[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Add note to freerdp

/dla-needed.txt = @@ -45,6 +45,7 @@ drupal7 -- freerdp (Mike Gabriel) NOTE: 20200510: Vulnerable to at least CVE-2020-11042. (lamby) + NOTE: 20200531: Discussing if EOL'ing of freerdp (1.1) makes sense (sunweaver) -- graphicsmagick (Roberto C. Sánchez

[Git][security-tracker-team/security-tracker][master] Reserve DLA-2231-1 for sane-backends

] - php-horde 5.2.1+debian0-2+deb8u6 = data/dla-needed.txt = @@ -99,8 +99,6 @@ python-httplib2 (Abhijith PA) qemu (Adrian Bunk) NOTE: 20200531: waiting for CVE-2020-13362 fix to be applied upstream (bunk) -- -sane

[Git][security-tracker-team/security-tracker][master] data/CVE/list: Mark freerdp2/CVE-2020-110{17, 18} as no-dsa issues as discussed with Salvatore.

Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker Commits: 31dd7f32 by Mike Gabriel at 2020-05-31T22:57:02+02:00 data/CVE/list: Mark freerdp2/CVE-2020-110{17,18} as no-dsa issues as discussed with Salvatore. - - - - - 1 changed file: - data/CVE/list

[Git][security-tracker-team/security-tracker][master] dla: update and give back condor

: 20200531: Patches are linked from https://security-tracker.debian.org/tracker/CVE-2019-18823 (bunk) -- cups (Anton Gladky) NOTE: 20200514: Two open issues. Added on request from Anton Gladky. (sunweaver) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker

[Git][security-tracker-team/security-tracker][master] 2 commits: data/CVE/list: Drop [postponed] tag from CVE-2020-8035/php-horde.

Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker Commits: 06aa7cd4 by Mike Gabriel at 2020-05-31T22:39:28+02:00 data/CVE/list: Drop [postponed] tag from CVE-2020-8035/php-horde. - - - - - 0665037a by Mike Gabriel at 2020-05-31T22:39:28+02:00 Reserve

[Git][security-tracker-team/security-tracker][master] dla-needed.txt: Final version for Stretch and Jessie this week but will ask for

work on squid3 in Stretch which will be used for Jessie - NOTE: 20200518: and Stretch. + NOTE: 20200531: Ongoing work on squid3 in Stretch which will be used for Jessie + NOTE: 20200531: and Stretch. -- sympa (Utkarsh Gupta) NOTE: 20200525: Incomplete patch. Not the complete patch is made

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: bb78c34b by security tracker role at 2020-05-31T20:10:22+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] LTS: claim graphicsmagick in dla-needed.txt

Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker Commits: 4635f418 by Roberto C. Sánchez at 2020-05-31T15:48:56-04:00 LTS: claim graphicsmagick in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes:

[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2020-861{6,7}/bind9

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 81b8054e by Salvatore Bonaccorso at 2020-05-31T21:30:24+02:00 Add Debian bug reference for CVE-2020-861{6,7}/bind9 - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] sane-backends: The epsonds backend is not in jessie

Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker Commits: 782fe9e6 by Adrian Bunk at 2020-05-31T22:24:43+03:00 sane-backends: The epsonds backend is not in jessie - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] 3 commits: Mark ssvnc issues as no-dsa

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b3093774 by Salvatore Bonaccorso at 2020-05-31T21:18:52+02:00 Mark ssvnc issues as no-dsa - - - - - 6b4161ff by Salvatore Bonaccorso at 2020-05-31T21:18:52+02:00 Track proposed fixes for ssnvc

[Git][security-tracker-team/security-tracker][master] dla-needed: update notes

-- opendmarc (Thorsten Alteholz) NOTE: 20200511: new CVEs arrived (thorsten) @@ -97,7 +96,7 @@ php5 (Thorsten Alteholz) python-httplib2 (Abhijith PA) -- qemu (Adrian Bunk) - NOTE: 20200525: work is ongoing (bunk) + NOTE: 20200531: waiting for CVE-2020-13362 fix to be applied upstream (bunk) -- sane

