[Secure-testing-commits] r33256 - data

2015-03-30 Thread Markus Koschany
:06:06 UTC (rev 33255) +++ data/dla-needed.txt 2015-03-30 17:08:18 UTC (rev 33256) @@ -7,7 +7,9 @@ To pick an issue, simply add your name behind it. -- -checkpw +checkpw (Markus Koschany) +https://lists.debian.org/debian-lts/2015/03/msg00093.html +Debdiff and fix available. Needs review

[Secure-testing-commits] r33258 - data

2015-03-30 Thread Markus Koschany
Author: apo-guest Date: 2015-03-30 17:16:00 + (Mon, 30 Mar 2015) New Revision: 33258 Modified: data/dla-needed.txt Log: Grooming. Remove trailing whitespace in dla-needed.txt Modified: data/dla-needed.txt === ---

[Secure-testing-commits] r33257 - data

2015-03-30 Thread Markus Koschany
-03-30 17:08:18 UTC (rev 33256) +++ data/dla-needed.txt 2015-03-30 17:11:47 UTC (rev 33257) @@ -11,7 +11,11 @@ https://lists.debian.org/debian-lts/2015/03/msg00093.html Debdiff and fix available. Needs review and sponsor. -- -commons-httpclient +commons-httpclient (Markus Koschany

[Secure-testing-commits] r33255 - data

2015-03-30 Thread Markus Koschany
Author: apo-guest Date: 2015-03-30 17:06:06 + (Mon, 30 Mar 2015) New Revision: 33255 Modified: data/dla-needed.txt Log: Remove libspring-2.5-java entry because the last CVE was misassigned to that package Modified: data/dla-needed.txt

[Secure-testing-commits] r34270 - data

2015-05-14 Thread Markus Koschany
-needed.txt 2015-05-14 09:11:01 UTC (rev 34269) +++ data/dla-needed.txt 2015-05-14 10:18:56 UTC (rev 34270) @@ -8,10 +8,10 @@ -- commons-httpclient (Markus Koschany) -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758086#50 -Debdiff and patch for Jessie and Sid available. Debian Java

[Secure-testing-commits] r34606 - data

2015-05-31 Thread Markus Koschany
Author: apo-guest Date: 2015-05-31 11:38:06 + (Sun, 31 May 2015) New Revision: 34606 Modified: data/embedded-code-copies Log: embedded-code-copies: Spring does not embed oscpack anymore Modified: data/embedded-code-copies

[Secure-testing-commits] r34594 - data

2015-05-30 Thread Markus Koschany
-needed.txt 2015-05-30 10:21:21 UTC (rev 34593) +++ data/dla-needed.txt 2015-05-30 13:44:10 UTC (rev 34594) @@ -24,9 +24,10 @@ -- jqueryui (Holger Levsen) -- -libapache-mod-jk - Markus Koschany will take care of it - http://lists.debian.org/5564ab86.3000...@gambaru.de +libapache-mod-jk (Markus

[Secure-testing-commits] r42276 - data

2016-06-02 Thread Markus Koschany
2016-06-02 20:27:47 UTC (rev 42275) +++ data/dla-needed.txt 2016-06-02 20:58:37 UTC (rev 42276) @@ -45,9 +45,10 @@ -- libxslt (Emilio Pozuelo) -- -libxstream-java (jmm) +libxstream-java (Markus Koschany) Emmanuel Bourg proposed debdiff for both wheezy- and jessie-security waiting

[Secure-testing-commits] r42365 - org

2016-06-06 Thread Markus Koschany
.2016.txt 2016-06-06 21:31:13 UTC (rev 42364) +++ org/lts-frontdesk.2016.txt 2016-06-07 03:27:02 UTC (rev 42365) @@ -37,29 +37,29 @@ From 13-06 to 19-06:Markus Koschany <a...@debian.org> From 20-06 to 26-06:Thorsten Alteholz <alteh...@debian.org> From 27-06 to 03-07:Chris Lamb

[Secure-testing-commits] r42343 - in data: . DLA

2016-06-06 Thread Markus Koschany
=== --- data/dla-needed.txt 2016-06-06 05:43:42 UTC (rev 42342) +++ data/dla-needed.txt 2016-06-06 09:06:21 UTC (rev 42343) @@ -46,11 +46,6 @@ -- libxslt (Emilio Pozuelo) -- -libxstream-java (Markus Koschany) - Emmanuel Bourg proposed

[Secure-testing-commits] r42395 - in data: . DLA

2016-06-08 Thread Markus Koschany
-8379 No official solution is currently available, 20160425 -- -expat (Markus Koschany) --- extplorer NOTE: 20160529, no fix yet -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http

[Secure-testing-commits] r42397 - data

2016-06-08 Thread Markus Koschany
/dla-needed.txt 2016-06-08 09:10:11 UTC (rev 42396) +++ data/dla-needed.txt 2016-06-08 09:30:42 UTC (rev 42397) @@ -32,8 +32,6 @@ -- libjackson-json-java -- -libpdfbox-java (Markus Koschany) --- libspring-java The JSON/JaF doesn't appear to be present in wheezy but the content-disposition

[Secure-testing-commits] r42398 - data

2016-06-08 Thread Markus Koschany
-08 09:30:42 UTC (rev 42397) +++ data/dla-needed.txt 2016-06-08 09:42:28 UTC (rev 42398) @@ -36,7 +36,7 @@ The JSON/JaF doesn't appear to be present in wheezy but the content-disposition stuff might be. -- -libtorrent-rasterbar +libtorrent-rasterbar (Markus Koschany) -- libxslt (Emilio

[Secure-testing-commits] r42348 - data

2016-06-06 Thread Markus Koschany
UTC (rev 42347) +++ data/dla-needed.txt 2016-06-06 11:44:26 UTC (rev 42348) @@ -20,7 +20,7 @@ -- dhcpcd5 (Ola Lundqvist) -- -expat +expat (Markus Koschany) -- extplorer NOTE: 20160529, no fix yet ___ Secure-testing-commits mailing list Secure

[Secure-testing-commits] r42347 - in data: . DLA

2016-06-06 Thread Markus Koschany
) @@ -36,8 +36,6 @@ -- libjackson-json-java -- -libpdfbox-java (Markus Koschany) --- libspring-java The JSON/JaF doesn't appear to be present in wheezy but the content-disposition stuff might be. ___ Secure-testing-commits mailing list Secure

[Secure-testing-commits] r42477 - data

2016-06-12 Thread Markus Koschany
if other issues apply too. - NOTE: One maintainer suggests to update to the stable 1.0.x branch - NOTE: https://lists.debian.org/debian-lts/2016/05/msg00016.html +roundcube (Markus Koschany) -- ruby-actionpack-3.2 (Guido Günther) -- ___ Secure-testing

[Secure-testing-commits] r42444 - data/CVE

2016-06-10 Thread Markus Koschany
Author: apo Date: 2016-06-10 17:42:03 + (Fri, 10 Jun 2016) New Revision: 42444 Modified: data/CVE/list Log: Mark CVE-2015-2180 roundcube, wheezy as not affected The dbmail driver does not exist in this version. Modified: data/CVE/list

[Secure-testing-commits] r42446 - data/CVE

2016-06-10 Thread Markus Koschany
Author: apo Date: 2016-06-10 19:17:31 + (Fri, 10 Jun 2016) New Revision: 42446 Modified: data/CVE/list Log: Mark CVE-2016-4096 roundcube, wheezy as not affected program/lib/Roundcube/rcube_washtml.php is called lib/washtml.php in this version but the function is_link_attribute does not

[Secure-testing-commits] r42445 - data/CVE

2016-06-10 Thread Markus Koschany
Author: apo Date: 2016-06-10 17:44:24 + (Fri, 10 Jun 2016) New Revision: 42445 Modified: data/CVE/list Log: Mark CVE-2015-2181 roundcube, wheezy as not affected variable and file not present Modified: data/CVE/list === ---

[Secure-testing-commits] r42447 - data/CVE

2016-06-10 Thread Markus Koschany
Author: apo Date: 2016-06-10 19:20:13 + (Fri, 10 Jun 2016) New Revision: 42447 Modified: data/CVE/list Log: Revert last commit. Roundcube, wheezy is not affected by CVE-2016-5103 Modified: data/CVE/list === ---

[Secure-testing-commits] r42455 - in data: . DLA

2016-06-11 Thread Markus Koschany
) @@ -40,8 +40,6 @@ -- libstruts1.2-java -- -libtorrent-rasterbar (Markus Koschany) --- libxslt (Emilio Pozuelo) -- linux ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin

[Secure-testing-commits] r42021 - data

2016-05-25 Thread Markus Koschany
:56 UTC (rev 42020) +++ data/dla-needed.txt 2016-05-25 18:23:50 UTC (rev 42021) @@ -11,7 +11,7 @@ -- asterisk (Thorsten Alteholz) -- -bozohttpd +bozohttpd (Markus Koschany) -- cacti NOTE: CVE-2016-3659 doesn't have a fix yet, 20160425 ___ Secure

[Secure-testing-commits] r42022 - data/CVE

2016-05-25 Thread Markus Koschany
Author: apo Date: 2016-05-25 18:25:21 + (Wed, 25 May 2016) New Revision: 42022 Modified: data/CVE/list Log: Add link to fix for CVE-2014-5015 Modified: data/CVE/list === --- data/CVE/list 2016-05-25 18:23:50 UTC (rev

[Secure-testing-commits] r42023 - data/CVE

2016-05-25 Thread Markus Koschany
Author: apo Date: 2016-05-25 18:26:57 + (Wed, 25 May 2016) New Revision: 42023 Modified: data/CVE/list Log: Add link to fix for CVE-2015-8212 Modified: data/CVE/list === --- data/CVE/list 2016-05-25 18:25:21 UTC (rev

[Secure-testing-commits] r42030 - in data: . DLA

2016-05-25 Thread Markus Koschany
42030) @@ -11,8 +11,6 @@ -- asterisk (Thorsten Alteholz) -- -bozohttpd (Markus Koschany) --- cacti NOTE: CVE-2016-3659 doesn't have a fix yet, 20160425 NOTE: Maintainer wants to review changes; see https://lists.debian.org/<5724f47d.6090...@debian.

[Secure-testing-commits] r42031 - data/CVE

2016-05-25 Thread Markus Koschany
Author: apo Date: 2016-05-26 04:09:53 + (Thu, 26 May 2016) New Revision: 42031 Modified: data/CVE/list Log: Remove no-dsa wheezy entry from CVE-2014-5015 Modified: data/CVE/list === --- data/CVE/list 2016-05-26

[Secure-testing-commits] r42032 - doc

2016-05-25 Thread Markus Koschany
Author: apo Date: 2016-05-26 04:38:15 + (Thu, 26 May 2016) New Revision: 42032 Modified: doc/DLA.template Log: Update DLA.template Modified: doc/DLA.template === --- doc/DLA.template2016-05-26 04:09:53 UTC (rev 42031)

[Secure-testing-commits] r42246 - data

2016-06-02 Thread Markus Koschany
:10:09 UTC (rev 42245) +++ data/dla-needed.txt 2016-06-02 09:26:24 UTC (rev 42246) @@ -32,7 +32,7 @@ -- libjackson-json-java -- -libpdfbox-java +libpdfbox-java (Markus Koschany) -- libspring-java The JSON/JaF doesn't appear to be present in wheezy

[Secure-testing-commits] r42244 - data/CVE

2016-06-02 Thread Markus Koschany
Author: apo Date: 2016-06-02 08:19:18 + (Thu, 02 Jun 2016) New Revision: 42244 Modified: data/CVE/list Log: CVE-2016-5118: Add link to upstream's reproducer and patch Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r42234 - data/DLA

2016-06-01 Thread Markus Koschany
Author: apo Date: 2016-06-02 05:59:33 + (Thu, 02 Jun 2016) New Revision: 42234 Modified: data/DLA/list Log: Reserve DLA-501-1 for gdk-pixbuf Modified: data/DLA/list === --- data/DLA/list 2016-06-02 05:11:25 UTC (rev

[Secure-testing-commits] r42243 - in data: . DLA

2016-06-02 Thread Markus Koschany
@@ NOTE: .debdiff sent to the Security Team, waiting for feedback NOTE: asked about jessie status (seb) -- -graphicsmagick (Markus Koschany) --- icu (Roberto C. Sánchez) NOTE: check comments on CVE-2016-0494 as well -- ___ Secure-testing

