Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0bde8510 by Ola Lundqvist at 2021-06-23T14:15:40+02:00
Re-added the no-dsa decision for LTS golang-gogoprotobuf CVE-2021-3121. It was
previously marked for jessie which was not the intention.
- - -
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ce36f973 by Ola Lundqvist at 2021-06-23T23:16:13+02:00
Triaged mapcache for stretch following no-dsa decision for buster.
- - - - -
1 changed file:
- data/CVE/list
Changes:
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
937faf5c by Ola Lundqvist at 2021-06-21T22:47:24+02:00
Concluded that qemu update is not necessary for strech. CVE-2021-3607, 3608 and
CVE-2021-3582 not affected since the vulnerable code is
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2f6ecd0f by Ola Lundqvist at 2021-06-24T14:02:01+02:00
Further checked firmware nonfree. The conclusion is thar firmware-nonfree does
not contain the vulnerable source. Instead the code is in the
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
24adab4c by Ola Lundqvist at 2021-06-25T08:14:33+02:00
Reverted the triage result for firmware-nonfree in strecth. It was concluded
based on a false assumption.
- - - - -
2 changed files:
-
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
05d65275 by Ola Lundqvist at 2021-05-20T08:35:47+02:00
Removed firmware-nonfree from dla needed. Marked the relevant CVEs as either
ignored (if linux package update is needed as well) or plain no-dsa
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c5d0b8f4 by Ola Lundqvist at 2021-05-19T21:08:22+02:00
Some more information about firmware-nonfree update plans.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6c673013 by Ola Lundqvist at 2021-05-19T09:11:02+02:00
Marked CVE-2021-3121 as no-dsa as discussed via email. Removed
golang-gogoprotobuf from dla-needed as a result since no other CVEs are open
for
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4bdf98d5 by Ola Lundqvist at 2021-05-19T09:21:03+02:00
Some update on status for firmware-nonfree.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8bd3e9bf by Ola Lundqvist at 2021-05-26T13:18:45+02:00
Claim phpseclib for checking.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0d5db72c by Ola Lundqvist at 2021-05-26T13:47:48+02:00
Marked CVE-2021-30130 as not-affected, with a note, for stretch and removed
*phpseclib from dla-needed file.
- - - - -
2 changed files:
-
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7a3b8f0d by Ola Lundqvist at 2021-05-28T23:32:22+02:00
Marked CVE-2020-35546 as no-dsa for stretch following decision for buster.
Removed from dla-needed accordingly.
- - - - -
56b99482 by Ola
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e2cb5dfd by Ola Lundqvist at 2021-06-24T10:14:26+02:00
Triage result for golang packages in stretch. Marked all issues for golang-1.8,
golang-x-text and golang-golang-x-net-dev as no-dsa since it is
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b8f182bf by Ola Lundqvist at 2021-09-01T21:37:58+02:00
Added libxstream-java to dla-needed with a note to look at the mail thread
about this topic.
- - - - -
1 changed file:
- data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6f76e0f3 by Ola Lundqvist at 2021-11-16T09:48:00+01:00
Re-claim libssh2.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ab78748f by Ola Lundqvist at 2021-10-31T22:38:36+01:00
Claimed libssh2.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e8e75c4c by Ola Lundqvist at 2023-09-28T20:54:35+00:00
Added exim4 to dla-needed following decision for bookworm.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
55bc8f67 by Ola Lundqvist at 2023-09-28T21:12:17+00:00
Added gst-plugins-bad1.0 to dla-needed following decision for bookworm.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
76ca393a by Ola Lundqvist at 2023-10-01T19:46:41+00:00
Marked golang-golang-x-image CVEs as no-dsa for buster.
it is a DoS vulnerability, rather minor and the package has limited support.
- - - - -
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
345ff70f by Ola Lundqvist at 2023-10-01T19:18:20+00:00
Added a note about the work needed after upgrade of borgbackup.
- - - - -
66bd8cb9 by Ola Lundqvist at 2023-10-01T19:28:31+00:00
Marked a few
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c196dbfe by Ola Lundqvist at 2023-10-01T19:52:12+00:00
Marked composer CVE-2023-43655 as minor issue.
This is only a vulnerability on an improper configuration.
- - - - -
1 changed file:
-
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
aee2a5c4 by Ola Lundqvist at 2023-10-01T19:31:36+00:00
Buster no-dsa for gcc-7 and gcc-8 following bullseye decision.
