Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f601883c by Ola Lundqvist at 2022-07-14T22:15:14+02:00
Marked CVE-2022-23816, CVE-2022-23825 and CVE-2022-29900 as end-of-life for
buster.
- - - - -
1 changed file:
- data/CVE/list
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
441a14a6 by Ola Lundqvist at 2022-07-14T21:39:36+02:00
Updated lts-cve-triage.py script so that it checks for unsupported packages for
buster insted of stretch. This will make future LTS front desk
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
35e96a7a by Ola Lundqvist at 2022-07-12T00:10:36+02:00
Added curl to dla-needed since it is in DSA needed and at least one
vulnerability applies to buster as well.
- - - - -
587dc5e1 by Ola
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
55001d9c by Ola Lundqvist at 2022-07-11T23:23:41+02:00
Wrote a script to bulk add EOL entries for LTS buster.
- - - - -
b4c0adda by Ola Lundqvist at 2022-07-11T23:23:43+02:00
Bulk added EOL entries
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5f3a2325 by Ola Lundqvist at 2022-05-22T23:27:37+02:00
Added firefox-esr to dla-needed. It looks serious enough to not halt any
update. Did not check the source code so that must be done by someone
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e00cb9f6 by Ola Lundqvist at 2022-05-22T23:07:38+02:00
libspring-java no longer supported for stretch. Marking CVE-2022-22970 and
CVE-2022-22971 accordingly.
- - - - -
a282c886 by Ola Lundqvist
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0a10d9eb by Ola Lundqvist at 2022-05-21T00:28:02+02:00
Marked CVE-2022-1785 and CVE-2022-1796 as no-dsa for vim in strech.
- - - - -
1 changed file:
- data/CVE/list
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
41628ef6 by Ola Lundqvist at 2022-05-21T00:10:47+02:00
Marked 43 CVEs (some from 2020, some from 2021 and some from 2022) as
end-of-life in stretch for gpac.
- - - - -
1 changed file:
- data/CVE
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
843d2ece by Ola Lundqvist at 2022-05-20T23:31:25+02:00
Marked CVE-2021-44492 to CVE-2021-44510 as ignored in stretch following buster.
- - - - -
b64c0bbf by Ola Lundqvist at 2022-05-20T23:34:07+02:00
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
eb34768a by Ola Lundqvist at 2022-05-17T21:45:49+02:00
Added needrestart to dla-needed since CVE-2022-30688 is already fixed in buster.
- - - - -
77d25545 by Ola Lundqvist at 2022-05-17T21:45:49+02
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
64111f16 by Ola Lundqvist at 2022-05-17T09:13:55+02:00
Added exempi to dla-needed. Further analysis is needed but a lot of packages
depends on libexempi8.
- - - - -
1 changed file:
- data/dla
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4deb2397 by Ola Lundqvist at 2022-05-17T08:57:20+02:00
Corrected the package name of 389-ds-base in dla-needed.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ce772c69 by Ola Lundqvist at 2022-05-17T08:51:02+02:00
Added 386-ds-base to DLA needed. The install base is small so the priority is
probably low. Also the vulnerability is not the most important one
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
585f3dbe by Ola Lundqvist at 2022-05-16T22:08:00+02:00
Marked CVE-2022-30333 as no-dsa for rar and unrar-nonfree following buster.
- - - - -
b57c7034 by Ola Lundqvist at 2022-05-16T22:08:01+02:00
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b52366c2 by Ola Lundqvist at 2022-05-16T21:33:21+02:00
Marked CVE-2022-29977 and CVE-2022-29978 as no-dsa following buster. This is
just a few more issues in a long list for this package
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
af5206ef by Ola Lundqvist at 2022-05-16T21:29:41+02:00
Marked CVE-2022-29973 as no-dsa for fuse-exfat in stretch following buster.
