionshare issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for gimp via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for sqlfluff issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for openssl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-5172/dnsmasq: bullseye not-affected
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] vitrage spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] horizon spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libtemplate-perl/bullseye
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add reference for ITScape for CVE-2026-46316
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for ldns issue via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-29167/apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-29170/apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-34356/apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-42535/apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-53689/libnfs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2026-42536/apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add new issues in ghidra, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-34355/bullseye
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-44119/apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add some new erlang issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some new ghidra issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-11884/389-ds-base
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA-6336-1 for jackson-core
Markus Koschany ( at apo)
- [Git][security-tracker-team/security-tracker][master] skanpage spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] followup fix for CVE-2026-6019
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] xen eol for bullseye
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] dla needed async-http-client
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-44185/apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] apache2 commit
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] rclone commit refs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-48913/apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Claim libinput in dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-34182/openssl: bullseye not-affected
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Track fixed version fro some python3.14 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for python3.13 issue via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libdbi-perl update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to reported openssl issue for CVE fixes
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libinput update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-42770/openssl: bullseye not-affected
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2026-44028
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-45445/openssl: bullseye not-affected
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Add new dracut issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10143/python-kafka
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new ansible issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-45446/openssl: bullseye not-affected
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] claim asterisk
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-45767/openssl: bullseye not-affected
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Add information for CVE-2026-32836/libchdr
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] elixir-lang fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] postfix spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] qemu spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2026-11460 as bogus, usual VulDB junk
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libcrypt-urandom-perl spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add reference for CVE-2025-40214
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] add reference for CVE-2026-43494
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] ironic, neutron DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Sync upstream tag for CVE-2026-5172
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Unify notes for apache2 entries
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for onionshare issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2026-7930
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup two rejected CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new gitlab issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-9648/haskell-crypton-x509-validation
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new imagemagick issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add more new imagemagick issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add more imagemagick issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-5497/vllm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new vim issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add librabbitmq to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE assigned for one dulwich issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add missing 'explanation' for end-of-life tag
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add ansible to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] add jq to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add libgd-perl to dla-nedeed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-50127/weblate, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new issues in rust-russh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add pyhton-aiolib to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Re-associate old rust-russh issues which were marked NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add more rust-russh issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 8 commits: add-dsa-needed: Only list packages for stable for dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] update dsa-needed to remove boomworm-specific entries and claim librabbitmq and jpeg-xl
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] apache2 spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dcmtk spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-50572 with maintainers input
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add dla-needed imagemagick
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add dracut to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add libheif to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4626-1 for libinput
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-6893/dracut
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-russh issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for erlang issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-9648
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for vim issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libnfs issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-53701/gst-plugins-bad1.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-53702/gst-plugins-bad1.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lts: drop bin/contact-maintainers and templates
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] trixie / imagemagick triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] cvelist.el: Update default distro
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new chromium issues / NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add gitlab
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new netty issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] two uriparser issues fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add Ping CNA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] apache2 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] three rlottie issues fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new krb5 issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DLA-4627-1 for kernel-wedge/bookworm
Ben Hutchings ( at benh)
- [Git][security-tracker-team/security-tracker][master] new node-axios issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-49982/node-tmp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to commit for CVE-2026-49982
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for two node-tmp issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference full commit hash for CVE-2026-11850
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] apache2 ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add explanation for end-of-life entry
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add a note for libio-compress-perl
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add two new squid issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tags for squid issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new node-js-cookie issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim libgd-perl.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim cockpit.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-46625
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-44705
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim async-http-client.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add p7zip to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add libnfs to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add libvnc to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] trixie triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4629-1 for apache2
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add gst-plugins-bad1.0 to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] jpeg-xl, librabbitmq DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for erlang issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new libcrypt-pbkdf2-perl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: p7zip status update
