[Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 96377d1d by Abhijith PA at 2024-05-23T20:52:26+05:30 update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -139,6 +139,7 @@ jenkins-htmlunit-core-js less (guilhem) NOTE: 20240418: Added by Front-Desk (apo) NOTE: 20240506: Pushed CVE-2022-48624 fix to git repo. (abhijith) + NOTE: 20240523: https://salsa.debian.org/debian/less/-/tree/buster-LTS-fix (abhijith) -- libmojolicious-perl NOTE: 20240421: Added by Front-Desk (apo) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96377d1d42032adde08a56fa99d3609c04450797 -- This project does not include diff previews in email notifications. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96377d1d42032adde08a56fa99d3609c04450797 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: dad7e5e1 by Abhijith PA at 2024-05-06T14:54:03+05:30 update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -115,6 +115,7 @@ jenkins-htmlunit-core-js -- less (Abhijith PA) NOTE: 20240418: Added by Front-Desk (apo) + NOTE: 20240506: Pushed CVE-2022-48624 fix to git repo. (abhijith) -- libmojolicious-perl NOTE: 20240421: Added by Front-Desk (apo) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dad7e5e19b57436f369db05072ce3e81f4ede2ad -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dad7e5e19b57436f369db05072ce3e81f4ede2ad You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 9985e4a3 by Abhijith PA at 2024-01-22T21:48:30+05:30 update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -304,6 +304,7 @@ varnish (Abhijith PA) NOTE: 20231204: Working on pre commits for CVE-2023-44487, https://github.com/varnishcache/varnish-cache/pull/4004 NOTE: 20231219: Continuing work NOTE: 20240108: Backported security fixes and related commits. Fixing test failures. (abhijith) + NOTE: 20240122: Still fixing tests (abhijith) -- wireshark (Adrian Bunk) NOTE: 20231118: Added by Front-Desk (apo) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9985e4a394f1880f3ea8a43a70a44aad14d83a81 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9985e4a394f1880f3ea8a43a70a44aad14d83a81 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 01ff9158 by Abhijith PA at 2024-01-08T11:22:32+05:30 update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -260,6 +260,7 @@ varnish (Abhijith PA) NOTE: 20231117: Added by Front-Desk (apo) NOTE: 20231204: Working on pre commits for CVE-2023-44487, https://github.com/varnishcache/varnish-cache/pull/4004 NOTE: 20231219: Continuing work + NOTE: 20240108: Backported security fixes and related commits. Fixing test failures. (abhijith) -- wireshark (Adrian Bunk) NOTE: 20231118: Added by Front-Desk (apo) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01ff9158a6031cd686507404be25c72624915d8a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01ff9158a6031cd686507404be25c72624915d8a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 03aabd00 by Abhijith PA at 2023-12-04T13:46:58+05:30 update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -228,6 +228,7 @@ tor -- varnish (Abhijith PA) NOTE: 20231117: Added by Front-Desk (apo) + NOTE: 20231204: Working on pre commits for CVE-2023-44487, https://github.com/varnishcache/varnish-cache/pull/4004 -- wireshark (Adrian Bunk) NOTE: 20231118: Added by Front-Desk (apo) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03aabd00b595a715073f4406bd4c5f0b1a7bac9a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03aabd00b595a715073f4406bd4c5f0b1a7bac9a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 8963bb09 by Abhijith PA at 2022-09-15T13:37:02+05:30 update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -131,6 +131,8 @@ rails (Abhijith PA) NOTE: 20220909: Two issues https://lists.debian.org/debian-lts/2022/09/msg00014.html (abhijith) NOTE: 20220909: https://lists.debian.org/debian-lts/2022/09/msg4.html (abhijith) NOTE: 20220909: upstream report https://github.com/rails/rails/issues/45590 (abhijith) + NOTE: 20220915: 2:5.2.2.1+dfsg-1+deb10u5 uploaded without the regression causing patch (abhijith) + NOTE: 20220915: Utkarsh prepared a patch and is on testing (abhijith) -- rainloop NOTE: 20220913: Programming language: PHP, JavaScript. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8963bb09975d92b0e0b088f15e7206b7c89539da -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8963bb09975d92b0e0b088f15e7206b7c89539da You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 86dba41b by Abhijith PA at 2022-03-14T09:48:35+05:30 update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -19,6 +19,7 @@ ansible NOTE: 20210426: https://people.debian.org/~apo/lts/ansible/ -- asterisk (Abhijith PA) + NOTE: 20220314: Looking on back log no-dsa (abhijith) -- cacti (Sylvain Beucler) -- @@ -61,12 +62,14 @@ pjproject (Abhijith PA) NOTE: 20211230: patch available for the no-dsa issue, check its NOTE (pochu) NOTE: 20220215: Asterisk and ring have embedded copy of pjproject (abhijith) NOTE: 20220302: uploading asterisk, ring and pjproject in one go (abhijith) + NOTE: 20220314: https://people.debian.org/~abhijith/upload/vda/pjproject_2.5.5~dfsg-6+deb9u3.dsc -- python-scrapy -- python-treq -- ring (Abhijith PA) + NOTE: 20220314: https://people.debian.org/~abhijith/upload/vda/ring_20161221.2.7bd7d91~dfsg1-1+deb9u2.dsc -- samba NOTE: 20211128: WIP https://salsa.debian.org/lts-team/packages/samba/ View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86dba41b94ee612f0c51dfb64af7065a0b5e3321 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86dba41b94ee612f0c51dfb64af7065a0b5e3321 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 57541cbd by Abhijith PA at 2022-01-17T22:26:31+05:30 update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -80,6 +80,7 @@ libgit2 (Utkarsh) libraw (Abhijith PA) NOTE: 20211227: 7 CVEs that were fixed for jessie in DLA-1734-1 are unfixed NOTE: 20211227: in stretch, plenty other unfixed CVEs (bunk) + NOTE: 20220117: Fixed CVEs other than DLA-1734-1 (abhijith) -- lighttpd (Anton) NOTE: 20220111: a DSA is planned (Beuc) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57541cbdd9d687cec67b97ce3d44f880bc850ced -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57541cbdd9d687cec67b97ce3d44f880bc850ced You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: e99c9a9a by Abhijith PA at 2021-07-20T09:33:23+05:30 Update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -110,6 +110,8 @@ ruby-kaminari -- runc (Abhijith PA) NOTE: 20210612: Not sure if applies to this version. (lamby) + NOTE: 20210721: Requires more investigation. Even Ubuntu ESM, LTS uploaded fixed upstream version. + -- salt NOTE: 20210329: WIP (utkarsh) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e99c9a9a03313971b3dc820d281eb77f794aef13 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e99c9a9a03313971b3dc820d281eb77f794aef13 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 6c09a1cc by Abhijith PA at 2020-11-20T11:10:23+05:30 update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -71,6 +71,7 @@ intel-microcode (Utkarsh) NOTE: 20201117: each round of updates had caused regressions. Thanks Moritz! (utkarsh) -- jupyter-notebook + NOTE: 20201120: Defer upload for a week or so. Last DLA release was less than a month (abhijith) -- lemonldap-ng (Utkarsh) NOTE: 20200910: Released a DLA for CVE-2020-24660 a few days ago, so could defer. (lamby) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c09a1ccd1bb79418697201522dde70cf3e2c993 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6c09a1ccd1bb79418697201522dde70cf3e2c993 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: be35f774 by Abhijith PA at 2020-09-07T10:27:46+05:30 update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -25,6 +25,7 @@ ark (Abhijith PA) NOTE: 20200731: given PoC not working as intended. (abhijith) NOTE: 20200801: though testing with other PoC's available over internet seems exploitable (abhijith) NOTE: 20200820: pinged upstream for help (abhijith) + NOTE: 20200907: patch https://people.debian.org/~abhijith/upload/backport_to_1608.patch crashes (abhijith) -- cacti NOTE: 20200529: A patch need to be cooked up. Upstream patch not fit for jessie version (abhijith) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be35f774f7fd1d9599eb4dfa95cb7e4c9a79bc15 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be35f774f7fd1d9599eb4dfa95cb7e4c9a79bc15 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: b8b44b56 by Abhijith PA at 2020-07-31T20:40:52+05:30 Update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -22,6 +22,7 @@ ansible NOTE: 20200508: bam: See https://github.com/ansible/ansible/issues/67794 -- ark (Abhijith PA) + NOTE: 20200731: given PoC not working as intended. (abhijith) -- cacti NOTE: 20200529: A patch need to be cooked up. Upstream patch not fit for jessie version (abhijith) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8b44b56cdb0e8dff5b3fc9226350fd5dfb6c523 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8b44b56cdb0e8dff5b3fc9226350fd5dfb6c523 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: a73970c8 by Abhijith PA at 2020-04-20T10:19:32+05:30 update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -46,6 +46,7 @@ linux-4.9 (Ben Hutchings) mumble (Abhijith PA) NOTE: 20200325: Regression in last upload, forgot to follow up. NOTE: 20200325: https://github.com/mumble-voip/mumble/issues/3605 (abhijith) + NOTE: 20200420: Upstream patch is incomplete. Version in stretch is also vulnerable (abhijith) -- nginx (Mike Gabriel) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a73970c8c4782a24e69f345838ac78d5eca4c8fa -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a73970c8c4782a24e69f345838ac78d5eca4c8fa You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Update note in dla-needed.txt
Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: da91d339 by Abhijith PA at 2020-04-12T10:32:51+05:30 Update note in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -57,6 +57,7 @@ opendmarc (Thorsten Alteholz) NOTE: 20200406: still testing package, original patch does not seem to be enough, still ongoing -- otrs2 (Abhijith PA) + NOTE: 20200412: Asked upstream for clarity in CVE-2020-1769 patch (abhijith) -- php5 (Thorsten Alteholz) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/da91d339f2e8c2efac3bdb897c40cfa1380d76d7 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/da91d339f2e8c2efac3bdb897c40cfa1380d76d7 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