- - - - -
a1cc783f by Ola Lundqvist at 2022-05-16T21:29:42+02:00
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2b060256 by Ola Lundqvist at 2022-05-16T21:13:46+02:00
slurm-llnl is clearly vulnerable so added to dla-needed.txt since it is also in
dsa-needed.
- - - - -
1 changed file:
- data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1f0d1b4a by Ola Lundqvist at 2022-05-16T20:51:40+02:00
Marked CVE-2022-1650 as end-of-life for strech according as suggested by the
lts triaging script.
- - - - -
1 changed file:
- data/CVE/list
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6f76e0f3 by Ola Lundqvist at 2021-11-16T09:48:00+01:00
Re-claim libssh2.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ab78748f by Ola Lundqvist at 2021-10-31T22:38:36+01:00
Claimed libssh2.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b8f182bf by Ola Lundqvist at 2021-09-01T21:37:58+02:00
Added libxstream-java to dla-needed with a note to look at the mail thread
about this topic.
- - - - -
1 changed file:
- data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
24adab4c by Ola Lundqvist at 2021-06-25T08:14:33+02:00
Reverted the triage result for firmware-nonfree in strecth. It was concluded
based on a false assumption.
- - - - -
2 changed files:
- data
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2f6ecd0f by Ola Lundqvist at 2021-06-24T14:02:01+02:00
Further checked firmware nonfree. The conclusion is thar firmware-nonfree does
not contain the vulnerable source. Instead the code
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e2cb5dfd by Ola Lundqvist at 2021-06-24T10:14:26+02:00
Triage result for golang packages in stretch. Marked all issues for golang-1.8,
golang-x-text and golang-golang-x-net-dev as no-dsa since
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ce36f973 by Ola Lundqvist at 2021-06-23T23:16:13+02:00
Triaged mapcache for stretch following no-dsa decision for buster.
- - - - -
1 changed file:
- data/CVE/list
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0bde8510 by Ola Lundqvist at 2021-06-23T14:15:40+02:00
Re-added the no-dsa decision for LTS golang-gogoprotobuf CVE-2021-3121. It was
previously marked for jessie which was not the intention
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
937faf5c by Ola Lundqvist at 2021-06-21T22:47:24+02:00
Concluded that qemu update is not necessary for strech. CVE-2021-3607, 3608 and
CVE-2021-3582 not affected since the vulnerable code
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7a3b8f0d by Ola Lundqvist at 2021-05-28T23:32:22+02:00
Marked CVE-2020-35546 as no-dsa for stretch following decision for buster.
Removed from dla-needed accordingly.
- - - - -
56b99482 by Ola
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0d5db72c by Ola Lundqvist at 2021-05-26T13:47:48+02:00
Marked CVE-2021-30130 as not-affected, with a note, for stretch and removed
*phpseclib from dla-needed file.
- - - - -
2 changed files
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8bd3e9bf by Ola Lundqvist at 2021-05-26T13:18:45+02:00
Claim phpseclib for checking.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
05d65275 by Ola Lundqvist at 2021-05-20T08:35:47+02:00
Removed firmware-nonfree from dla needed. Marked the relevant CVEs as either
ignored (if linux package update is needed as well) or plain no-dsa
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c5d0b8f4 by Ola Lundqvist at 2021-05-19T21:08:22+02:00
Some more information about firmware-nonfree update plans.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4bdf98d5 by Ola Lundqvist at 2021-05-19T09:21:03+02:00
Some update on status for firmware-nonfree.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6c673013 by Ola Lundqvist at 2021-05-19T09:11:02+02:00
Marked CVE-2021-3121 as no-dsa as discussed via email. Removed
golang-gogoprotobuf from dla-needed as a result since no other CVEs are open
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1ff8a951 by Ola Lundqvist at 2021-04-20T08:00:07+02:00
Marked CVE-2020-12460 for opendmarc because it has been done for buster and
also the description looks like a minor issue.