- - - - -
4a2dfb1a by Ola Lundqvist at 2023-10-01T19:38:24+00:00
Marked
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a978d068 by Ola Lundqvist at 2023-09-26T14:24:52+00:00
Added python-reportlab to dla-needed since it has been fixed in all later
releases and seems to be important.
- - - - -
1 changed file:
-
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
56490f6a by Ola Lundqvist at 2023-09-29T18:46:49+00:00
Marked a few CVEs as end-of-life for buster.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4deb2397 by Ola Lundqvist at 2022-05-17T08:57:20+02:00
Corrected the package name of 389-ds-base in dla-needed.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
64111f16 by Ola Lundqvist at 2022-05-17T09:13:55+02:00
Added exempi to dla-needed. Further analysis is needed but a lot of packages
depends on libexempi8.
- - - - -
1 changed file:
-
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ce772c69 by Ola Lundqvist at 2022-05-17T08:51:02+02:00
Added 386-ds-base to DLA needed. The install base is small so the priority is
probably low. Also the vulnerability is not the most important one
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
eb34768a by Ola Lundqvist at 2022-05-17T21:45:49+02:00
Added needrestart to dla-needed since CVE-2022-30688 is already fixed in buster.
- - - - -
77d25545 by Ola Lundqvist at
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
41628ef6 by Ola Lundqvist at 2022-05-21T00:10:47+02:00
Marked 43 CVEs (some from 2020, some from 2021 and some from 2022) as
end-of-life in stretch for gpac.
- - - - -
1 changed file:
-
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
843d2ece by Ola Lundqvist at 2022-05-20T23:31:25+02:00
Marked CVE-2021-44492 to CVE-2021-44510 as ignored in stretch following buster.
- - - - -
b64c0bbf by Ola Lundqvist at 2022-05-20T23:34:07+02:00
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0a10d9eb by Ola Lundqvist at 2022-05-21T00:28:02+02:00
Marked CVE-2022-1785 and CVE-2022-1796 as no-dsa for vim in strech.
- - - - -
1 changed file:
- data/CVE/list
Changes:
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5f3a2325 by Ola Lundqvist at 2022-05-22T23:27:37+02:00
Added firefox-esr to dla-needed. It looks serious enough to not halt any
update. Did not check the source code so that must be done by someone.
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e00cb9f6 by Ola Lundqvist at 2022-05-22T23:07:38+02:00
libspring-java no longer supported for stretch. Marking CVE-2022-22970 and
CVE-2022-22971 accordingly.
- - - - -
a282c886 by Ola Lundqvist at
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1f0d1b4a by Ola Lundqvist at 2022-05-16T20:51:40+02:00
Marked CVE-2022-1650 as end-of-life for strech according as suggested by the
lts triaging script.
- - - - -
1 changed file:
- data/CVE/list
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2b060256 by Ola Lundqvist at 2022-05-16T21:13:46+02:00
slurm-llnl is clearly vulnerable so added to dla-needed.txt since it is also in
dsa-needed.
- - - - -
1 changed file:
- data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
af5206ef by Ola Lundqvist at 2022-05-16T21:29:41+02:00
Marked CVE-2022-29973 as no-dsa for fuse-exfat in stretch following buster.
- - - - -
a1cc783f by Ola Lundqvist at 2022-05-16T21:29:42+02:00
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b52366c2 by Ola Lundqvist at 2022-05-16T21:33:21+02:00
Marked CVE-2022-29977 and CVE-2022-29978 as no-dsa following buster. This is
just a few more issues in a long list for this package.
- - - - -
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
585f3dbe by Ola Lundqvist at 2022-05-16T22:08:00+02:00
Marked CVE-2022-30333 as no-dsa for rar and unrar-nonfree following buster.
- - - - -
b57c7034 by Ola Lundqvist at 2022-05-16T22:08:01+02:00
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
55001d9c by Ola Lundqvist at 2022-07-11T23:23:41+02:00
Wrote a script to bulk add EOL entries for LTS buster.
- - - - -
b4c0adda by Ola Lundqvist at 2022-07-11T23:23:43+02:00
Bulk added EOL entries
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
35e96a7a by Ola Lundqvist at 2022-07-12T00:10:36+02:00
Added curl to dla-needed since it is in DSA needed and at least one
vulnerability applies to buster as well.
