[Git][security-tracker-team/security-tracker][master] Reclaim netty and ghostscript.

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 65d93243 by Markus Koschany at 2024-05-27T19:22:27+02:00 Reclaim netty and ghostscript. This is almost done, I am currently testing the update. - - - - - 1 changed file: - data/dla-needed.txt

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3814-1 for glib2.0

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 641c79be by Markus Koschany at 2024-05-13T23:24:01+02:00 Reserve DLA-3814-1 for glib2.0 - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] CVE-2024-29025,netty: fixed in unstable

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 79525999 by Markus Koschany at 2024-05-12T22:19:04+02:00 CVE-2024-29025,netty: fixed in unstable - - - - - 1 changed file: - data/CVE/list Changes: = data

[Git][security-tracker-team/security-tracker][master] Readd netty to dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 6dc09ead by Markus Koschany at 2024-05-11T22:00:25+02:00 Readd netty to dla-needed.txt Sorry, but I was already preparing an update but I forgot to claim it. - - - - - 1 changed file: - data

[Git][security-tracker-team/security-tracker][master] Claim ghostscript and glib2.0 in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 4f06bcdc by Markus Koschany at 2024-05-10T23:50:25+02:00 Claim ghostscript and glib2.0 in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3812-1 for libpgjava

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 113359e0 by Markus Koschany at 2024-05-09T23:34:03+02:00 Reserve DLA-3812-1 for libpgjava - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] CVE-2023-38000,wordpress: restore bullseye entry

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 6c54a2aa by Markus Koschany at 2024-05-08T23:37:20+02:00 CVE-2023-38000,wordpress: restore bullseye entry - - - - - 1 changed file: - data/CVE/list Changes

[Git][security-tracker-team/security-tracker][master] 2 commits: Remove wordpress from dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: a2c03299 by Markus Koschany at 2024-05-08T23:35:36+02:00 Remove wordpress from dla-needed.txt - - - - - d2c09af4 by Markus Koschany at 2024-05-08T23:35:38+02:00 Reserve DSA-5685-1 for wordpress

[Git][security-tracker-team/security-tracker][master] Reclaim wordpress and libpgjava in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: a2853bcd by Markus Koschany at 2024-05-07T22:51:23+02:00 Reclaim wordpress and libpgjava in dla-needed.txt Already done. Will be released tomorrow. - - - - - 1 changed file: - data/dla

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3795-1 for knot-resolver

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: d58a1355 by Markus Koschany at 2024-04-26T07:35:06+02:00 Reserve DLA-3795-1 for knot-resolver - - - - - 3 changed files: - data/CVE/list - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] 9 commits: CVE-2024-31497,filezilla: buster is no-dsa

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 74696943 by Markus Koschany at 2024-04-21T23:11:59+02:00 CVE-2024-31497,filezilla: buster is no-dsa Minor issue. - - - - - 8bc9a7e7 by Markus Koschany at 2024-04-21T23:11:59+02:00 Add nghttp2

[Git][security-tracker-team/security-tracker][master] CVE-2024-3296,rust-openssl: buster is no-dsa

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 27ca1e5a by Markus Koschany at 2024-04-21T00:22:59+02:00 CVE-2024-3296,rust-openssl: buster is no-dsa Minor issue - - - - - 1 changed file: - data/CVE/list Changes

[Git][security-tracker-team/security-tracker][master] Add trafficserver to dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: ea6baf28 by Markus Koschany at 2024-04-21T00:16:18+02:00 Add trafficserver to dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] 5 commits: Triage ffmpeg CVE as postponed for Buster.

