March 2026 Archives by date

Messages sorted by: [ thread ] [ subject ] [ author ]
More info on this list...

Starting: Sun Mar 1 00:17:25 GMT 2026
Ending: Tue Mar 31 11:18:25 BST 2026
Messages: 1409

[Git][security-tracker-team/security-tracker][master] LTS: add imagemagick to dla-needed.txt and assign to rouca Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2025-40932/libapache-sessionx-perl: postponed for bullseye Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2026-27699/node-proxy-agents as no-dsa Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2026-3184 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla-needed: add note about node-tar Daniel Leidert ( at dleidert)
[Git][security-tracker-team/security-tracker][master] Track proposed update node-proxy-agents via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add note for node-tar in dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for some vips issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-26960/node-tar Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] lxd DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-27571/nats-server Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] update note Thorsten Alteholz ( at alteholz)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-28370/vitrage Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2024-7701/percona-toolkit Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for vim issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new issues in squirrel3 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fix for CVE-2024-2824/jhead in upstream Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track for imagemagick issues fixed via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-27571/nats-server via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Reference pull request for two openbabel issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] wireshark spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] qemu spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] calibre spu/ospu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version via experimental for CVE-2026-28364/ocaml Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4496-1 for firefox-esr Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-31102/p7zip: affected Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2021-4456 in libnet-cidr-perl for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] CVE-2022-47069/p7zip: marked as fixed in transitional package Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2025-68158 as no-dsa for trixie and bookworm Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for python-authlib via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for pyhon-authlib via bookworm-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for busybox via bookworm-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Group calibre proposed updates together (and for same version) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-40481 and CVE-2023-31102 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new exiv2 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23865/freetype Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Add notes for packages Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] php8.2 DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Apache rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for openbabel issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for gimp issues via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for openjdk-8 issues via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-64702/golang-github-lucas-clemente-quic-go Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-27206/php-zumba-json-serializer via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-27970 and associate with angular.js Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3195 and update relation from CVE-2024-7730 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3196/qemu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3429/keycloak, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new binutils issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA for spip Sebastien Delafond ( at seb)
[Git][security-tracker-team/security-tracker][master] dla: p7zip status update Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-3184 for bookworm Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new python-django issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage python-django for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim python-django. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Add reference for CVE-2026-28370/vitrage Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for exiv2 issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update the status of CVE-2026-3184 for bullseye Santiago R.R. ( at santiago)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-25674/python-django via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process one more NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add three new biosig issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0540/node-dompurify Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for two qemu issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for freetype issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] gimp DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Claim python-cryptography Arnaud Rebillout ( at arnaudr)
[Git][security-tracker-team/security-tracker][master] Add note for python-cryptography Arnaud Rebillout ( at arnaudr)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-26007 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] claim gimp Thorsten Alteholz ( at alteholz)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-28144/hotspot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add TODO item for CVE-2026-29022 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-2376 as NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27932/joserfc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27971/qwik Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Sync Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Sync Linux CVEs with kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed trixie-pu update for arduino-core-avr Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-69725 via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track sylpheed as removed from unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for capstone via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new chromium issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3103/check-mk Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-2588/augeas Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new cpp-httplib issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27622/openexr Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27601/underscore Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-26279/froxlor, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for ckermit via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-40926 as NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-57854 as NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-40931/libapache-session-perl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3257 as NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3381 (Compress::Raw::Zlib) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-2219/dpkg Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-2219/dpkg Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-47229/pspp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-12801/nfs-utils Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add reference for problem around CVE-2025-12801 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] 4 commits: Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some more NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0847/nltk Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add 2N CNA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2025-14104 as unimportant Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] civetweb fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2026-25674 in python-django for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Triage CVE-2026-2219 in dpkg for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Track proposed update for zabbix via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] linux n/a Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Process some CVEs associated with RustDesk products Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new keycloak issues, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add some new Traefik issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-28353/trivy, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-26377/koha, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] chromium dsa Andres Salomon ( at dilinger)
[Git][security-tracker-team/security-tracker][master] CVE-2026-26007: Postpone for bullseye Arnaud Rebillout ( at arnaudr)
[Git][security-tracker-team/security-tracker][master] Drop python-cryptography from dla-needed Arnaud Rebillout ( at arnaudr)
[Git][security-tracker-team/security-tracker][master] Update information on CVE-2025-12801/nfs-utils Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Postpone CVE-2025-12801 (fix should first be exposed in unstable) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new jetty issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new node-dompurify issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for OpenClaw Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new activemy issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new python issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new python issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-71074 via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Apache rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] xen spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Claim asterisk in dla-needed.txt Lukas Märdian ( at slyon)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25638 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] python-cryptography spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] dpkg spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] 7zip ospu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] busybox fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] node-bn.js fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] node-dompurify fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] node-js-yaml fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] thunderbird fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] underscore fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] rclone fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25794 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25637 is not CVE-2026-25638 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25638 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] libsndfile spu, fluidsynth spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] 2 commits: dla: p7zip status update Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3606/ettercap Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25797 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27137/golang-1.26 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27138/golang-1.26 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27142/golang Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-25679/golang Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27139/golang Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove notes from rejected CVE Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add some new issues for wekan, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-29074/node-svgo Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla-needed.txt: No more outstanding Django CVEs. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2026-2297/python2.7 for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Triage CVE-2025-12801 in nfs-utils for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Track proposed augeas update via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-29063/node-immutable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-29068/pjproject Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-29062/jackson-core Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-28804/pypdf Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-28802/python-authlib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25965 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new coredns issues, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add some new binutils issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15602/snipe-it, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-28799/pjproject Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0848/nltk Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new lxml-html-clean issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Two more CVEs covered by 7zip update for trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-69534/python Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update note style for CVE-2026-25794 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update introducing upstream tag for CVE-2026-25637 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-15599 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-2447/firefox-esr via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] bin/lts-bts: drop obsolete script Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-2219/dpkg Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some more NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25966 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Track fixed version for golang-1.26 issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-23865/freetype via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25967 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25968 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25969 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Triage CVE-2025-69534 in python2.7 for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage python3.9 for bullseye LTS (CVE-2025-69534 & CVE-2026-2297) Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Triage CVE-2026-2659, CVE-2026-2661, CVE-2026-3388 & CVE-2026-3389 in squirrel3 for bullseye LTS. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Update commit reference for CVE-2026-25967 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for civetweb via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for two lxml-html-clean issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-27622/openexr Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-27982/django-allauth Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for pypdf issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference commits for CVE-2025-12801 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25982 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Process some new NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-29786/node-tar Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25989 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-30909/libcrypt-nacl-sodium-perl, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-30910 as NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-29784/ghost, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-29778/pyload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-29076/cpp-httplib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for golang-1.25 issues via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] cryfs in <= trixie embeds libcrypto++ Adrian Bunk ( at bunk)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for embeded code copy change/tracking for cryfs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3713/libpng1.6 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3706/dropbear Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for two node-tar issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new caddy issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] requests spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] curl spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version for one node-dottie issue fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for nodejs for dsa-needed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-21619/{erlang-hex,rebar3} Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for python-multipart via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-57352/node-min-document via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add upstream tag for upstream fix for CVE-2025-63938 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-63938/tinyproxy via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-29063/node-immutable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some more NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new libsoup issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new zabbix issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add upstream issue references for CVE-2026-363{2,3,4}/libsoup Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for vim issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new xgrammar issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new libssh issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-3731/libssh Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add reference to related issue for CVE-2026-3634 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] embedded-code-copies: reference lzma embedded in 7zip Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-12801/nfs-utils Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for cpp-httplib issues Salvatore Bonaccorso ( at carnil)
Processing 2be7afd40c7d7ee6f5392eb87fba24b86e9c1359 failed security tracker role
[Git][security-tracker-team/security-tracker][master] NFU Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] golang-github-open-policy-agent-opa n/a Moritz Muehlenhoff ( at jmm)
Processing 73e2ae7eb5bfb068677f33fd608bb2e49bbbfcff failed security tracker role
[Git][security-tracker-team/security-tracker][master] Add reservation for imagemagick update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-30838/php-league-commonmark Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0846/nltk Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new binutils issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-70050/lesspass, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new freshrss issues, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new zookeeper issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new quickjs issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-31802/node-tar Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixes for two ruby-rack issues fixed via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-27606/node-rollup via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-21620/erlang via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new set of gstreamer related CVEs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new batch of imagemagick issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add more imagemagick issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add some more imagemagick issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-26982/ghostty, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-25960/vllm, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Note that Utkarsh Gupta will prepare updates for ruby-rack Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-25934/golang-github-go-git-go-git Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add spip to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Fix typo in source package name for thunderbird Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Track ntopng as removed from unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-31802/node-tar Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2026-3606/ettercap Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-3606/ettercap Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new firefox issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process new NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] imagemagick DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] fix typo Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] imagemagick triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] imagemagick triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] imagemagick triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version for various imagemagick issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox issues from mfsa2026-19 via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new glances issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-1965/curl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3783/curl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3784/curl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3805/curl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-21619/rebar3 via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] sylpheed spu/ospu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Claim postgresql-13 Jochen Sprickerhof ( at jspricke)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3904/glibc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-3904/glibc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] IM triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3848/gitlab Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-31958/python-tornado Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-31870/cpp-httplib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-31852/jellyfin, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-29777/traefik, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] DLA-4497-1 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Add a note about imagemagick DLA Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Reserve DSA-6160-1 for netty Markus Koschany ( at apo)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2024-29025,netty as fixed in bookworm Markus Koschany ( at apo)