[Git][security-tracker-team/security-tracker][master] Track proposed update for php-horde-gollem via {buster,stretch}-pu

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: bdfe937e by Salvatore Bonaccorso at 2020-05-31T20:39:30+02:00 Track proposed update for php-horde-gollem via {buster,stretch}-pu - - - - - 2 changed files: -

[Git][security-tracker-team/security-tracker][master] Several nethack issues fixed via unstable upload

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d6f936b2 by Salvatore Bonaccorso at 2020-05-31T20:34:23+02:00 Several nethack issues fixed via unstable upload - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Mark CVE-2020-11082 for jessie

Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 2b1a8128 by Abhijith PA at 2020-05-31T22:43:15+05:30 Mark CVE-2020-11082 no-dsa for jessie - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] gollem fixed in sid

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 0e0c201d by Moritz Muehlenhoff at 2020-05-31T18:55:29+02:00 gollem fixed in sid - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Reserve DLA-2228-2 for json-c

Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker Commits: 5b86eaa2 by Mike Gabriel at 2020-05-31T17:50:21+02:00 Reserve DLA-2228-2 for json-c - - - - - 1 changed file: - data/DLA/list Changes: = data/DLA/list

[Git][security-tracker-team/security-tracker][master] Reserve DLA-2229-1 for php-horde-gollem

Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker Commits: 56f611d5 by Mike Gabriel at 2020-05-31T16:48:56+02:00 Reserve DLA-2229-1 for php-horde-gollem - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes:

[Git][security-tracker-team/security-tracker][master] Mark CVE-2020-8034/php-horde-gollem as no-dsa

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 2c3da84c by Salvatore Bonaccorso at 2020-05-31T16:25:55+02:00 Mark CVE-2020-8034/php-horde-gollem as no-dsa - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Add notes for packages

) + NOTE: 20200531: Asking upstream for CVE assignment. (utkarsh) -- bluez (Roberto C. Sánchez) NOTE: 20200521: Uploaded backport (version 5.43-2+deb8u1), which now must go through NEW (roberto) @@ -77,6 +77,7 @@ mumble NOTE: 20200504: discussion going on with t...@security.debian.org

[Git][security-tracker-team/security-tracker][master] Reserve DLA-2228-1 for json-c

Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker Commits: 021ecaae by Mike Gabriel at 2020-05-31T15:46:49+02:00 Reserve DLA-2228-1 for json-c - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes:

[Git][security-tracker-team/security-tracker][master] DLA: update notes for xcftools

Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker Commits: 520dfbbc by Anton Gladky at 2020-05-31T15:16:37+02:00 DLA: update notes for xcftools - - - - - 1 changed file: - data/dla-needed.txt Changes: =

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 2980c3ec by security tracker role at 2020-05-31T08:10:21+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] CVE-2020-1746/ansible fixed in unstable via 2.9.7 upload

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f843c0da by Salvatore Bonaccorso at 2020-05-31T09:47:58+02:00 CVE-2020-1746/ansible fixed in unstable via 2.9.7 upload - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-1735/ansible

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b472fe52 by Salvatore Bonaccorso at 2020-05-31T09:45:15+02:00 Update information on CVE-2020-1735/ansible - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] CVE-2020-10685/ansible fixed with 2.9.7+dfsg-1 upload

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f080f084 by Salvatore Bonaccorso at 2020-05-31T09:38:29+02:00 CVE-2020-10685/ansible fixed with 2.9.7+dfsg-1 upload - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] CVE-2020-10684/ansible fixed in 2.9.7

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 9f17ef48 by Salvatore Bonaccorso at 2020-05-31T09:36:24+02:00 CVE-2020-10684/ansible fixed in 2.9.7 - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-12399/nss via unstable

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 61a19e0c by Salvatore Bonaccorso at 2020-05-31T09:04:50+02:00 Add fixed version for CVE-2020-12399/nss via unstable - - - - - 1 changed file: - data/CVE/list Changes: