March 2026 Archives by thread
Starting: Sun Mar 1 00:17:25 GMT 2026
Ending: Wed Mar 11 09:08:15 GMT 2026
Messages: 358
- [Git][security-tracker-team/security-tracker][master] LTS: add imagemagick to dla-needed.txt and assign to rouca
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2025-40932/libapache-sessionx-perl: postponed for bullseye
Carlos Henrique Lima Melara ( at charles)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2026-27699/node-proxy-agents as no-dsa
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix via experimental for CVE-2026-3184
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed: add note about node-tar
Daniel Leidert ( at dleidert)
- [Git][security-tracker-team/security-tracker][master] Track proposed update node-proxy-agents via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add note for node-tar in dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for some vips issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-26960/node-tar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] lxd DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-27571/nats-server
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] update note
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-28370/vitrage
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2024-7701/percona-toolkit
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for vim issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new issues in squirrel3
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fix for CVE-2024-2824/jhead in upstream
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track for imagemagick issues fixed via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-27571/nats-server via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Reference pull request for two openbabel issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] wireshark spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] qemu spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] calibre spu/ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via experimental for CVE-2026-28364/ocaml
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] trixie/bookworm triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Reserve DLA-4496-1 for firefox-esr
Emilio Pozuelo Monfort ( at pochu)
- [Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-31102/p7zip: affected
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] 3 commits: Triage CVE-2021-4456 in libnet-cidr-perl for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] CVE-2022-47069/p7zip: marked as fixed in transitional package
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-68158 as no-dsa for trixie and bookworm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for python-authlib via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for pyhon-authlib via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for busybox via bookworm-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Group calibre proposed updates together (and for same version)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-40481 and CVE-2023-31102
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new exiv2 issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-23865/freetype
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Add notes for packages
Utkarsh Gupta ( at utkarsh)
- [Git][security-tracker-team/security-tracker][master] php8.2 DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Apache rule
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for openbabel issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for gimp issues via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for openjdk-8 issues via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-64702/golang-github-lucas-clemente-quic-go
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-27206/php-zumba-json-serializer via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-27970 and associate with angular.js
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3195 and update relation from CVE-2024-7730
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3196/qemu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3429/keycloak, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new binutils issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reserve DSA for spip
Sebastien Delafond ( at seb)
- [Git][security-tracker-team/security-tracker][master] dla: p7zip status update
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-3184 for bookworm
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new python-django issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage python-django for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim python-django.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Add reference for CVE-2026-28370/vitrage
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for exiv2 issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update the status of CVE-2026-3184 for bullseye
Santiago R.R. ( at santiago)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-25674/python-django via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process one more NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add three new biosig issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0540/node-dompurify
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for two qemu issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for freetype issue
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] gimp DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Claim python-cryptography
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Add note for python-cryptography
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-26007
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] claim gimp
Thorsten Alteholz ( at alteholz)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2023-28144/hotspot
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add TODO item for CVE-2026-29022
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-2376 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-27932/joserfc
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-27971/qwik
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Sync Linux CVEs with kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed trixie-pu update for arduino-core-avr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-69725 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track sylpheed as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for capstone via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add chromium to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3103/check-mk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-2588/augeas
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new cpp-httplib issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-27622/openexr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-27601/underscore
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-26279/froxlor, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for ckermit via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-40926 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2024-57854 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-40931/libapache-session-perl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3257 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3381 (Compress::Raw::Zlib)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-2219/dpkg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-2219/dpkg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-47229/pspp
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-12801/nfs-utils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference for problem around CVE-2025-12801
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 4 commits: Process some NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0847/nltk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add 2N CNA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2025-14104 as unimportant
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] civetweb fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Triage CVE-2026-25674 in python-django for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2026-2219 in dpkg for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for zabbix via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] linux n/a
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Process some CVEs associated with RustDesk products
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new keycloak issues, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some new Traefik issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-28353/trivy, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-26377/koha, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] chromium dsa
Andres Salomon ( at dilinger)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-26007: Postpone for bullseye
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Drop python-cryptography from dla-needed
Arnaud Rebillout ( at arnaudr)
- [Git][security-tracker-team/security-tracker][master] Update information on CVE-2025-12801/nfs-utils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Postpone CVE-2025-12801 (fix should first be exposed in unstable)
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new jetty issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new node-dompurify issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] auto-nfu: Add rule for OpenClaw
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new activemy issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new python issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-71074 via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] xen spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Claim asterisk in dla-needed.txt
Lukas Märdian ( at slyon)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-25638
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] python-cryptography spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] dpkg spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 7zip ospu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] busybox fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] node-bn.js fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] node-dompurify fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] node-js-yaml fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] thunderbird fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] underscore fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] rclone fixed in sid
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-25794
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-25637 is not CVE-2026-25638
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] libsndfile spu, fluidsynth spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] 2 commits: dla: p7zip status update
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3606/ettercap
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-25797
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-27137/golang-1.26
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-27138/golang-1.26
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-27142/golang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-25679/golang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-27139/golang
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Remove notes from rejected CVE
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some new issues for wekan, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-29074/node-svgo
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] dla-needed.txt: No more outstanding Django CVEs.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Mark CVE-2026-2297/python2.7 for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2025-12801 in nfs-utils for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Track proposed augeas update via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-29063/node-immutable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-29068/pjproject
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-29062/jackson-core
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-28804/pypdf
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-28802/python-authlib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-25965
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add two new coredns issues, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some new binutils issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-15602/snipe-it, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-28799/pjproject
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0848/nltk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new lxml-html-clean issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Two more CVEs covered by 7zip update for trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-69534/python
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update note style for CVE-2026-25794
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update introducing upstream tag for CVE-2026-25637
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-15599
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-2447/firefox-esr via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] bin/lts-bts: drop obsolete script
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-2219/dpkg
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-25966
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for golang-1.26 issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-23865/freetype via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-25967
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-25968
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-25969
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2025-69534 in python2.7 for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage python3.9 for bullseye LTS (CVE-2025-69534 & CVE-2026-2297)
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Triage CVE-2026-2659, CVE-2026-2661, CVE-2026-3388 & CVE-2026-3389 in squirrel3 for bullseye LTS.