[Git][security-tracker-team/security-tracker][master] IM triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-2436/libsoup Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new giflib issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new chromium issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] curl fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new gitlab issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new pdfbox non issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] mold non issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version for some openexr issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] libsixel fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] node-yauzl n/a Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Associate one issue to itp'ed entry for quickjs-ng Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-23868/giflib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for zookeeper issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for libsoup3 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-31870/cpp-httplib issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for glances issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-31958/python-tornado Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new libheif issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-28356/multipart Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add multipart to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla-needed.txt: Update asterisk status Lukas Märdian ( at slyon)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-31900/black Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-31853/imagemagick Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] multipart DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-31826/pypdf Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update (trixie) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for linux update (bookworm) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] chromium dsa Andres Salomon ( at dilinger)
[Git][security-tracker-team/security-tracker][master] 4 commits: dla-needed: add note about python-aiohttp Daniel Leidert ( at dleidert)
[Git][security-tracker-team/security-tracker][master] lts: mark CVE-2026-1965,CVE-2026-3783,CVE-2026-3784/curl as postponed Daniel Leidert ( at dleidert)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3497/openssh Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new gpac issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32274/black Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32259/imagemagick Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32249/vim Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new capnproto issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new chromium issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] glances fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32597/pyjwt Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DLA-4498-1 for linux Ben Hutchings ( at benh)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-3497/openssh Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new node-undici issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new node-undici issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new node-undici issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new node-undici issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new node-undici issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new node-undici issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new openssl issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new rust-quinn issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Review updates potentially pending for 13.4 point release Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] track second source package for CVE-2026-31812 Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new systemd issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-4105 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-3949/libheif Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-3950/libheif Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Use full commit hash for commit for CVE-2026-2673 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-3950/libheif Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-31826/pypdf Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new freerdp3 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-2673/openssl Debian bug reference Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-32274/black Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-32249/vim Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-32597/pyjwt Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-31812: Remove commit related to addition to fuzz_targets Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Only reference rust-quinn-proto for CVE-2026-31812 issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4111/libarchive Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32746/inetutils Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove some notes on CVEs which got rejected (issued in error) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32772/inetutils Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32640/simpleeval Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32627/cpp-httplib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32314/rust-yamux Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32141/node-flatted Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-31899/cairosvg Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-31814/rust-yamux Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new issues in sftpgo, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-30853/calibre Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-2859/check-mk, removed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new lexbor issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27940/llama.cpp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Merge changes for updates with CVEs via trixie 13.4 Salvatore Bonaccorso ( at carnil)
Processing 4533111f64cba717324dd5999a2348d09ed1e49e failed security tracker role
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for inetutils issues Salvatore Bonaccorso ( at carnil)
Processing 928c4bf9276f52622d701942e3a31391c7769e32 failed security tracker role
[Git][security-tracker-team/security-tracker][master] golang-github-in-toto-go-witness is in the archive now Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for lexbor issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for cairosvg issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4500-1 for gimp Thorsten Alteholz ( at alteholz)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4501-1 for wireless-regdb Ben Hutchings ( at benh)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3082/gst-plugins-bad1.0 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-24097/check-mk Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-61154/libredwg, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-22248/glpi Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new issues in limesurvey, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-32141/node-flatted Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-32314/rust-yamux Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-4111/libarchive Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some new NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for two chromium issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] update fixed version of DLA-4500-1 Thorsten Alteholz ( at alteholz)
[Git][security-tracker-team/security-tracker][master] Mark glibc issues fixed in 13.4 Aurelien Jarno ( at aurel32)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2026-24122/cosign Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2026-32314/rust-yamux Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for some libssh issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process one NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add three new erlang issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3884/libjs-spin.js Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] bookworm/trixie triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-32640/simpleeval Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-32627/cpp-httplib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for node-undici issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for two capnproto issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-3706/dropbear Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for squirrel3 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-3054/sogo Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for biosig issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-40931/libapache-session-perl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 5 commits: Fix link for CVE-2026-3950 and mark Bullseye as not affected Daniel Leidert ( at dleidert)
[Git][security-tracker-team/security-tracker][master] CVE-2026-28494 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Correct end-of-life marking for gpac Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add patch link for CVE-2025-14905/389-ds-base Daniel Leidert ( at dleidert)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for erlang issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference commit for CVE-2026-3054/sogo Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for valkey issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-14905/389-ds-base Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2026-2760 as well for thunderbird in DLA-4495-1 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25966 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] 4 commits: lts: mark CVE-2026-30928, CVE-2026-30930/glances as not affecting Bullseye Daniel Leidert ( at dleidert)
[Git][security-tracker-team/security-tracker][master] Claim python3.9 Arnaud Rebillout ( at arnaudr)
[Git][security-tracker-team/security-tracker][master] 3 commits: Add patch link for CVE-2026-32746/inetutils Daniel Leidert ( at dleidert)
[Git][security-tracker-team/security-tracker][master] chromium dsa Andres Salomon ( at dilinger)
[Git][security-tracker-team/security-tracker][master] CVE-2025-71264/mumble assigned Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for two zookeeper issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixes via experimental for two capnproto issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] inetutils fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new sqlite3 issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-28384/incus Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for two golang-golang-x-net issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-23865 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference directly upstream commits for CVE-2025-11143 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-70873/sqlite3 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4265/mattermost-server, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4240/open5gs, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4224/python Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3644/python Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4185/gpac Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4174/radare2 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference upstream tags for CVE-2026-0672 fixes Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-28686 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some new mattermost-server issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new expat issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32775/libexif Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-30405/gobgp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new python-authlib issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-68971/forgejo, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-57543/netbox, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new pluxml issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4177/libyaml-syck-perl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add tracking of proposed muble package via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-4177/libyaml-syck-perl via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new ffmpeg issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new ffmpeg issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new mattermost-server issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker] Pushed new branch users/ecite/suricata-202601 Andreas Dolp ( at ecite)