- - - - -
587dc5e1 by Ola
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
441a14a6 by Ola Lundqvist at 2022-07-14T21:39:36+02:00
Updated lts-cve-triage.py script so that it checks for unsupported packages for
buster insted of stretch. This will make future LTS front desk
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f601883c by Ola Lundqvist at 2022-07-14T22:15:14+02:00
Marked CVE-2022-23816, CVE-2022-23825 and CVE-2022-29900 as end-of-life for
buster.
- - - - -
1 changed file:
- data/CVE/list
Changes:
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5b6a4a2b by Ola Lundqvist at 2022-09-06T22:57:34+02:00
Added firmware-nonfree to dla-needed and at the same time removed some CVEs
with non-free not supported for buster since firmware-nonfree is now
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
16e67227 by Ola Lundqvist at 2022-09-06T23:35:57+02:00
Marked CVE-2021-30130 as not affected in buster for php-phpseclib and phpseclib.
- - - - -
c6a9d207 by Ola Lundqvist at
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
de10c4e2 by Ola Lundqvist at 2022-09-06T23:27:02+02:00
Marked CVE-2021-3514 for 389-ds-base as no-dsa in buster with motivation minor
issue. This follows the decision made earlier for stretch. For
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d678175c by Ola Lundqvist at 2022-09-06T22:28:10+02:00
Marked quite a few golang issues as no-dsa for buster. Either with motivation
minor issue or limited support depending on the severity of the
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3e1acc24 by Ola Lundqvist at 2022-09-06T23:03:38+02:00
Marked CVE-2022-37434 for libz-mingw-w64 as no-dsa with motivation minor issue
following the analysis for bullseye.
- - - - -
b457154a by Ola
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dc036e00 by Ola Lundqvist at 2022-09-07T20:13:18+02:00
Marked CVE-2022-38531 affecting gpac as EOL for buster LTS.
- - - - -
d9e1d291 by Ola Lundqvist at 2022-09-07T20:19:12+02:00
Marked a few more
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
85c8e985 by Ola Lundqvist at 2022-09-07T21:23:00+02:00
Added node-tar to dla-needed.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dbc91343 by Ola Lundqvist at 2022-09-07T22:06:08+02:00
Marked CVE-2022-36059 affecting node-matrix-js-sdk as no-dsa in buster with
motivation minor issue.
- - - - -
2b0122c6 by Ola Lundqvist at
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
985e30da by Ola Lundqvist at 2022-09-07T22:37:23+02:00
Marked CVE-2022-35019 affecting advancecomp as no-dsa with motivation minor
issue.
- - - - -
1 changed file:
- data/CVE/list
Changes:
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bd20945d by Ola Lundqvist at 2022-09-05T23:27:53+02:00
Marked CVE-2021-30130 for phpseclib and php-phpseclib as not affecterd in
buster.
- - - - -
1 changed file:
- data/CVE/list
Changes:
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1b06a387 by Ola Lundqvist at 2022-09-05T21:53:36+02:00
Added a note for pcs pacakge.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9f317a5a by Ola Lundqvist at 2022-09-05T22:18:35+02:00
Added snort to dla-needed.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e12105ff by Ola Lundqvist at 2022-09-05T21:42:21+02:00
Added a note about CVE-2021-32686.
- - - - -
b3da704c by Ola Lundqvist at 2022-09-05T21:43:31+02:00
Added pcs to dla-needed following decision
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d0a466ec by Ola Lundqvist at 2022-09-05T23:47:33+02:00
Added sqlite3 to dla-needed since the issues are of normal severity and should
be easy to fix.
- - - - -
1 changed file:
-
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a38a497a by Ola Lundqvist at 2022-10-31T14:35:45+01:00
Added hsqldb to dla-needed for further investigation. It is possibly a breaking
change. A possible outcome is to ignore the issue.
- - - - -
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4cda4ada by Ola Lundqvist at 2022-10-31T15:08:25+01:00
Added rabbitmq-server to dla-needed. It should be checked further since the
solution involves a new configuration option.
- - - - -
1 changed
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
54134012 by Ola Lundqvist at 2022-10-31T15:11:18+01:00
Added libapreq2 to dla-needed. Webserver crash is not a good thing so it should
be solved.
- - - - -
1 changed file:
- data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9e691a37 by Ola Lundqvist at 2022-10-31T12:39:58+01:00
Triaged cmark-gfm for LTS (buster) and concluded CVE-2022-24724 and
CVE-2022-39209 to be minor issues. Same conclusion as for similar packages.
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0d67df40 by Ola Lundqvist at 2022-09-09T07:50:10+02:00
Marked all open CVEs for package aom as no-dsa with motivation minor issue in
buster.
- - - - -
e6a12f33 by Ola Lundqvist at
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
da509ec3 by Ola Lundqvist at 2022-09-09T08:20:47+02:00
Added mariadb-10.3 to dla-needed. There are no known urgent CVEs but the share
volume of issues warrants a fix. May be fixed at the same time as
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4686a5af by Ola Lundqvist at 2022-09-09T08:03:12+02:00
Updated the order of how issues are shown in lts-cve-triage command. The reason
is that it is more important to triage new potentially severe
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c5ae7d5f by Ola Lundqvist at 2022-09-09T08:12:36+02:00
Added paramiko to dla-needed.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ee918a8d by Ola Lundqvist at 2022-09-11T22:50:24+02:00
Added openvswitch to dla-needed. There is no known fix for the problem. The
paper suggest a short term workaround to be implemented and long
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
35f425ae by Ola Lundqvist at 2022-09-11T23:35:20+02:00
Added python-django to dla-needed with the motivatioon that some issues was
fixed in stretch so it should be fixed for buster too.
- - - - -
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6983a3cc by Ola Lundqvist at 2022-09-11T23:45:19+02:00
Added ruby-nokogiri to dla-needed with the motivation that the package was
fixed in stretch.
- - - - -
1 changed file:
- data/dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a901342b by Ola Lundqvist at 2022-09-11T23:17:21+02:00
Added mako to dla-needed.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
138c6f71 by Ola Lundqvist at 2022-09-11T23:50:42+02:00
Added ruby-sinatra to dla-needed.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
553b006f by Ola Lundqvist at 2022-09-12T00:01:36+02:00
Added zabbix to dla-needed with the motivation that some CVE was fixed in
stretch.
- - - - -
2 changed files:
- data/CVE/list
-
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b8c1e028 by Ola Lundqvist at 2022-10-31T15:51:43+01:00
Triaged python-cmarkgfm for LTS (buster) and concluded CVE-2022-24724 and
CVE-2022-39209 to be minor issues. Same conclusion as cmark-gfm.
- -
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fa9f9510 by Ola Lundqvist at 2022-11-01T23:57:27+01:00
Marked CVE-2022-42252 as minor issue for buster with the reasoning that the
issue only occur when the system is explicitly configured to ignore
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7d3dc636 by Ola Lundqvist at 2022-11-01T23:45:24+01:00
Added a note to rabbitmq-server.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d3516145 by Ola Lundqvist at 2022-11-02T00:06:13+01:00
Added jupyter-core to dla-needed.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cff0496e by Ola Lundqvist at 2022-12-30T19:45:17+01:00
Marked CVE-2022-23467 as no-dsa since physical access is necessary to exploit
the vulnerability.
- - - - -
1 changed file:
- data/CVE/list
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
00ddf671 by Ola Lundqvist at 2022-12-30T15:15:02+01:00
LTS: add graphite-web to dla-needed.txt
- - - - -
3dfa2782 by Ola Lundqvist at 2022-12-30T15:15:03+01:00
Marked CVE-2020-36627 as no-dsa for
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
03e36bc5 by Ola Lundqvist at 2022-12-27T23:49:56+01:00
LTS: add apache2 to dla-needed.txt
- - - - -
4a728e13 by Ola Lundqvist at 2022-12-28T00:01:13+01:00
LTS: add openvswitch to dla-needed.txt
- -
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
975b5e3f by Ola Lundqvist at 2022-12-31T14:24:31+01:00
Marked CVE-2018-25060 as no-dsa for buster since it is a minor issue.
- - - - -
03ff8af0 by Ola Lundqvist at 2022-12-31T14:28:50+01:00
LTS: add
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7535cac9 by Ola Lundqvist at 2022-12-31T14:34:02+01:00
LTS: add 389-ds-base to dla-needed.txt
- - - - -
62569b8c by Ola Lundqvist at 2022-12-31T14:36:54+01:00
LTS: add python-oslo.privsep to
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9aae874e by Ola Lundqvist at 2022-12-31T14:18:15+01:00
Marked CVE-2020-36367 as no-dsa since it is a minor issue.
