[Git][security-tracker-team/security-tracker][master] Remove source package information for CVE-2018-1000166

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 4cfc5933 by Salvatore Bonaccorso at 2018-04-17T07:23:35+02:00 Remove source package information for CVE-2018-1000166 Once properly rejected will move from RESERVED to REJECTED status. - - - - -

[Git][security-tracker-team/security-tracker][master] 2 commits: Take linux from dsa-needed list

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: be874d3d by Salvatore Bonaccorso at 2018-04-17T07:30:20+02:00 Take linux from dsa-needed list - - - - - 309f0d1e by Salvatore Bonaccorso at 2018-04-17T07:30:30+02:00 Add linux-tools to

[Git][security-tracker-team/security-tracker][master] Reference full commit ids for CVE-2018-0737

) NOTE: https://www.openssl.org/news/secadv/20180416.txt - NOTE: OpenSSL_1_1_0-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=6939eab03 - NOTE: OpenSSL_1_0_2-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=349a41da1 + NOTE: OpenSSL_1_1_0-stable: https

[Git][security-tracker-team/security-tracker][master] remove undetermined freeipa entry

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 4aaa7f89 by Moritz Muehlenhoff at 2018-04-16T20:29:32+02:00 remove undetermined freeipa entry - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] cacti: note that CVE-2018-10059 does not affect stable and older

Paul Gevers pushed to branch master at Debian Security Tracker / security-tracker Commits: 4a86e02b by Paul Gevers at 2018-04-16T20:02:10+02:00 cacti: note that CVE-2018-10059 does not affect stable and older - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Update the status of gcc retpoline backporting in dla-needed.txt

ersion as well? (buxy) + NOTE: 20180416: We're now working on adding gcc-4.9 instead of backporting + NOTE: 20180416: retpoline to older compiler versions. (benh) + NOTE: 20180416: The backported package will be renamed as it has to be + NOTE: 20180416: packaged differently to avoid conflicts wi

[Git][security-tracker-team/security-tracker][master] Add new openssl issue

for next DSA and upstream release) + - openssl1.0 (low) + [stretch] - openssl1.0 (Can wait for next DSA and upstream release) + NOTE: https://www.openssl.org/news/secadv/20180416.txt + NOTE: OpenSSL_1_1_0-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=6939eab03

[Git][security-tracker-team/security-tracker][master] Reserve DLA-1348-1 for patch

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker Commits: 79a53236 by Chris Lamb at 2018-04-16T12:11:08+01:00 Reserve DLA-1348-1 for patch - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes: =

[Git][security-tracker-team/security-tracker][master] Add note that the wheezy version of patch contains a testcase for CVE-2018-1000156.

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker Commits: 9abe7f40 by Chris Lamb at 2018-04-16T12:15:07+01:00 Add note that the wheezy version of patch contains a testcase for CVE-2018-1000156. - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] r-cran-readxl DSA

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 633d1d31 by Moritz Muehlenhoff at 2018-04-16T20:56:40+02:00 r-cran-readxl DSA - - - - - 2 changed files: - data/DSA/list - data/dsa-needed.txt Changes: =

[Git][security-tracker-team/security-tracker][master] Update note for CVE-2018-10021

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 14347938 by Salvatore Bonaccorso at 2018-04-16T21:44:04+02:00 Update note for CVE-2018-10021 - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a9ed6023 by security tracker role at 2018-04-16T20:10:27+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Update CVE-2018-384{8,9}/cfitsio

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 6879f834 by Salvatore Bonaccorso at 2018-04-16T22:33:47+02:00 Update CVE-2018-384{8,9}/cfitsio - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Note that I'm working on linux and linux-tools updates for wheezy

for other CVEs applied upstream and in sid. (agx) -- -linux +linux (Ben Hutchings) + NOTE: 20180416: This depends on gcc-4.9 and linux-tools updates (benh) +-- +linux-tools (Ben Hutchings) + NOTE: 20180416: This needs to be updated to mark out-of-tree modules built + NOTE: 20180416: with retpoline

[Git][security-tracker-team/security-tracker][master] Associate #892458 with CVE-2018-38{6,8,9}/cfitsio

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5df14303 by Salvatore Bonaccorso at 2018-04-16T22:42:53+02:00 Associate #892458 with CVE-2018-38{6,8,9}/cfitsio CVE-2018-1000166 looks to be a duplicate of covering all those three CVEs. DWF

[Git][security-tracker-team/security-tracker][master] Add CVE-2018-3846/cfitsio

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 690fc3e9 by Salvatore Bonaccorso at 2018-04-16T22:42:16+02:00 Add CVE-2018-3846/cfitsio - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add CVE-2018-10124

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 918a923a by Salvatore Bonaccorso at 2018-04-16T21:47:47+02:00 Add CVE-2018-10124 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8f8247aa by Salvatore Bonaccorso at 2018-04-16T22:21:00+02:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Add note for wordpress

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: bdfffa69 by Salvatore Bonaccorso at 2018-04-16T09:45:46+02:00 Add note for wordpress - - - - - 1 changed file: - data/dsa-needed.txt Changes: =

[Git][security-tracker-team/security-tracker][master] Add preliminary information on two new libreoffice issues

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: dd107217 by Salvatore Bonaccorso at 2018-04-16T10:18:46+02:00 Add preliminary information on two new libreoffice issues - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: cd64beed by security tracker role at 2018-04-16T08:10:12+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] 2 commits: Process NFU

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 9e15db75 by Salvatore Bonaccorso at 2018-04-16T10:12:50+02:00 Process NFU - - - - - 1d56ca33 by Salvatore Bonaccorso at 2018-04-16T10:13:46+02:00 Process more NFUs - - - - - 1 changed file:

[Git][security-tracker-team/security-tracker][master] Mark CVE-2017-16645 as unimportant

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 467b8612 by Salvatore Bonaccorso at 2018-04-17T07:10:36+02:00 Mark CVE-2017-16645 as unimportant - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] 2 commits: claim a stab at qemu

Antoine Beaupré pushed to branch master at Debian Security Tracker / security-tracker Commits: 037eeef8 by Antoine Beaupré at 2018-04-16T19:44:34-04:00 claim a stab at qemu - - - - - 773a11c5 by Antoine Beaupré at 2018-04-16T19:45:39-04:00 better path to patch upstream in CVE-2018-7550 - - -