[Git][security-tracker-team/security-tracker][master] Merge changes for suricata which got actually acepted for 13.4 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker] Deleted branch users/ecite/suricata-202601 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23554/xen Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new rust-lz4-flex issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] erlang fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-23555/xen Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-28687 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] CVE-2026-28688/imagemagick6 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] CVE-2026-28493/imagemagick6 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Add imagemagick to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32953/golang-github-tillitis-tkeyclient Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] nodejs DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] gst-plugins-base1.0 DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-30405/gobgp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-32775/libexif Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] lxd/incus n/a Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3888/snapd Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2026-3888/snapd as no-dsa for bookworm Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for expat issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-3888/snapd Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4359/mongo-c-driver Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4358/mongodb Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process one NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4271/libsoup Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new mongodb issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32837/miniaudio Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new airflow issues, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4258/node-sjcl, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-30929/imagemagick6 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] CVE-2026-30936/imagemagick6 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4502-1 for ansible Lee Garrett ( at lgarrett)
[Git][security-tracker-team/security-tracker][master] LTS: switch FD shifts with Emilio by their request Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] 7 commits: CVE-2026-4186/gpac: mark eol for bullseye Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] Track fixed version for expat issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Associate CVE-2025-34297 with src:kissfft Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track embedded code copy of kissfft in vtk9 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Correct tracking for CVE-2026-3906/wordpress Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-3906/wordpress Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-34297/kissfft Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Document followup for CVE-2026-25796 for ImageMagick6 patch Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two tempoary entries for two sogo issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2025-63499/sogo Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3312/pagure Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] nodejs references Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new glances issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new kanboard issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new glances issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new pyasn1 issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new ONNX issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new ldap-account-manager issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new pyopenssl issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend vmware rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] add exploit references for CVE-2025-38617 Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reference non-merge commiit directly for CVE-2026-3260{6,8} Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] bookworm/trixie triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version for wordpress issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-26198/ormar via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new roundcube issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new gimp issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add upstream tag reference for CVE-2026-2046 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track CVE-2026-29056/kanboard fixed version via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-33058/kanboard Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-28500/onnx Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for kanboard issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for glances issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some new juju issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] freetype DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Process new glances issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27135/nghttp2 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new htslib issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add golang-github-jackc-pgconn for CVE-2024-27304 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update information for CVE-2026-30922/pyasn1 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-25679/go Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2026-3841/openssh: add introductory commit Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-26740/giflib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for some old py-lmdb issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference qualys advisory for snapd issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for glances issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3197{2,3}/samtools Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] pypdf fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Add Parse Server Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] capnproto fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] xpdf n/a Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFUs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Apache rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new python-memray issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new ruby-devise issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new imagemagick issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add two new libxml-parser-perl issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add libxml-parser-perl to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Directly reference upstream commit for CVE-2006-1000{2,3} Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] gimp fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4503-1 for evolution-data-server Thorsten Alteholz ( at alteholz)
[Git][security-tracker-team/security-tracker][master] Merge libxml-parser-perl entries with old non-CVEified entries Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] NFU Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new libarchive issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4427/golang-github-jackc-pgproto3 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add three new issues in wolfssl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3503/wolfssl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3029/pymupdf Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add one new qemu issue and track the upstream commit Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for some qemu issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update commit reference information for some qemu issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove duplicate NOTE marker Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new glance issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] imagemagick DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2026-3888 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for snapd update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 3 commits: Add new round of chromium issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add upstream tag information for CVE-2025-65431 commit Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixes for django-allauth issues addressed via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for golang-github-theupdateframework-go-tuf issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some OpenWrt specific CVE assignments Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33412/vim Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new wolfssl issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove note from one cleaned up CVE Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add initial tracking for some new wolfssl issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla-needed: add note regarding python3.9 Arnaud Rebillout ( at arnaudr)
[Git][security-tracker-team/security-tracker][master] new Python issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] ffmpeg fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4504-1 for libvirt Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: #1131182/Roundcube: Update release post URL Guilhem Moulin ( at guilhem)
[Git][security-tracker-team/security-tracker][master] #1131182/Roundcube: Add link to regression fix for 1.6.x Guilhem Moulin ( at guilhem)
[Git][security-tracker-team/security-tracker][master] Pinpoint the advisory for CVE-2026-2789{4,5} Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for pyopenssl issues via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-31826/pypdf Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference fixing commit for CVE-2026-32700/ruby-devise Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update todo to clarify CVE-2026-32636 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-32722 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-27135/nghttp2 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-26740/giflib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-30922/pyasn1 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for ldap-account-manager issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for pyasn1 issue via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for roundcube issues via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fix via unstable for CVE-2024-27304/golang-github-jackc-pgconn Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-26958 via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixes for wolfssl issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove notes for one rejected CVE Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4519/python Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new glibc issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33123/pypdf Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add three new issues in pjproject Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new issues in Traefik, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-32636/imagemagick6 Bastien Roucariès ( at rouca)
[Git][security-tracker-team/security-tracker][master] Add two issues for ujson Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32986/textpattern Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32701/qwik Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32808/pyload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two more wolfssl issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two kibana CVEs, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-26933/packetbeat, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Associate two NFUs for packetbeat to itp'ed entry Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for two golang-github-sigstore-fulcio issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] chromium dsa Andres Salomon ( at dilinger)
[Git][security-tracker-team/security-tracker][master] Add two more wolfssl issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2026-0001 Alberto Garcia ( at berto)
[Git][security-tracker-team/security-tracker][master] Update status for two libxml-parser-perl issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32710/mariadb Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new rust-tar issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two Bitcoin core issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33040/rust-libp2p Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33036/node-webfront Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add one new phpseclib issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32766/rust-astral-tokio-tar Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32711/pydicom Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27953/ormar Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two more wolfssl issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-69720/ncurses Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-13462/python Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Adjust note for CVE-2017-18009 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33243/barebox, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new nltk issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33228/node-flatted Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33144/gpac Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33210/ruby-json Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two fuse3 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33154/python-dynaconf Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33155/deepdiff Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33151/node-socket.io-parser Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two libde265 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two halloy issues, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-63261/awstats Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track (re-)fixed version for CVE-2006-10003/libxml-parser-perl via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for two jpeg-xl issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] webkit2gtk DSA-6172-1 Alberto Garcia ( at berto)
[Git][security-tracker-team/security-tracker][master] Add missing CVE to the webkit2gtk DSA Alberto Garcia ( at berto)
[Git][security-tracker-team/security-tracker][master] Associate some NFUs with barebox itp'ed entry Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug references for glibc issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference additonal commit for CVE-2026-30405 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Mark glance issue as no-dsa Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2026-27895/ldap-account-manager as not-affected for bookworm (and older) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-4427/golang-github-jackc-pgproto3 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-33412: Add reference for pull request Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for unstable for CVE-2026-0846/nltk Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33412/vim Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for libarchive issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4271/libsoup3 bug reference Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-3884/libjs-spin.js Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for two vim issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-0847/nltk Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-0848/nltk Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-14009/nltk Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-33210/ruby-json Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for nltk issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33228/node-flatted Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33210/ruby-json Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Fix entry for CVE-2006-10003 for bookworm Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for libde265 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Re-associate CVE-2025-58367 from NFU to src:deepdiff Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33155/deepdiff Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33154 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33151/node-socket.io-parser Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33123/pypdf Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for rust-tar issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-27953 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for htslib issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-32711 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Drop for now no-dsa tagged entry, re-checking for potential DSA Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-32766/rust-astral-tokio-tar Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] freeciv DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for ujson issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for phpseclib issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add upstream reference for CVE-2026-33250 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update version info for CVE-2025-46299 (webkit2gtk / wpewebkit) Alberto Garcia ( at berto)
[Git][security-tracker-team/security-tracker][master] 5 commits: CVE-2026-33147/gpac: mark as end-of-life for bullseye Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] LTS: fix date in comment, we are not going back in time (yet) Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] Correct source association for CVE-2026-1940 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Two sogo CVEs assigned Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33549/spip Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-33228/node-flatted via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference upstream fixes for CVE-2023-37365/hnswlib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33250/freeciv Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-4427/golang-github-jackc-pgproto3 via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-33151/node-socket.io-parser Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for spip update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4539/pygments Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-27953/ormar via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process two new NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-33154/python-dynaconf Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2026-2920,2922: add gst-plugins-ugly1.0 fixes for lts branches Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for libyaml-syck-perl update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2026-33306/ruby-bcrypt Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4115/putty Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4541/tinyssh Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4505-1 for ruby-rack Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for sogo issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: LTS: add inetutils to dla-needed.txt Carlos Henrique Lima Melara ( at charles)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4506-1 for mapserver Guilhem Moulin ( at guilhem)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4507-1 for vlc Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] dla: add awstats Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Claim libyaml-syck-perl Andrej Shadura ( at andrewsh)
[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2025-55304/exiv2: introductory commit Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2026-1837/jpeg-xl does not affect bookworm Adrian Bunk ( at bunk)
[Git][security-tracker-team/security-tracker][master] CVE-2026-0672/python: reference follow-up Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2026-2297/python2: not-affected Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim awstats. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim inetutils. Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2026-0865/python: regression merged upstream Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2026-4224/pypy3: follow bookworm triage Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2026-XXXX/glance: bullseye postponed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process two NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] allocate DSA for strongSwan Yves-Alexis Perez ( at corsac)
[Git][security-tracker-team/security-tracker][master] Try to clarify CVE-2026-0672 and CVE-2026-3644 relation Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-25075/strongswan Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove jython2.7 references Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33699/pypdf Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for node-undici issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed versions via unstable for phpseclib issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for freeciv issue fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for rust-tar issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] LTS: claim libxml-parser-perl in dla-needed.txt Guilhem Moulin ( at guilhem)
[Git][security-tracker-team/security-tracker][master] add glibc reference Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new phpleague-commonmark issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] mapserver ospu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] node-flatted spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2026-33347 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference patch for CVE-2026-25075 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] correct reference for CVE-2026-28384 Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4647/binutils Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4645/golang-github-antchfx-xpath Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-27950/freerdp2: not-affected Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Process two Keycloak issues, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new mantis issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add RUSTSEC references for rust-tar issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add RUSTSEC reference for CVE-2026-32766/rust-astral-tokio-tar Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for pypdf issues via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for one inetutils issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33210/ruby-json fixed version via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-23865/freetype: use reference repository Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Add set of new CVEs for chromium Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-29111/systemd Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Correct status for CVE-2026-29111/systemd Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference commmits from 257 version for CVE-2026-29111 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2026-33250/freeciv: bullseye EOL Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] dla: add strongswan Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] dla: add webkit2gtk Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2026-3312/pagure: bullseye postponed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: p7zip status update Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4751/tmate Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4749/miraclecast, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4750/woof-doom Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2026-4645/golang-github-antchfx-xpath: bullseye postponed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] dla: add systemd Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2026-1940,CVE-2026-3083,CVE-2026-3085/gst-plugins-good1.0: bullseye postponed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2026-4111/libarchive: bullseye postponed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] dla: gst-plugins-base1.0 status update Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2026-27448,CVE-2026-27459/pyopenssl: bullseye postponed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2026-23865/freetype Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-23865: Reference followup commit to use builtin overflow protection Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add note to upstream pull reference for CVE-2026-4751 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-4750: remove todo for checking woof, it is unrelated Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: snapd note Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2026-25679/golang-1.15: simplify syntax Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2026-20 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2026-22 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add systemd to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2026-25075/strongswan fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for two node-tar issues after maintainers update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33634/trivy, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-31788/linux Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add references for CVE-2026-31788 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: nodejs status update Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new pyload issues, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two minio issues, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-30932/froxlor Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33298/llama.cpp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-30849/mantis Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33320/dasel Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33554/freeipmi Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Take gst* and nss packages Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] Add initial tracking of new nodejs issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new thunderbird issues from mfsa2026-24 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] chromium dsa Andres Salomon ( at dilinger)
[Git][security-tracker-team/security-tracker][master] Add references for CVEs that affect Python 3.11 Arnaud Rebillout ( at arnaudr)
[Git][security-tracker-team/security-tracker][master] 3 commits: dla: add firefox-esr Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2026-3842/qemu: bullseye not-affected Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] 5 commits: CVE-2026-32700/ruby-devise: bullseye ignored Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVE from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla-needed: update NOTE for python-authlib Emmanuel Arias ( at eamanu)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-31884/ceph Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: add thunderbird Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Add new squid issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr issues via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Mark two CVEs as not-affected for firefox/thunderbird issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4508-1 for nss Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33215/nats-server Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two mod-gnutls issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add initial tracking for some rails issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process one NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3260/undertow Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for simpleeval via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for sogo issues addressed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4509-1 for awstats Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Add bug number for CVE-2025-63261/awstats Chris Lamb ( at lamby)
[Git][security-tracker-team/security-tracker][master] Fix typo in CVE id for nodejs issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for nodejs issues addressed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for nodejs in dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3608/isc-kea Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add initial tracking for bind9 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] node-tar spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reference blogpost for fuse3 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for pymupdf via trixie-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues addressed via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add bind9 to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new gitlab issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference now split bug for CVE-2026-4438/glibc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for firefox-esr update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox issues from mfsa2026-20 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2014-125112/libplack-middleware-session-perl Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add roundcube to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] embedded-code-copies: Register nss-pem Timo Aaltonen ( at tjaalton)
[Git][security-tracker-team/security-tracker][master] Update status for libxml2 issues fixed via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Adjust nss-pem entry Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for bind9 issues addressed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track nee freerdp3 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: thunderbird status update Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Associate CVE-2026-21991 with dtrace Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: add roundcube Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 5 commits: dla: drop node-bn.js Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Cleanup duplicate entry which is incorrect Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: suggest EOL for spip Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] LTS: claim roundcube in dla-needed.txt Guilhem Moulin ( at guilhem)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4878/Keycloak, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add intial tracking for new nats-server issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-30892/crun Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-34085/fontconfig Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new gitlab issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some new mattermost-server issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-25645/requests Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-1001/domoticz, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new libvncserver issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-64998/check-mk Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-26209/cbor2 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33636/libpng1.6 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33416/libpng1.6 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2026-32710/mariadb as not-affected for bookworm Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla-needed: update NOTE for python-authlib Emmanuel Arias ( at eamanu)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track CVE-2026-3305{5,6} as well for rustc as they have security impact in rustc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track embedded copy of rust-tar in rustc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-3196 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Take care of releasing thunderbird DSA Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for gobgp issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for thunderbird update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2025-46299: note that webkit2gtk is eol in bookworm Alberto Garcia ( at berto)
Processing b3d9ef37e832d3b71dcb117ecec54f36b036b070 failed security tracker role
Processing b3d9ef37e832d3b71dcb117ecec54f36b036b070 failed security tracker role