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2017-20240/libcrypt-pbkdf2-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libcrypt-pbkdf2-perl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add commit references for libcrypt-pbkdf2-perl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add python-oslo.messaging to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add new mattermost-server issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new batch of netty issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add a note about dracut in dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-48914/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add another batch of netty issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-44967/opentelemetry-cpp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3433 for mattermost-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-48733
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Update status for two python-kafka issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add libcrypt-pbkdf2-perl to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-11623/bullseye
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] add mistral to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-46529/atril
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new pyo issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rust-postgres-protocol issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rust-diesel issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for libcrypt-pbkdf2-perl issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix a couple of copy-paste typos of mine while triaging imagemagick CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new kitty issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libcrypt-pbkdf2-perl via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add a note on dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for kitty issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: bookworm LTS handover, sync from data/dsa-needed.txt
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libcrypt-pbkdf2-perl via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2026-11933
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: drop bookworm EOL'd packages
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: drop mimetex/bookworm (EOL)
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] dla: smb4k bookworm EOL
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] bookworm EOL
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for assimp issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: add the usual warning about OSPU conflict
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for openimageio issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for netty issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-11837/ansible
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: reference current upload status
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Bookworm triagging
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add dulwich to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add pgjave to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libhtml-parser-perl via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for okular via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] python-kafka fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for kitty issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-48914/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2026-44393
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for imagemagick issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libhtml-parser-perl via bookworm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mutt spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] isc-kea spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add libhtml-parser-perl to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-41579/runc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new rust-http-types issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gpac issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new node-form-data issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new sqlite3 issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new docker.io issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new redmine issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new rabbitmq issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add libhttp-daemon-perl to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag references for docker.io issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-http-types issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for node-form-data issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for sqlite3 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for docker.io issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] sqlite3 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2026-53462/trixie
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] new rust-pyo3 issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add new ironic issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one new NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new rust-tokio-postgres issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for debusine via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix version for CVE-2026-4285{0,1}/kitty
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove trailing whitespaces
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add kitty to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Annotate that Bastien Roucaries will prepare imagemagick updates
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-48977
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-11487
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-41579/runc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for shiro issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add packages to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] dcmtk ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] libnet-cidr-set-perl spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Fix small typos in NOTE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-48977 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-tokio-postgres issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rust-pyo3 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-54421
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-11527/libconfig-inifiles-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for openssl issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] gpac/bullseye
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add lxml to dla-needed
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] sqlite3 LTS triagge
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add bookworm pu note about libhtml-parser-perl
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4630-1 for openssl
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker] Deleted branch users/roberto/rmadison_review-update-needed
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-11527 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-11487/neovim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Fix typo in tag
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] pyjwt commit references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] alsa-lib fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-43618/rsync: reference fix and regression fix
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] review-update-needed: document script purpose
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-54411/pam
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] nasm references
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] golang-golang-x-net fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] weasyprint fixed in sid and new issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] u-boot fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] horizon fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new golang-sslmate-src-go-pkcs12 issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] erlang-hex fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-12205/libcrypt-dsa-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2026-11527
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Reference for CVE-2026-11526/libgd-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Associate libvncserver issue with CVE-2026-50538
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add note for postgresql-13
Emmanuel Arias ( at eamanu)
- [Git][security-tracker-team/security-tracker][master] Claim bind9 in dla-needed.txt
Emmanuel Arias ( at eamanu)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2026-40892 as not-affected for Bullseye
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2026-41416 as not-affected for Bullseye
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Bump fixed version for CVE-2026-48977/openslide
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-42500/golang-golang-x-image
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to upstream issue for CVE-2026-11837
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Adjust one CVE for mutt update via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add initial tracking for three libreoffice issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add more libreoffice issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-47777/mastodon, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for libgd-perl update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] libreoffice, bird2 DSAs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] giflib spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for golang-sslmate-src-go-pkcs12 issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for libcrypt-dsa-perl issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 5 commits: LTS: add rsync to dla-needed.txt
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for libcrypt-dsa-perl via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-11832 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-12087/{perl,libsocket-perl}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2026-10294
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 4 commits: fix libreoffice version info for sid; add not-affected for CVEs not affecting...