Chris Lamb ( at lamby)
- [Git][security-tracker-team/security-tracker][master] Update commit reference for CVE-2026-25967
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for civetweb via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two lxml-html-clean issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-27622/openexr
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-27982/django-allauth
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for pypdf issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Reference commits for CVE-2025-12801
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-25982
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Process some new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-29786/node-tar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] CVE-2026-25989
Bastien Roucariès ( at rouca)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-30909/libcrypt-nacl-sodium-perl, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-30910 as NFU
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-29784/ghost, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-29778/pyload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-29076/cpp-httplib
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for golang-1.25 issues via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] cryfs in <= trixie embeds libcrypto++
Adrian Bunk ( at bunk)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for embeded code copy change/tracking for cryfs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3713/libpng1.6
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3706/dropbear
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for two node-tar issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new caddy issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] requests spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] curl spu
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for one node-dottie issue fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for nodejs for dsa-needed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-21619/{erlang-hex,rebar3}
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track proposed update for python-multipart via trixie-pu
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-57352/node-min-document via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add upstream tag for upstream fix for CVE-2025-63938
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2025-63938/tinyproxy via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-29063/node-immutable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new libsoup issues
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new zabbix issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Add upstream issue references for CVE-2026-363{2,3,4}/libsoup
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for vim issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] new xgrammar issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] new libssh issue
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-3731/libssh
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add reference to related issue for CVE-2026-3634
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] embedded-code-copies: reference lzma embedded in 7zip
Sylvain Beucler ( at beuc)
- [Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2025-12801/nfs-utils
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug references for cpp-httplib issues
Salvatore Bonaccorso ( at carnil)
- Processing 2be7afd40c7d7ee6f5392eb87fba24b86e9c1359 failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] NFU
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] golang-github-open-policy-agent-opa n/a
Moritz Muehlenhoff ( at jmm)
- Processing 73e2ae7eb5bfb068677f33fd608bb2e49bbbfcff failed
security tracker role
- [Git][security-tracker-team/security-tracker][master] Add reservation for imagemagick update
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-30838/php-league-commonmark
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-0846/nltk
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2025-70050/lesspass, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new freshrss issues, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new zookeeper issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new quickjs issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-31802/node-tar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixes for two ruby-rack issues fixed via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-27606/node-rollup via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-21620/erlang via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new set of gstreamer related CVEs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new batch of imagemagick issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add more imagemagick issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add some more imagemagick issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-26982/ghostty, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-25960/vllm, itp'ed
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Note that Utkarsh Gupta will prepare updates for ruby-rack
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2026-25934/golang-github-go-git-go-git
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add spip to dsa-needed list
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Fix typo in source package name for thunderbird
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] 2 commits: Track ntopng as removed from unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Update status for CVE-2026-31802/node-tar
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track upstream commit for CVE-2026-3606/ettercap
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2026-3606/ettercap
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add new firefox issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Process new NFUs
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] imagemagick DSA
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] fix typo
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] imagemagick triage
Moritz Muehlenhoff ( at jmm)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for various imagemagick issues fixed via unstable
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Track fixed version for firefox issues from mfsa2026-19 via unstable upload
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add two new glances issues
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-1965/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3783/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3784/curl
Salvatore Bonaccorso ( at carnil)
- [Git][security-tracker-team/security-tracker][master] Add CVE-2026-3805/curl
Salvatore Bonaccorso ( at carnil)
Last message date:
Wed Mar 11 09:08:15 GMT 2026
Archived on: Wed Mar 11 09:08:19 GMT 2026
This archive was generated by
Pipermail 0.09 (Mailman edition).