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 910f13ec by Markus Koschany at 2024-04-21T00:04:52+02:00 Triage ffmpeg CVE as postponed for Buster. We can wait until upstream fixes these issues in earlier releases. - - - - - dbf30577 by Markus

[Git][security-tracker-team/security-tracker][master] Add pymongo to dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 7d5031c8 by Markus Koschany at 2024-04-20T23:17:09+02:00 Add pymongo to dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla

[Git][security-tracker-team/security-tracker][master] Add netty to dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 03a1e375 by Markus Koschany at 2024-04-19T22:59:13+02:00 Add netty to dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla

[Git][security-tracker-team/security-tracker][master] Reserve DSA-5667-1 for tomcat9

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 434bed8e by Markus Koschany at 2024-04-19T21:28:22+02:00 Reserve DSA-5667-1 for tomcat9 - - - - - 2 changed files: - data/CVE/list - data/DSA/list Changes

[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2024-2511,openssl: buster is postponed

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: c90b39d0 by Markus Koschany at 2024-04-18T22:55:40+02:00 CVE-2024-2511,openssl: buster is postponed because this is a minor issue and prevented in default configurations. - - - - - af013b74

[Git][security-tracker-team/security-tracker][master] Add apache2 to dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 360c6b52 by Markus Koschany at 2024-04-18T00:12:16+02:00 Add apache2 to dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla

[Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DSA-5664-1 for jetty9

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 4ffea03a by Markus Koschany at 2024-04-17T23:19:47+02:00 Reserve DSA-5664-1 for jetty9 - - - - - 92f7273d by Markus Koschany at 2024-04-17T23:21:17+02:00 Reserve DSA-5665-1 for tomcat10

[Git][security-tracker-team/security-tracker][master] Mark open CVE for lucene-solr as EOL for buster

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 0c329976 by Markus Koschany at 2024-04-07T21:55:09+02:00 Mark open CVE for lucene-solr as EOL for buster - - - - - 1 changed file: - data/CVE/list Changes

[Git][security-tracker-team/security-tracker][master] Remove lucene-solr from dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: ca0d31eb by Markus Koschany at 2024-04-07T21:39:19+02:00 Remove lucene-solr from dla-needed.txt As discussed with Daniel Leidert via private email, I believe that we should EOL lucene-solr

[Git][security-tracker-team/security-tracker][master] Claim libpgjava in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: a83b404c by Markus Koschany at 2024-04-07T11:46:24+02:00 Claim libpgjava in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3780-1 for jetty9

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 138dfde5 by Markus Koschany at 2024-04-06T23:02:56+02:00 Reserve DLA-3780-1 for jetty9 - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] CVE-2024-23833,openrefine: fixed in unstable

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 892d791c by Markus Koschany at 2024-04-06T21:57:41+02:00 CVE-2024-23833,openrefine: fixed in unstable - - - - - 1 changed file: - data/CVE/list Changes

[Git][security-tracker-team/security-tracker][master] CVE-2024-24549,CVE-2024-23672,tomcat10: fixed in unstable

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 0971733c by Markus Koschany at 2024-04-06T14:03:33+02:00 CVE-2024-24549,CVE-2024-23672,tomcat10: fixed in unstable - - - - - 1 changed file: - data/CVE/list Changes

[Git][security-tracker-team/security-tracker][master] CVE-2024-22201,jetty9: fixed in unstable

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 4b2283ac by Markus Koschany at 2024-04-06T13:17:28+02:00 CVE-2024-22201,jetty9: fixed in unstable - - - - - 1 changed file: - data/CVE/list Changes: = data

[Git][security-tracker-team/security-tracker][master] 3 commits: Claim knot-resolver and wordpress in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 1c336754 by Markus Koschany at 2024-04-06T07:39:03+02:00 Claim knot-resolver and wordpress in dla-needed.txt - - - - - c9dfd707 by Markus Koschany at 2024-04-06T07:39:56+02:00 Claim jetty9 in dsa

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3779-1 for tomcat9

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 80daa719 by Markus Koschany at 2024-04-06T07:15:20+02:00 Reserve DLA-3779-1 for tomcat9 - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] Reclaim jetty9 and tomcat9 in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: ca80d547 by Markus Koschany at 2024-03-19T21:23:46+01:00 Reclaim jetty9 and tomcat9 in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2024-25710,libcommons-compress-java: buster is no-dsa

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: cb11667d by Markus Koschany at 2024-03-19T21:22:18+01:00 CVE-2024-25710,libcommons-compress-java: buster is no-dsa Minor issue - - - - - 961b664a by Markus Koschany at 2024-03-19T21:22:58+01:00

[Git][security-tracker-team/security-tracker][master] CVE-2024-25710,libcommons-compress-java: Link to upstream ticket

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 3e90c111 by Markus Koschany at 2024-03-19T20:54:01+01:00 CVE-2024-25710,libcommons-compress-java: Link to upstream ticket Apparently this problem was discovered during some fuzzing and was just one

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3756-1 for wordpress

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 2c79e5d0 by Markus Koschany at 2024-03-10T18:21:29+01:00 Reserve DLA-3756-1 for wordpress - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] 4 commits: Reserve DSA-5637-1 for squid

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: e1e12e3f by Markus Koschany at 2024-03-08T15:01:03+01:00 Reserve DSA-5637-1 for squid - - - - - 824c2821 by Markus Koschany at 2024-03-08T15:02:06+01:00 CVE-2023-46848,bookworm: mark as fixed

[Git][security-tracker-team/security-tracker][master] CVE-2019-18860,squid: bookworm is not affected

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: c1677e09 by Markus Koschany at 2024-03-05T23:23:09+01:00 CVE-2019-18860,squid: bookworm is not affected This issue was adressed in version 4.9, introduced to Debian unstable on 10 Nov 2019. https

[Git][security-tracker-team/security-tracker][master] 24 commits: CVE-2024-22201,jetty9: link to fixing commits for 9.x branch

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 7cadf7f5 by Markus Koschany at 2024-03-04T13:06:38+01:00 CVE-2024-22201,jetty9: link to fixing commits for 9.x branch - - - - - 488675e6 by Markus Koschany at 2024-03-04T13:06:38+01:00 Add jetty9

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3736-1 for unbound

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 2a57f0d7 by Markus Koschany at 2024-02-21T13:11:48+01:00 Reserve DLA-3736-1 for unbound - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] Claim unbound in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: d8f690d8 by Markus Koschany at 2024-02-14T22:13:09+01:00 Claim unbound in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data

[Git][security-tracker-team/security-tracker][master] Reclaim tomcat9 and knot-resolver.

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: a5b32c1b by Markus Koschany at 2024-02-11T00:58:18+01:00 Reclaim tomcat9 and knot-resolver. - - - - - 1 changed file: - data/dla-needed.txt Changes: = data

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3721-1 for xorg-server

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: fd1078ed by Markus Koschany at 2024-01-25T22:53:07+01:00 Reserve DLA-3721-1 for xorg-server - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3709-2 squid

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 35f2ce6a by Markus Koschany at 2024-01-22T19:52:02+01:00 Reserve DLA-3709-2 squid - - - - - 1 changed file: - data/DLA/list Changes: = data/DLA/list

[Git][security-tracker-team/security-tracker][master] 18 commits: CVE-2022-41678,activemq: mark as unimportant

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 03d4849f by Markus Koschany at 2024-01-21T20:39:28+01:00 CVE-2022-41678,activemq: mark as unimportant We dont ship or use Jolokia. The assembly module in ActiveMQ is also ignored/disabled

[Git][security-tracker-team/security-tracker][master] 6 commits: Triage libcrypto++ CVE as no-dsa for Buster.

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 307fc42f by Markus Koschany at 2024-01-15T15:02:54+01:00 Triage libcrypto++ CVE as no-dsa for Buster. Minor issues - - - - - e6e036e0 by Markus Koschany at 2024-01-15T15:02:56+01:00 CVE-2023-37117

[Git][security-tracker-team/security-tracker][master] 3 commits: Remove postfix from dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 0070eef2 by Markus Koschany at 2024-01-09T08:41:19+01:00 Remove postfix from dla-needed.txt - - - - - 622e37f6 by Markus Koschany at 2024-01-09T08:41:20+01:00 CVE-2023-51764,postfix: Mark Buster

[Git][security-tracker-team/security-tracker][master] Re-add squid to dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: c5c209dd by Markus Koschany at 2024-01-09T01:15:53+01:00 Re-add squid to dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3709-1 for squid

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: b5444bf5 by Markus Koschany at 2024-01-09T01:01:18+01:00 Reserve DLA-3709-1 for squid - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2023-46728,squid: Mark Buster as ignored

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 8a58e795 by Markus Koschany at 2024-01-08T21:51:11+01:00 CVE-2023-46728,squid: Mark Buster as ignored Gopher support has been removed upstream. Since Gopher is ancient and rarely used, we recommend

[Git][security-tracker-team/security-tracker][master] Claim postfix in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: bdf2ecb3 by Markus Koschany at 2024-01-05T23:22:16+01:00 Claim postfix in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3708-1 for exim4

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 3f36ff2f by Markus Koschany at 2024-01-05T23:04:57+01:00 Reserve DLA-3708-1 for exim4 - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] Claim squid in dsa-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 7d093b40 by Markus Koschany at 2024-01-04T22:25:51+01:00 Claim squid in dsa-needed.txt - - - - - 1 changed file: - data/dsa-needed.txt Changes: = data/dsa

[Git][security-tracker-team/security-tracker][master] Reserve DSA-5596-1 for asterisk

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: b91e60e8 by Markus Koschany at 2024-01-04T22:13:06+01:00 Reserve DSA-5596-1 for asterisk - - - - - 2 changed files: - data/DSA/list - data/dsa-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3706-1 for netatalk

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: bc48f615 by Markus Koschany at 2024-01-04T22:06:55+01:00 Reserve DLA-3706-1 for netatalk - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] 2 commits: Claim asterisk in dsa-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 346e501d by Markus Koschany at 2023-12-29T00:06:20+01:00 Claim asterisk in dsa-needed.txt - - - - - 48def921 by Markus Koschany at 2023-12-29T00:07:48+01:00 Claim exim4 and netatalk in dla

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3696-1 for asterisk

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: d420ec52 by Markus Koschany at 2023-12-28T23:55:14+01:00 Reserve DLA-3696-1 for asterisk - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] 3 commits: Remove bouncycastle from dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 4a07c938 by Markus Koschany at 2023-12-23T22:00:07+01:00 Remove bouncycastle from dla-needed.txt - - - - - 5775dc48 by Markus Koschany at 2023-12-23T22:09:43+01:00 CVE-2023-33202,bouncycastle

[Git][security-tracker-team/security-tracker][master] Update notes of squid and bouncycastle in dla-needed.txt and reclaim the

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: bfb04929 by Markus Koschany at 2023-12-18T15:47:48+01:00 Update notes of squid and bouncycastle in dla-needed.txt and reclaim the packages. - - - - - 1 changed file: - data/dla-needed.txt

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3687-1 for rabbitmq-server

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 0cba743a by Markus Koschany at 2023-12-13T23:11:31+01:00 Reserve DLA-3687-1 for rabbitmq-server - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] Reclaim rabbitmq-server in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: f2ec2f3d by Markus Koschany at 2023-12-11T18:41:52+01:00 Reclaim rabbitmq-server in dla-needed.txt Ready. Coming soon. - - - - - 1 changed file: - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] CVE-2023-33202,bouncycastle: link to fixing commit

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: b02c3a18 by Markus Koschany at 2023-12-04T18:04:21+01:00 CVE-2023-33202,bouncycastle: link to fixing commit The actual fix is not in PEMParser.java but in ASN1Set.java. Upstream provided more

[Git][security-tracker-team/security-tracker][master] CVE-2023-46589,tomcat10: fixed in unstable

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 29938fd3 by Markus Koschany at 2023-12-03T13:39:17+01:00 CVE-2023-46589,tomcat10: fixed in unstable - - - - - 1 changed file: - data/CVE/list Changes

[Git][security-tracker-team/security-tracker][master] 2 commits: Remove flatpak from dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 7e9a816a by Markus Koschany at 2023-11-30T23:11:40+01:00 Remove flatpak from dla-needed.txt As discussed with Sylvain via private email. Here is my reasoning from 13.07.2023 again. CVE-2023-28100

[Git][security-tracker-team/security-tracker][master] CVE-2023-33201,CVE-2023-33202,bouncycastle: fixed in unstable

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 0fde016a by Markus Koschany at 2023-11-30T22:29:20+01:00 CVE-2023-33201,CVE-2023-33202,bouncycastle: fixed in unstable - - - - - 1 changed file: - data/CVE/list Changes

[Git][security-tracker-team/security-tracker][master] CVE-2023-23583,intel-microcode: clarify postponed reason

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 2403d2a9 by Markus Koschany at 2023-11-29T12:21:35+01:00 CVE-2023-23583,intel-microcode: clarify postponed reason CVE-2023-23583 affects only newer CPU features. Can be fixed with the next round

[Git][security-tracker-team/security-tracker][master] Claim bouncycastle and squid in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 79f6e7d8 by Markus Koschany at 2023-11-27T19:43:26+01:00 Claim bouncycastle and squid in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] 2 commits: Remove curl from dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 8ad8336e by Markus Koschany at 2023-11-24T19:40:42+01:00 Remove curl from dla-needed.txt This was a bit confusing. Apparently curl was added to dla-needed.txt and afterwards someone triaged the two

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3664-1 for symfony

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 317bbfde by Markus Koschany at 2023-11-24T19:19:15+01:00 Reserve DLA-3664-1 for symfony - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] 2 commits: Claim curl and symfony in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: f36c0119 by Markus Koschany at 2023-11-22T20:07:05+01:00 Claim curl and symfony in dla-needed.txt - - - - - fc9c0a74 by Markus Koschany at 2023-11-22T20:08:15+01:00 Reserve DLA-3660-1 for gnutls28

[Git][security-tracker-team/security-tracker][master] Claim gnutls28 in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 6bedd532 by Markus Koschany at 2023-11-20T23:24:17+01:00 Claim gnutls28 in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3658-1 for wordpress

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: fb6522fe by Markus Koschany at 2023-11-20T21:52:00+01:00 Reserve DLA-3658-1 for wordpress - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3657-1 for activemq

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: e07f843a by Markus Koschany at 2023-11-20T21:50:55+01:00 Reserve DLA-3657-1 for activemq - - - - - 3 changed files: - data/CVE/list - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2023-39999,wordpress: link to upstream changeset

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 3c92d43c by Markus Koschany at 2023-11-20T20:19:11+01:00 CVE-2023-3,wordpress: link to upstream changeset - - - - - aef5fe37 by Markus Koschany at 2023-11-20T20:22:40+01:00 CVE-2023-38000

[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-48011: link to correct fixing commit again

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: c9a56471 by Markus Koschany at 2023-11-19T21:34:16+01:00 CVE-2023-48011: link to correct fixing commit again - - - - - 25bc891b by Markus Koschany at 2023-11-19T21:34:49+01:00 Claim wordpress

[Git][security-tracker-team/security-tracker][master] Reserve DSA-5558-1 for netty

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: fb8c6f97 by Markus Koschany at 2023-11-18T16:58:07+01:00 Reserve DSA-5558-1 for netty - - - - - 3 changed files: - data/CVE/list - data/DSA/list - data/dsa-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] 4 commits: Add gst-plugins-bad1.0 to dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 533a66d6 by Markus Koschany at 2023-11-18T01:19:37+01:00 Add gst-plugins-bad1.0 to dla-needed.txt - - - - - 79818a3b by Markus Koschany at 2023-11-18T01:51:00+01:00 CVE-2023-46118,rabbitmq-server

[Git][security-tracker-team/security-tracker][master] 8 commits: Add gnutls28 to dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: b1140c02 by Markus Koschany at 2023-11-17T11:27:33+01:00 Add gnutls28 to dla-needed.txt - - - - - 11e42605 by Markus Koschany at 2023-11-17T11:53:16+01:00 CVE-2023-44429,gst-plugins-bad1.0: Buster

[Git][security-tracker-team/security-tracker][master] Add clamav to dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 8fda347f by Markus Koschany at 2023-11-13T21:35:37+01:00 Add clamav to dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla

[Git][security-tracker-team/security-tracker][master] Claim netty in dsa-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: f70238ad by Markus Koschany at 2023-11-12T20:52:57+01:00 Claim netty in dsa-needed.txt - - - - - 1 changed file: - data/dsa-needed.txt Changes: = data/dsa

[Git][security-tracker-team/security-tracker][master] CVE-2023-34462,CVE-2023-44487,netty: fixed in unstable

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 62f81dd4 by Markus Koschany at 2023-11-11T23:32:16+01:00 CVE-2023-34462,CVE-2023-44487,netty: fixed in unstable - - - - - 1 changed file: - data/CVE/list Changes

[Git][security-tracker-team/security-tracker][master] 3 commits: Remove mosquitto from dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 09a3a1a9 by Markus Koschany at 2023-11-10T02:02:52+01:00 Remove mosquitto from dla-needed.txt - - - - - 853f87ec by Markus Koschany at 2023-11-10T02:03:45+01:00 CVE-2023-5632,mosquitto: buster

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3647-1 for trapperkeeper-webserver-jetty9-clojure

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 670f51ad by Markus Koschany at 2023-11-07T00:03:06+01:00 Reserve DLA-3647-1 for trapperkeeper-webserver-jetty9-clojure - - - - - 1 changed file: - data/DLA/list Changes

[Git][security-tracker-team/security-tracker][master] 3 commits: Remove memcached from dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 334571c9 by Markus Koschany at 2023-11-05T00:13:24+01:00 Remove memcached from dla-needed.txt - - - - - d66194c5 by Markus Koschany at 2023-11-05T00:14:38+01:00 Triage CVE-2023-46852,CVE-2023-46853

[Git][security-tracker-team/security-tracker][master] Claim memcached and mosquitto

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: e9655085 by Markus Koschany at 2023-10-31T18:18:32+01:00 Claim memcached and mosquitto - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3641-1 for jetty9

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: c93dfd66 by Markus Koschany at 2023-10-30T21:05:48+01:00 Reserve DLA-3641-1 for jetty9 - - - - - 3 changed files: - data/CVE/list - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] Reserve DSA-5540-1 for jetty9

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 61ae1034 by Markus Koschany at 2023-10-30T20:33:50+01:00 Reserve DSA-5540-1 for jetty9 - - - - - 2 changed files: - data/DSA/list - data/dsa-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] Claim jetty9 in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: a2fecbde by Markus Koschany at 2023-10-17T14:56:30+02:00 Claim jetty9 in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3622-1 for axis

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 40bc7938 by Markus Koschany at 2023-10-17T14:43:58+02:00 Reserve DLA-3622-1 for axis - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] CVE-2023-40743,axis: fixed in unstable

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 3eb92488 by Markus Koschany at 2023-10-17T01:19:16+02:00 CVE-2023-40743,axis: fixed in unstable - - - - - 1 changed file: - data/CVE/list Changes: = data