- - - - -
1
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2985624f by Ola Lundqvist at 2021-03-18T22:07:54+01:00
Giving package to someone else to conclude.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1c277529 by Ola Lundqvist at 2021-03-08T23:02:25+01:00
Information about the golang-gogoprotobuf issue.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
24e3c0a1 by Ola Lundqvist at 2021-02-26T14:53:17+01:00
Fix a stash issue.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f991c703 by Ola Lundqvist at 2021-02-26T12:53:33+01:00
Claim php-pear for LTS.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
343d9106 by Ola Lundqvist at 2021-02-05T10:16:32+01:00
Some check of condor.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
64c490fe by Ola Lundqvist at 2021-01-04T23:33:15+01:00
Some updates on golang issues.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
19dbdfaa by Ola Lundqvist at 2021-01-03T00:04:31+01:00
Removed a note that has been clarified and hopefully clarified a note from
Adrian.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2c4a132e by Ola Lundqvist at 2020-12-30T23:33:45+01:00
Did some work on wireshark to check the status of the known vulnerabilities in
strech. Marked all as postponed with notes on how it can be fixed
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fa0f156e by Ola Lundqvist at 2020-12-30T14:45:48+01:00
Note about reel.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
236dceac by Ola Lundqvist at 2020-12-17T06:59:54+01:00
Tagged two CVEs as unimportant for pluxml after asking for advice on how it
should be handled. The reason is that you have to be admin
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2ac1ebe5 by Ola Lundqvist at 2020-12-16T07:48:03+01:00
Investigation information for pluxml. Questioning that this is vulnerabilities
to fix.
- - - - -
2 changed files:
- data/CVE/list
- data/dla
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
867b2bc9 by Ola Lundqvist at 2020-12-15T08:01:53+01:00
Some more information for ruby-doorkeeper.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
43736bcb by Ola Lundqvist at 2020-12-15T07:48:09+01:00
Declared CVE-2016-11086 as minor issue since the problem is exploitable if
/etc/ssl/certs/ca-certificates.crt does not exist. However this file
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ddce607f by Ola Lundqvist at 2020-09-28T22:33:19+02:00
Added a note about ceph progress.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c6eba7bc by Ola Lundqvist at 2020-09-13T22:57:49+02:00
Update on ceph progress.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
17bd01f9 by Ola Lundqvist at 2020-08-30T23:00:10+02:00
Claim samba.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
be8b0f21 by Ola Lundqvist at 2020-08-29T23:38:04+02:00
Ola claims ceph.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7840006e by Ola Lundqvist at 2020-06-29T23:47:42+02:00
Reserve DLA-2263-1 for drupal7
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2ebee5f4 by Ola Lundqvist at 2020-06-27T23:44:25+02:00
Concluded that CVE-2018-21245 was already corrected in jessie.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7e49e57e by Ola Lundqvist at 2020-06-27T00:05:25+02:00
Claimed pound.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b1760b38 by Ola Lundqvist at 2020-06-26T23:56:43+02:00
Claimed drupal7.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7d681a4d by Ola Lundqvist at 2020-06-26T23:49:21+02:00
Concluded that CVE-2020-14150 in bison is not worth fixing in jessie.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1db624b4 by Ola Lundqvist at 2020-06-25T22:52:09+02:00
Reserve DLA-2254-1 for alpine
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
139e7b3f by Ola Lundqvist at 2020-06-21T00:42:28+02:00
Claiming alpine.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7bf25112 by Ola Lundqvist at 2020-06-20T22:44:44+02:00
More information about libdatetime-timezone-perl.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
062ecbe1 by Ola Lundqvist at 2020-06-19T23:28:49+02:00
Note given about this.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f9b18290 by Ola Lundqvist at 2020-05-04T23:40:00+02:00
Only one issue CVE-2020-11647 marked for fixing for wireshark. However the
issue is really similar to another issue that is postponed. Therefore
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9c242714 by Ola Lundqvist at 2020-05-04T23:20:02+02:00
It looks like the stretch bluez update can be applied as is. Should be
double-checked. The only thing that fail is hog.c but that file does
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1f826fb1 by Ola Lundqvist at 2020-05-03T20:26:25+02:00
Gpac is not affected by CVE-2020-11558 in jessie.
- - - - -
de55fd37 by Ola Lundqvist at 2020-05-03T20:26:25+02:00
Doing some work on bluez
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
af345723 by Ola Lundqvist at 2020-05-02T22:17:17+02:00
Decided that condor is worth fixing even though it is not that popular.
- - - - -
c46dd272 by Ola Lundqvist at 2020-05-02T22:19:51+02:00
Decided
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
55911f36 by Ola Lundqvist at 2020-05-02T00:15:27+02:00
Following Debian Security decision marking CVE-2020-11721 for libsixel with
no-dsa for jessie.
- - - - -
1 changed file:
- data/CVE/list
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bca38c65 by Ola Lundqvist at 2020-05-01T23:58:00+02:00
Adding apache2 to DLA needed as a response of bug #60251.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ed232f0a by Ola Lundqvist at 2020-05-01T23:12:03+02:00
EOL entries for vlc in jessie.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d9c12730 by Ola Lundqvist at 2020-05-01T22:42:05+02:00
Wordpress triage result. Some issues not affecting jessie. Found a few issues
but I could not find two commits.
- - - - -
2 changed files
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f77705f6 by Ola Lundqvist at 2020-05-01T20:39:01+02:00
Triage result for jquery. CVE-2020-11023 and CVE-2020-11023 are fixed with the
same patch. The extend function htmlPrefilter does not exist
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f21b1165 by Ola Lundqvist at 2020-05-01T19:44:01+02:00
Could not find anything that change the Security Team decision in regards to
how to treat jessie for re2c vulnerability.
- - - - -
1 changed
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6667bfce by Ola Lundqvist at 2020-04-28T22:45:53+02:00
Marked a few CVEs for openexr as no-dsa since earlier CVEs has been marked the
same way.
- - - - -
1 changed file:
- data/CVE/list
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
65e27b29 by Ola Lundqvist at 2020-04-28T22:35:43+02:00
Concluded that samba and openldap are vulnerable to the same type of issue.
Both added to dla-needed.txt.
- - - - -
1 changed file:
- data
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ad014a07 by Ola Lundqvist at 2020-04-28T22:25:38+02:00
Followed later release decision to state no dsa for libgit2 CVE-2020-12278 and
CVE-2020-12279.
- - - - -
1 changed file:
- data/CVE/list
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1302e084 by Ola Lundqvist at 2020-04-28T21:57:41+02:00
Thank to Salvatore I now concluded that ruby2.1 is affected and should be fixed
just as ruby-json.
- - - - -
1 changed file:
- data/dla
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dd0cff64 by Ola Lundqvist at 2020-04-27T22:22:05+02:00
Conclusion for jessie regarding CVE-2020-10663. The package ruby-json should be
fixed since the code is clearly vulnerable and it looks like
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dc437678 by Ola Lundqvist at 2020-04-27T11:44:26+02:00
Qemu vulnerable in LTS as well and should be fixed.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
71b6360b by Ola Lundqvist at 2020-04-27T11:42:41+02:00
EOL entries for LTS.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b3445960 by Ola Lundqvist at 2020-04-05T14:34:33+02:00
Jessie phpmyadmin is not affected by CVE-2020-11441. Quite likely no Debian
release is affected but that should be checked specifically
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
746ff9c5 by Ola Lundqvist at 2020-04-04T13:16:37+02:00
Firefox seems to have a critical vulnerability needing a fix.
- - - - -
18180eda by Ola Lundqvist at 2020-04-04T13:22:54+02:00
No update needed
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
588e5230 by Ola Lundqvist at 2020-04-02T22:13:29+02:00
The vulnerable code mentioned in CVE-2020-6096 for glibc package is not present
in jessie.
- - - - -
1 changed file:
- data/CVE/list
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5d7caa98 by Ola Lundqvist at 2020-04-02T21:58:18+02:00
Marked a few CVEs for gpac as ignored following decision for later releases.
- - - - -
1 changed file:
- data/CVE/list
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e7a6861d by Ola Lundqvist at 2020-04-01T21:48:21+02:00
Ignoring CVE-2020-1927 and CVE-2020-1934 for apache2 following decision for
later releases.
- - - - -
f7642fd0 by Ola Lundqvist at 2020-04
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9b7298aa by Ola Lundqvist at 2020-03-31T22:08:30+02:00
Python bleach need to be fixed in jessie.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
df7c7817 by Ola Lundqvist at 2020-03-31T21:44:53+02:00
Marked CVE-2020-5274 and CVE-2020-5275 as not affected following security team
decision. Code inspection confirms this.
- - - - -
1 changed
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ebd93992 by Ola Lundqvist at 2020-03-29T22:45:12+02:00
Added comment for EOL entries for xen and tor for jessie.
- - - - -
1 changed file:
- data/CVE/list
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3f4f9ab1 by Ola Lundqvist at 2020-03-29T21:18:58+02:00
One more entry marked as EOL for xen in jessie.
- - - - -
1 changed file:
- data/CVE/list
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f67a5ebe by Ola Lundqvist at 2020-03-29T21:09:37+02:00
Marked quite a few CVEs for xen as EOL.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3a7d574a by Ola Lundqvist at 2020-03-29T21:02:10+02:00
Tor EOL for jessie.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a29b683d by Ola Lundqvist at 2020-02-29T12:37:25+01:00
Added php5 to dla needed. Vulnerable also in php5.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4176e72c by Ola Lundqvist at 2020-02-27T22:57:55+01:00
Changed python-bleach CVE from not-affected to ignored. Salvatore pointed out
that it was a wrong conclusion but the fix is too invasive
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5ba438cf by Ola Lundqvist at 2020-02-27T20:43:47+01:00
Marked three vulnerabilities for wireshark as postponed.
- - - - -
1 changed file:
- data/CVE/list
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
55b8e704 by Ola Lundqvist at 2020-02-27T20:30:55+01:00
CVE-2017-6363 marked as ignored for jessie following Debian Secutiry team.
- - - - -
1 changed file:
- data/CVE/list
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bcdf3a8a by Ola Lundqvist at 2020-02-27T20:08:51+01:00
Marked CVE-2020-6802 as not affected for jessie. The vulnerable functionality
does not exist in this version.
- - - - -
1 changed file
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a042dd95 by Ola Lundqvist at 2020-02-27T07:05:54+01:00
Added lua-cgi to the dla-needed list with a note that one possibility is to
declare it unsupported.
- - - - -
1 changed file:
- data/dla
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b6139950 by Ola Lundqvist at 2020-02-26T07:51:05+01:00
Added libspring-java to dla-needed with a note that it is not completely
triaged. Will continue later.
- - - - -
1 changed file:
- data/dla
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b1002d03 by Ola Lundqvist at 2020-02-26T07:31:41+01:00
Adding rake to dla-needed.txt. Simple to fix.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6cbebbf5 by Ola Lundqvist at 2020-02-25T07:55:37+01:00
CVE-2020-9365 marked as not affected since the vulnerable function does not
exist in the jessie version of pure-ftpd. Instead of the vulnerable
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bd4edf72 by Ola Lundqvist at 2020-02-25T07:47:32+01:00
Marked CVE-2020-9369 as not affected for jessie as well.
- - - - -
1 changed file:
- data/CVE/list
Changes
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
db0a45c8 by Ola Lundqvist at 2020-02-25T07:43:15+01:00
Marking two CVEs as ignoed for jessie following Debian Secutity Team decision
for later releases.
- - - - -
1 changed file:
- data/CVE/list
201 - 300 of 388 matches
Mail list logo