[Git][security-tracker-team/security-tracker][master] Adjust location of soruce package for CVE-2025-46299 update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-3591/bind9 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference commits for bind9 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new issues in node-path-to-regexp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4897/policykit-1 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4887/gimp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some mattermost-server issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new etcd issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] rack DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Remove incorrect triaging for CVE-2026-4887 and bookworm Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for three squid issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for two rustc issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-4750/woof-doom Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new znuny issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4510-1 for firefox-esr Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4511-1 for thunderbird Emilio Pozuelo Monfort ( at pochu)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for libpng1.6 issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new set of incus issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-32766/rust-astral-tokio-tar via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for nats-server issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add phpseclib to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track posted debdiff review requests for lxd and incus Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for inetutils Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-4887/gimp via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new imagemagick issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for node-path-to-regexp issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for crun issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33554/freeipmi Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for libvncserver issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-4751/tmate Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-70888/osslsigncode Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-4867 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-1556/drupal7 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3650/gdcm Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Take care of review of upload for bind9 and DSA Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33532/node-yaml Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add some zabbix issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: add phpseclib,php-phpseclib Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33481/syft, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-1961/foreman, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4833/discount Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-30587/seafile-server, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-70952/libpf4j-java Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-34085/fontconfig: bullseye not-affected Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-69720/ncurses Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-33298/llama.cpp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2025-70952/libpf4j-java Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for rails issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] claim strongswan Thorsten Alteholz ( at alteholz)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-3312/pagure Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add reference to upstream tg for CVE-2026-4174/radare2 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33532/node-yaml Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for etcd issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for caddy issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add tracking of python-nacl embedding libsodium Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-3650 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker] Pushed new branch wip/smcv/flatpak-bubblewrap-gone Simon McVittie ( at smcv)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-27940/llama.cpp via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-355532/node-yaml via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for node-path-to-regexp issues addressed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixes for python3.14 issues via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-32274/black via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4512-1 for strongswan Thorsten Alteholz ( at alteholz)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2026-25645 as no-dsa for trixie and bookworm Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-25645/requests Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] claim gst-plugins-bad1.0 Thorsten Alteholz ( at alteholz)
[Git][security-tracker-team/security-tracker][master] Track fixed version for freeipmi issue fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-3497/openssh Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Document regression for CVE-2025-30189/dovecot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-59028/dovecot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-59032/dovecot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-59031/dovecot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] updates to dsa-needed.txt Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] mark two commonleague issues as no-dsa Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-0394/dovecot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27860/dovecot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-24031/dovecot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27859/dovecot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27857/dovecot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27858/dovecot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27856/dovecot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27855/dovecot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-21712/nodejs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-34085/fontconfig Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for some linux CVEs addressed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference fixes for node-path-to-regexp issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for glibc issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for bind9 issues for bookworm Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for bind9 update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2026-0002 Alberto Garcia ( at berto)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4948/firewalld Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-21724/grafana Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-27893/vllm, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-28377 as NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33375 as NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4988/open5gs, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4985/cgif Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33658/rails Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4980/inkscape Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for ldap-account-manager issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-2903/re2c via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-34475/varnish Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-34353/ocaml Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-34352/tigervnc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33996/libjwt3 (issue specific to 3.0.0 onwards series) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33992/pyload, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new node-handlebars issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new issues in node-forge Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new netty issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new Mastodon issues, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new openbao issues, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33750/node-brace-expansion Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33745/cpp-httplib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33726/cilium, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33721/mapserver Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new node-anymatch issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33635/ruby-icalendar issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new Traefik issues, itp'ed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two new calibre issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: add bind9 Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Process some more NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Claim gvfs in dla-needed.txt Andreas Henriksson ( at ah)
[Git][security-tracker-team/security-tracker][master] 4 commits: dla: add zabbix Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] CVE-2026-4980/inkscape: bullseye not-affected Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-30892/run Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new grafana issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new undertow issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32287/golang-github-antchfx-xpath Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32286/golang-github-jackc-pgproto3 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-32285/golang-github-buger-jsonparser Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new nginx issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two older tikiwiki issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4513-1 for gvfs Andreas Henriksson ( at ah)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for node-handlebars issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2026-32287/golang-github-antchfx-xpath: bullseye postponed Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] dla: add libgpng1.6 Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for node-anymatch issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: add nginx Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] dla: add pypdf2 Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] Fix typo in one TODO item Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-34352/tigervnc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33996/libjwt3 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33936/python-ecdsa Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33745/cpp-httplib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-4985/cgif Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] dla: add perl Sylvain Beucler ( at beuc)
[Git][security-tracker-team/security-tracker][master] dla-needed: unclaim vim Paride Legovini ( at paride)
[Git][security-tracker-team/security-tracker][master] Track fixed version for node-anymatch issues fixed via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2025-15604 as NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3256 as NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2018-25225/sipp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2018-25224/pms Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2018-25223/crashmail Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2018-25222/sc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2018-25220/bochs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2017-20229/mawk Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two ancient jad issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add two ancient issues in tiemu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add ancient iselect issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2016-20044/pinfo Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2016-20043/nrss Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add old issue for trn Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add ancient issue in yasr Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2016-20038/ytree Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33809/golang-golang-x-image Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33349/node-webfont Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33186/golang-google-grpc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DSA number for libxml-parser-perl update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add dovecot mailing list announce reference Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference upstream commits for CVE-2026-32640/simpleeval Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add simpleeval for further evaluation in dsa-needed Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2025-63261 as no-dsa for trixie and bookworm Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Mark django-allauth issues as no-dsa Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add libpng1.6 to dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