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3617-2 for tomcat9

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 549a6c75 by Markus Koschany at 2023-10-17T00:21:00+02:00 Reserve DLA-3617-2 for tomcat9 - - - - - 1 changed file: - data/DLA/list Changes: = data/DLA/list

[Git][security-tracker-team/security-tracker][master] Reserve DSA-5522-3 for tomcat9

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: ea48b2ca by Markus Koschany at 2023-10-16T23:32:07+02:00 Reserve DSA-5522-3 for tomcat9 - - - - - 1 changed file: - data/DSA/list Changes: = data/DSA/list

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3617-1 for tomcat9

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: e22f6593 by Markus Koschany at 2023-10-13T15:55:42+02:00 Reserve DLA-3617-1 for tomcat9 - - - - - 3 changed files: - data/CVE/list - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] Reserve DSA-5522-2 tomcat9

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 9f3250a1 by Markus Koschany at 2023-10-12T22:27:42+02:00 Reserve DSA-5522-2 tomcat9 - - - - - 1 changed file: - data/DSA/list Changes: = data/DSA/list

[Git][security-tracker-team/security-tracker][master] Triage tomcat9 issues in bookworm, trixie and sid

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 68b144c3 by Markus Koschany at 2023-10-12T00:00:06+02:00 Triage tomcat9 issues in bookworm, trixie and sid Marking them as fixed in 9.0.70-2 because the server stack has been removed - - - - - 1

[Git][security-tracker-team/security-tracker][master] Correct CVE entry for tomcat9

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: b5a4cb63 by Markus Koschany at 2023-10-10T23:53:45+02:00 Correct CVE entry for tomcat9 - - - - - 1 changed file: - data/DSA/list Changes: = data/DSA/list

[Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DSA-5521-1 tomcat10

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 2ceefb87 by Markus Koschany at 2023-10-10T23:44:04+02:00 Reserve DSA-5521-1 tomcat10 - - - - - a9d230fc by Markus Koschany at 2023-10-10T23:44:58+02:00 Reserve DSA-5522-1 tomcat9 - - - - - 3

[Git][security-tracker-team/security-tracker][master] 2 commits: Update status of mosquitto in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: cf8fce17 by Markus Koschany at 2023-10-09T17:00:58+02:00 Update status of mosquitto in dla-needed.txt - - - - - 8e741655 by Markus Koschany at 2023-10-09T17:01:47+02:00 Claim axis in dla-needed.txt

[Git][security-tracker-team/security-tracker][master] 3 commits: CVE-2023-41115,exim4: Buster is not affected

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 2e81fdd4 by Markus Koschany at 2023-10-03T02:37:46+02:00 CVE-2023-41115,exim4: Buster is not affected The external authenticator support was introduced later. https://git.exim.org/exim.git/commit

[Git][security-tracker-team/security-tracker][master] 2 commits: Reserve DSA-5511-1 mosquitto

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: e92462c4 by Markus Koschany at 2023-10-01T21:14:32+02:00 Reserve DSA-5511-1 mosquitto - - - - - 93bfc428 by Markus Koschany at 2023-10-01T21:15:32+02:00 CVE-2021-41039,mosquitto: Mark Bullseye

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3597-1 for open-vm-tools

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: bb645b35 by Markus Koschany at 2023-10-01T21:06:07+02:00 Reserve DLA-3597-1 for open-vm-tools - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes

[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2023-0809,mosquitto: Buster is not affected

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: d271c1b5 by Markus Koschany at 2023-10-01T19:37:00+02:00 CVE-2023-0809,mosquitto: Buster is not affected The vulnerable code was introduced later. mosq_cs_new function is already used

[Git][security-tracker-team/security-tracker][master] Claim exim4 and open-vm-tools in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: db032b36 by Markus Koschany at 2023-09-30T23:45:52+02:00 Claim exim4 and open-vm-tools in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes

  1   2   3   4   5   6   7   8   9   10   >