Messages by Thread
-
-
[Git][security-tracker-team/security-tracker][master] Adjust not-affected note for CVE-2023-5679
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Pinpoint upstream version for CVE-2024-1597 commits
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] imagemagick DSA
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] lts: add thunderbird
Emilio Pozuelo Monfort (@pochu)
-
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort (@pochu)
-
[Git][security-tracker-team/security-tracker][master] Mark CVE-2023-5679/bind9/buster as not affected
Santiago R.R. (@santiago)
-
[Git][security-tracker-team/security-tracker][master] CVE-2023-39360/cacti: precise note again
Sylvain Beucler (@beuc)
-
[Git][security-tracker-team/security-tracker][master] CVE-2023-49088,CVE-2023-50250/cacti: another follow-up commit
Sylvain Beucler (@beuc)
-
[Git][security-tracker-team/security-tracker][master] CVE-2023-49088/cacti: reference additional patches
Sylvain Beucler (@beuc)
-
[Git][security-tracker-team/security-tracker][master] nodejs commit references
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] new libpgjava issue
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2023-52437
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Partial revert of "CVE-2023-43907/OptiPNG fixed in 0.7.8+ds-1"
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] CVE-2023-43907/OptiPNG fixed in 0.7.8+ds-1
@rouca
-
[Git][security-tracker-team/security-tracker][master] Reserve DLA-3738-1 for iwd
Chris Lamb (@lamby)
-
[Git][security-tracker-team/security-tracker][master] CVE-2023-39360/cacti: precise note
Sylvain Beucler (@beuc)
-
[Git][security-tracker-team/security-tracker][master] sqlfluff fixed in sid
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] CVE-2023-39978/imagemagick only mentioned on changelog not fixed
@rouca
-
[Git][security-tracker-team/security-tracker][master] Keep imagemagick dla entry
@rouca
-
[Git][security-tracker-team/security-tracker][master] Reserve DLA-3737-1 for imagemagick
@rouca
-
[Git][security-tracker-team/security-tracker][master] buster CVE-2023-3745/imagemagick
@rouca
-
[Git][security-tracker-team/security-tracker][master] Track fixed version for chromium issues via unstable
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-26147/helm-kubernetes, itp'ed
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Remove todo item from CVE-2024-25262
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-25117/php-dompdf-svg-lib
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add note about openvswitch
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-25262/texlive-bin
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Mark CVE-2023-4380 after confirmation from Red Hat
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-26130/python-cryptography
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Track fixed version for thunderbird issues from mfsa2024-07
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-26134/cbor2
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Update information for CVE-2024-2632{7,8}/qemu
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add Debian bug references for libcommons-compress-java issues
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2024-24475 (rejected)
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] CVE-2023-39361/cacti: reference complementary fix
Sylvain Beucler (@beuc)
-
[Git][security-tracker-team/security-tracker][master] CVE-2023-39361/cacti: reference introductory commit
Sylvain Beucler (@beuc)
-
[Git][security-tracker-team/security-tracker][master] new gitlab issues
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] CVE-2023-39360/cacti: wrong patch, bookworm still vulnerable
Sylvain Beucler (@beuc)
-
[Git][security-tracker-team/security-tracker][master] firefox-esr DSA
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-2658{2..5}/linux
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] CVE-2023-39359/cacti: buster actually not-affected
Sylvain Beucler (@beuc)
-
[Git][security-tracker-team/security-tracker][master] CVE-2022-1114
@rouca
-
[Git][security-tracker-team/security-tracker][master] Reserve DLA-3736-1 for unbound
Markus Koschany (@apo)
-
[Git][security-tracker-team/security-tracker][master] CVE-2023-3428: mark buster not affected
@rouca
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-23830/mantis
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] 2 commits: Update optee-os CVEs
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker] Deleted branch wip/daissi/optee-os
@daissi
-
[Git][security-tracker-team/security-tracker][wip/daissi/optee-os] Update optee-os CVEs
@daissi
-
[Git][security-tracker-team/security-tracker] Pushed new branch wip/daissi/optee-os
@daissi
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-5244{0,1,2}/linux
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add new chromium issues
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-22234/libspring-security-2.0-java
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-1481/freeipa
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Track fixed version via unstable for CVE-2023-5388/nss
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Track fix for CVE-2024-25189/libjwt which moved to unstable
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox issues from mfsa2024-05
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr issues from mfsa2024-06
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add new thunderbird issues from mfsa2024-07
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add new firefox-esr issues from mfsa2024-06
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add new firefox issues from mfsa2024-05
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2024-25260/elfutils
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] CVE-2023-1906 does not affect buster
@rouca
-
[Git][security-tracker-team/security-tracker][master] Add references for biosig CVEs to upstream commits
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add eight new biosig CVEs
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-2447{4,5}/qemu
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-26134/cbor2
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-52437/linux
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-52436/linux
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2024-1580/dav1d
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Process two CVEs in cilium
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-52439/linux
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-52438/linux
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-52435/linux
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-52434/linux
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-26581/linux
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-52433/linux
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Indent two notes with tabs
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] 6 commits: CVE-2023-49085/cacti: reference patch
Sylvain Beucler (@beuc)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-1635/undertow
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Claim bind9 in dla-needed.txt
Santiago R.R. (@santiago)
-
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-24758/node-undici
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-1580/dav1d
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add additional reference for CVE-2023-45918
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-45918/ncurses
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-1580/dav1d
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-25623/mastodon
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Process some new moodle issues
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] CVE-2023-5388/nss Add upstream patch reference.