Processing c7640d3a0c464c073d3e8969eeda59909541331a failed security tracker role
Processing c7640d3a0c464c073d3e8969eeda59909541331a failed security tracker role
[Git][security-tracker-team/security-tracker][master] Process CVE-2026-4851 as NFU Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Skia now in the archive, needs to be checked for fixed status Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for libpng1.6 issues fixed via unstable Salvatore Bonaccorso ( at carnil)
Processing 9e1c9ee80690bfa4b75e4625e1c10b135e7462e8 failed security tracker role
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4514-1 for gst-plugins-base1.0 Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] Take phpseclib,php-phpseclib Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] Adjust source package name as it got choosen to enter the archive Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for duckdb now entered the archive Salvatore Bonaccorso ( at carnil)
Processing 25f328ede4961ba705e6130f63e4ceeccb3d4089 failed security tracker role
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2016-20046/cernlib Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33750/node-brace-expansion Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for redis and redict issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for node-handlebars issues fixed via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add valkey to dsa-needed with comment Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4515-1 for asterisk Lukas Märdian ( at slyon)
[Git][security-tracker-team/security-tracker][master] nodejs DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] add nodejs commit references Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] incus DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] update status for tiemu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] add a missing CVE reference to Incus DSA Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Drop one additional space between sttaus and severity Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-33996/libjwt3 via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2026-33750/node-brace-expansion Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixes via unstable for CVE-2026-27135/nghttp2 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-23919/zabbix Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-23920/zabbix Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-22921/zabbix Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add reference for upstream commit for CVE-2026-33186 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-22924/zabbix Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-33186/golang-google-grpc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for netty issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add references for CVE-2026-4539/pygments Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for varnish issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-4539/pygments Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-4174/radare2 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add note on openssh in dsa-needed list Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add upstream commit reference for CVE-2026-4897 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-4897/policykit-1 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Clarify CVE-2026-4897 relation with CVE-2015-4625 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] phpseclib DSAs Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] auto-nfu: Expand Apache rule Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2026-34475/varnish as no-dsa Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Mark CVE-2026-33554 as no-dsa Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-5037/mxml Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some new NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixes via experimental for two node-webpack issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-25639/node-axios Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4516-1 for gst-plugins-ugly1.0 Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] add initial commit references for dovecot Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add details for some Python CVEs Arnaud Rebillout ( at arnaudr)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-59028/dovecot Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add one new tornado issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Split perl part of CVE-2026-3381 into new dedicated CVE-2026-4176 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for four git issues addressed in bookworm Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-33945 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-33691/modsecurity-crs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed verison for CVE-2026-27171/zlib via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] update tracking for skia code copies now that it's packaged in Debian Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-5119/libsoup Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2026-5119 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-5107/frr Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add new roundcube issue, #1132268 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new plexus-utils issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version for roundcube issue via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new spring issues Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] new grafana issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] #1131182/Roundcube: Add link to regression fix for 1.6.x Guilhem Moulin ( at guilhem)
[Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2026-4645 (duplicate of CVE-2026-32287) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove ntoes from CVE-2026-4427 (duplicate of 2026-32286) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] new pytorch issue Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] NFU (concludes external check) Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] psychtoolbox-3 embeds glew Adrian Bunk ( at bunk)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4517-1 for roundcube Guilhem Moulin ( at guilhem)
[Git][security-tracker-team/security-tracker][master] Convert a note to TODO item with the aim to drop it again once clarified Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-43767/libskia Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-43768/libskia Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Reserve DLA-4518-1 for phpseclib Utkarsh Gupta ( at utkarsh)
[Git][security-tracker-team/security-tracker][master] more dovecot commit references Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-5119/libsoup3 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-5107/frr Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-5037/mxml Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-4027/undertow Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] gvfs spu/ospu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] php-league-commonmark spu/ospu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] erlang spu Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] free fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Reference commit for frr-10.6.0 as well for CVE-2026-5107 Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4946/ghidra Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Mark mxml issues as no-dsa Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-2370/gitlab Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][wip/smcv/flatpak-bubblewrap-gone] flatpak no longer vendors bubblewrap Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] 2 commits: flatpak no longer vendors bubblewrap Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker] Deleted branch wip/smcv/flatpak-bubblewrap-gone Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for imagemagick via unstable Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2025-71275 (duplicate of CVE-2024-45519) Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Remove trailing whitespaces in listing Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-5170/mongodb Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-34714/vim Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-512{2,3,4}/gobgp Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-5121/libarchive Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-4046/glibc Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-3945/tinyproxy Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Track fixed version for some ippsample issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for two valkey issues addressed via unstable upload Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track fixed version for two python-tornado issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for one python-tornado issue Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] more gst commit references Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] Process some new NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add four new opensc issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Track proposed update for nginx via {bookworm,trixie}-pu Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Mark nginx issues as no-dsa Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add references to upstream comits for nginx issues Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] CVE-2026-34881 for glance issue assigned Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-34073/python-cryptography Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Process some NFUs Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] Add CVE-2026-34036/dolibarr Salvatore Bonaccorso ( at carnil)
[Git][security-tracker-team/security-tracker][master] bookworm/trixie triage Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] mxml fixed in sid Moritz Muehlenhoff ( at jmm)
[Git][security-tracker-team/security-tracker][master] trixie/bookworm triage Moritz Muehlenhoff ( at jmm)

Last message date: Tue Mar 31 11:18:25 BST 2026
Archived on: Tue Mar 31 11:18:31 BST 2026

Messages sorted by: [ thread ] [ subject ] [ author ]
More info on this list...

This archive was generated by Pipermail 0.09 (Mailman edition).