- - - - -
1 changed file:
- data/CVE/list
Changes:
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
57fcc46b by Ola Lundqvist at 2022-12-31T14:54:29+01:00
Marked CVE-2022-23520, CVE-2022-23519 and CVE-2022-23517 as no-dsa or postponed
for bustser.
- - - - -
1 changed file:
- data/CVE/list
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4bae6fd2 by Ola Lundqvist at 2022-12-31T15:06:01+01:00
Marked CVE-2020-23599 as no-dsa for buster.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
335f5b24 by Ola Lundqvist at 2022-12-31T15:15:31+01:00
LTS: add ruby-sidekiq to dla-needed.txt
- - - - -
9ff425fd by Ola Lundqvist at 2022-12-31T15:15:42+01:00
LTS: add ruby-sinatra to dla-needed.txt
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
eaa7ac3f by Ola Lundqvist at 2022-12-31T14:59:56+01:00
Marked CVE-2022-23514 and CVE-2022-23516 as no-dsa for buster.
- - - - -
6b93acdc by Ola Lundqvist at 2022-12-31T15:00:19+01:00
LTS: add
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a4dfbae2 by Ola Lundqvist at 2023-01-01T15:12:42+01:00
LTS: add nheko to dla-needed.txt
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c62e0807 by Ola Lundqvist at 2023-01-01T14:58:17+01:00
LTS: add snakeyaml to dla-needed.txt
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fb87e8e5 by Ola Lundqvist at 2023-01-01T15:04:54+01:00
Reverted d2c2b240ffcc27edbc1008b66866fe49a62457dd since it is unclear whether
nvidia drivers are supported in buster or not.
- - - - -
f1f6f5eb
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
33e39279 by Ola Lundqvist at 2023-01-01T15:18:44+01:00
Marked CVE-2022-39209 and CVE-2022-24724 as no-dsa for buster following the
same line as other packages in the same CVEs.
- - - - -
264fbf07 by
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
58fded44 by Ola Lundqvist at 2022-12-29T22:33:26+01:00
Marked CVE-2021-35065 as no-dsa for buster following decision for bullseye.
- - - - -
5dd44285 by Ola Lundqvist at 2022-12-29T22:33:28+01:00
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2e3d48cd by Ola Lundqvist at 2022-12-27T23:12:13+01:00
Marked first batch of CVEs for nvidia-graphics-drivers package as no-dsa for
buster since non-free is not supported.
- - - - -
1 changed
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5956f9b4 by Ola Lundqvist at 2022-12-27T23:17:50+01:00
LTS: add emacs to dla-needed.txt
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
78a3d6a8 by Ola Lundqvist at 2022-12-27T23:24:23+01:00
Decided to postpone CVE-2022-47927 for buster followint the decision for
bullseye.
- - - - -
7d5d0e57 by Ola Lundqvist at
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d2c2b240 by Ola Lundqvist at 2022-12-27T23:42:55+01:00
Marked second batch of CVEs for nvidia-graphics-drivers package as no-dsa for
buster since non-free is not supported.
- - - - -
1 changed
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2c6923bf by Ola Lundqvist at 2022-10-31T20:49:44+01:00
Marked CVE-2022-42920 for node-minimatch as no-dsa for buster following
decision for bullseye.
- - - - -
1 changed file:
- data/CVE/list
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
77facee8 by Ola Lundqvist at 2022-10-31T21:12:41+01:00
Added ceph to dla-needed. Do not have good enough experience with ceph to
conclude whether the vulnerability can be exploited in a Debian
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5822ccf1 by Ola Lundqvist at 2022-10-31T20:35:02+01:00
Added ntfs-3g to dla-needed.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d3fa28df by Ola Lundqvist at 2022-11-05T22:43:20+01:00
Added sudo to dla-needed. It may not be the most important fix but sudo is a
very important function so better to be sure.
- - - - -
1
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7b0dc57e by Ola Lundqvist at 2022-11-05T22:55:01+01:00
Added pixman to dla-needed. It was hard to judge the severity of the issue so
decided that it is better to fix the issue than not to and the fix
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1c7d0793 by Ola Lundqvist at 2022-11-05T22:32:39+01:00
Added php-cas to dla-needed with a note that it should be investigated further
because the fix is not backwards compatible.
- - - - -
1
Ola Lundqvist pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
094f3e24 by Ola Lundqvist at 2022-11-05T22:24:34+01:00
Added nodejs to dla-needed following the decision to add it to dsa-needed.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
1 - 100 of 234 matches
Mail list logo