Tobias Frost (@tobi)
-
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2022-48624/less
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-26308
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] libuv1 fixed in sid
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] new libcommons-compress-java issues
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim iwd.
Chris Lamb (@lamby)
-
[Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DLA-3735-1 for runc
Daniel Leidert (@dleidert)
-
[Git][security-tracker-team/security-tracker][master] Add missing reservation for DLA-3735-1
Emilio Pozuelo Monfort (@pochu)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2020-36774/glade
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2022-48624/less
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add two new qemu issues
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Claim composer
Sebastien Delafond (@seb)
-
[Git][security-tracker-team/security-tracker][master] Add two new CVEs for node-undici
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add reference for CVE-2024-1454/opensc
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Track fixed version for opensc issues via unstable
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for firmware-nonfree issues
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] nodejs fixed in sid
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] 5 commits: Triage CVE-2022-48623 in libcpanel-json-xs-perl for buster LTS.
Chris Lamb (@lamby)
-
[Git][security-tracker-team/security-tracker][master] Triage CVE-2024-24826 & CVE-2024-25112 in exiv2 for buster LTS.
Chris Lamb (@lamby)
-
[Git][security-tracker-team/security-tracker][master] Triage CVE-2024-25715 in glewlwyd for buster LTS.
Chris Lamb (@lamby)
-
[Git][security-tracker-team/security-tracker][master] 8 commits: data/dla-needed.txt: Triage iwd for buster LTS (CVE-2023-52161)
Chris Lamb (@lamby)
-
[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Triage nodejs for buster LTS (CVE-2023-46809, CVE-2024-21892 & CVE-2024-22019)
Chris Lamb (@lamby)
-
[Git][security-tracker-team/security-tracker][master] libjwt fixed in experimental
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] qtbase-opensource-src fixed in sid
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] pdns-recursor DSA
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] Take composer
@rouca
-
[Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2024-1151
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-23833/openrefine
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-5992/opensc
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Remove all notes from CVE-2022-40433
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-24814
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add a note on sendmail/dla
@rouca
-
[Git][security-tracker-team/security-tracker][master] mark dnspython/CVE-2023-29483 as ignored for oldstable/stable
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] Add note on upstream fix recommendations for CVE-2023-29483
Scott Kitterman (@kitterman)
-
[Git][security-tracker-team/security-tracker][master] Reserve DLA-3734-1 for openvswitch
Tobias Frost (@tobi)
-
[Git][security-tracker-team/security-tracker][master] Add iwd to dsa-needed list
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Reference full commit hash for CVE-2023-52160
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Update information for CVE-2023-52161/iwd
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Reference upstream issue for CVE-2024-25110
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Rectify tracking for CVE-2024-21646 and associate it with azure-uamqp-python
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] 2 commits: Replace commit for CVE-2023-29483 in v2.6.0 tag
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] 2 commits: Add blog reference for CVE-2024-25617/squid
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add dnspython fixed version for CVE-2023-29483
Scott Kitterman (@kitterman)
-
[Git][security-tracker-team/security-tracker][master] Drop explicit not-affected override which was caused by previous fallout
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-20576 as NFU
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Revert tracking for CVE-2023-6516/bind9 in unstable
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Remove notes for CVE-2023-42915
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Integrate updates for CVE-2024-25580
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2022-48623/libcpanel-json-xs-perl
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-45860/hazelcast, itp'ed
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Update information for CVE-2024-25580/qt6-base
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] update exiv2 status / bugnums
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] engrampa DSA
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] additional reference for CVE-2023-29483, thanks to ScottK
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] new wifi issues
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] new Qt issue
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] new plasma-workspace issue
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] exiv2 fixed in experimental
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] new azure-uamqp-python issue
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] bind9 n/a
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] lxd n/a (and also track incus)
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2023-29483/dnspython
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add two CVEs for ipmctl from INTEL-SA-00948
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-25620/helm-kubernetes
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-29483/dnspython
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] new nodejs issues
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] 2 commits: bookworm/bullseye triage
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] rust-h2 fixed in sid
Moritz Muehlenhoff (@jmm)
-
[Git][security-tracker-team/security-tracker][master] Track proposed glewlwyd update via bookworm-pu
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Mark CVE-2024-25715 as no-dsa for bookworm and bullseye
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Track fixes via experimental for CVE-2024-25062/libxml2
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Track CVE-2023-51765 with version entering unstable first
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add two new issues in mastodon, itp'ed
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2024-1488/unbound
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Mark CVE-2023-20577 as NFU
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Track fixed version for bind9 via unstable
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add new set of firmware-nonfree CVEs
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Add CVE-2023-5122/grafana
Salvatore Bonaccorso (@carnil)
-
[Git][security-tracker-team/security-tracker][master] Claim unbound in dla-needed.txt
Markus Koschany (@apo)