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for perl in dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-53705/gst-plugins-good1.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-52717/gst-libav1.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Claim atril/bookworm in dla-needed.txt
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Add one missing source package for CVE-2026-52717
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-52718
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-52719/gst-plugins-bad1.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2026-53702
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-5370{3,4}/gst-plugins-ugly1.0
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new gsasl issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference pull request for ansible.posix collections module issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new duktape issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new gst-plugins-bad1.0 issues / NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-50890/grocy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-47261/rust-wasmtime
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new gst-plugins-good1.0 issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-47261/rust-wasmtime
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] claim rsync
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] new gstreamer issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2026-50538
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Two gst-plugins-bad1.0 issues fixed with 1.28.4-1 update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] rust-wasmtime fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4631-1 for asterisk
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-10649/pacemaker
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-46448/nova
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-12087/perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Correct tracking for CVE-2026-5271{7,8}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-54421/ironic
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] gsasl DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add new libidn issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update CVEs for osticket
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4632-1 for atril
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Add firefox issues from mfsa2026-57
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add firefox-esr and thunderbird to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla: update bookworm-related warnings
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add new firefox-esr issues from mfsa2026-58
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-33637/ruby-faraday via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new imagemagick issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for ocaml issue via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add thunderbird issues for thunderbird from mfsa2026-61
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-46242
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via bookworm for CVE-2024-56647
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 3 commits: okular: postpone vulnerabilities without CVE ID for bullseye
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr issues via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for packagekit issue fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for imagemagick issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] add CVE-2026-36849/tiff
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add tracking of ironic in CVE-2026-43003
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for CVE-2026-54411/pam
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2026-46173
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-53612/util-linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-53613/util-linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-53614/util-linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-53615/util-linux
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-10649/pacemaker
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-54411/pam
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for docker.io issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference upstream commits for util-linux issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for util-linux issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] five chromium issues rejected
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new virtualbox issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new mysql issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new chromium issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] cfengine3 fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for cfengine3 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed verison for CVE-2021-41556 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4633-1 for libreoffice/bookworm
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-47178/libheif
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-47178
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed updates for libvncserver issues via point releases
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for util-linux issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA number for atril update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] firefox-esr DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Claim libconfig-inifiles-perl in dla-needed.txt
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-55748/horizon
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for libtasn1-6 via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for thunderbird issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new node-undici issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for tiff issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] python-ecdsa spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add notes about u-boot to dla-needed.txt
Andreas Henriksson ( at ah)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4634-1 for nginx/bookworm
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add note for gdcm.
Emmanuel Arias ( at eamanu)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-52717/gst-libav1.0: mark bullseye,bookworm not-affected
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] LTS: add pacemaker to dla-needed.txt
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-8484/jansi
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-49268/shiro
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] NFU CVE-2026-49050 Apache DolphinScheduler
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-12003 references
Henri Salo ( at hsalo-guest)
- [Git][security-tracker-team/security-tracker][master] Process two firefox issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-50889/lldap
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove todo item for CVE-2026-49268
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] mark CVE-2026-11850 as a non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] rust-imageproc fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new nginx issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] one more nginx issue affecting sid only
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Cleanup one Kernel CNA rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Cleanup some more rejected CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new python non issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-55202/tinyproxy
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new libssh2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add two new tinyproxy issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-48990/joserfc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new shaarli issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: LTS: add nginx to dla-needed.txt
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] new rust-git2 issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Claim vim
Lee Garrett ( at lgarrett)
- [Git][security-tracker-team/security-tracker][master] Annotate that Lee Garrett is interested in contributing vim update for stable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-48988/node-markdown-it
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-48818/starlette
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-48817/starlette
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-9692 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for shaarli issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for tinyproxy issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-48988/node-markdown-it
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-8461/ffmpeg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new webmin issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-55392/nilfs-tools
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new haproxy issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-50141/woodpecker, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-48779/node-ws
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-48157/php-slim
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new nodejs issues from june release
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add references for advisories for nginx
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to advisory for CVE-2026-42530
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for squirrel3 via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for glibc issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-11332 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-28348/CVE-2026-28350: lxml-html-clean was part of lxml before trixie
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] LTS: add util-linux to dla-needed.txt
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] LTS: add jpeg-xl to dla-needed.txt
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Add DSA entry for thunderbird
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add DSA entry for chroimum
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] LTS: also add expat/bookworm in dla-needed.txt
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-42530/nginx
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for nginx issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for nodejs issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove one additional whitespace
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track two more CVEs as fixed in unstable upload for nodejs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove some temporary trackings for only unfixed experimental status
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-43003 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for tiff issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for nilfs-tools issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-55766/php-guzzlehttp-psr7
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for node-undici issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] carrierwave still in older distros
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add two new coturn issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two more expat issues open and pending for 2.8.2
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new openexr issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4635-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4636-1 for thunderbird
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] CVE-2025-67713/miniflux does not affect trixie
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] new nltk issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new cifs-utils issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new 389-ds-base issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new libzypp issue
Moritz Muehlenhoff ( at jmm)
Last message date:
Fri Jun 19 11:51:03 BST 2026
Archived on: Fri Jun 19 11:51:07 BST 2026
This archive was generated by
Pipermail 0.09 (Mailman edition).