[Secure-testing-commits] r42239 - data/DLA

2016-06-02 Thread Markus Koschany
Author: apo Date: 2016-06-02 06:21:58 + (Thu, 02 Jun 2016) New Revision: 42239 Modified: data/DLA/list Log: Mark CVE-2015-7552 as not fixed in DLA-450-1 Modified: data/DLA/list === --- data/DLA/list 2016-06-02 06:18:19

[Secure-testing-commits] r42159 - data

2016-05-30 Thread Markus Koschany
:53:48 UTC (rev 42158) +++ data/dla-needed.txt 2016-05-30 17:54:09 UTC (rev 42159) @@ -25,6 +25,8 @@ NOTE: .debdiff sent to the Security Team, waiting for feedback NOTE: asked about jessie status (seb) -- +graphicsmagick (Markus Koschany) +-- icu (Roberto C. Sánchez) NOTE: check comments

[Secure-testing-commits] r42162 - data/CVE

2016-05-30 Thread Markus Koschany
Author: apo Date: 2016-05-30 17:56:23 + (Mon, 30 May 2016) New Revision: 42162 Modified: data/CVE/list Log: Add link to fix for CVE-2016-5118 Modified: data/CVE/list === --- data/CVE/list 2016-05-30 17:55:33 UTC (rev

[Secure-testing-commits] r42699 - data

2016-06-22 Thread Markus Koschany
: data/dla-needed.txt === --- data/dla-needed.txt 2016-06-22 17:42:19 UTC (rev 42698) +++ data/dla-needed.txt 2016-06-22 18:48:00 UTC (rev 42699) @@ -35,6 +35,8 @@ -- libarchive (Markus Koschany) -- +libcommons-fileupload-java

[Secure-testing-commits] r42700 - data/CVE

2016-06-22 Thread Markus Koschany
Author: apo Date: 2016-06-22 18:49:59 + (Wed, 22 Jun 2016) New Revision: 42700 Modified: data/CVE/list Log: CVE-2016-3092: Add links to fix and upstream advisory Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r42701 - data/CVE

2016-06-22 Thread Markus Koschany
Author: apo Date: 2016-06-22 19:03:24 + (Wed, 22 Jun 2016) New Revision: 42701 Modified: data/CVE/list Log: CVE-2016-1621: libvpx in Wheezy is not affected vulnerable code is not present because webm module not yet included Modified: data/CVE/list

[Secure-testing-commits] r42709 - data/CVE

2016-06-22 Thread Markus Koschany
Author: apo Date: 2016-06-22 22:37:51 + (Wed, 22 Jun 2016) New Revision: 42709 Modified: data/CVE/list Log: CVE-2016-4487: Mark vulnerability as no-dsa for Wheezy. Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r42708 - data/CVE

2016-06-22 Thread Markus Koschany
Author: apo Date: 2016-06-22 22:32:29 + (Wed, 22 Jun 2016) New Revision: 42708 Modified: data/CVE/list Log: CVE-2016-4488: Mark vulnerability as no-dsa for Wheezy Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r42710 - data/CVE

2016-06-22 Thread Markus Koschany
Author: apo Date: 2016-06-22 22:41:34 + (Wed, 22 Jun 2016) New Revision: 42710 Modified: data/CVE/list Log: CVE-2016-2226: Mark vulnerability as no-dsa for Wheezy Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r42706 - data/CVE

2016-06-22 Thread Markus Koschany
Author: apo Date: 2016-06-22 22:28:15 + (Wed, 22 Jun 2016) New Revision: 42706 Modified: data/CVE/list Log: CVE-2016-4490: Mark vulnerability as no-dsa for Wheezy Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r42705 - data/CVE

2016-06-22 Thread Markus Koschany
Author: apo Date: 2016-06-22 22:25:58 + (Wed, 22 Jun 2016) New Revision: 42705 Modified: data/CVE/list Log: CVE-2016-4491: Mark vulnerability as no-dsa for Wheezy Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r42707 - data/CVE

2016-06-22 Thread Markus Koschany
Author: apo Date: 2016-06-22 22:30:16 + (Wed, 22 Jun 2016) New Revision: 42707 Modified: data/CVE/list Log: CVE-2016-4489: Mark vulnerability as no-dsa for Wheezy Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r42741 - data

2016-06-23 Thread Markus Koschany
Author: apo Date: 2016-06-23 13:43:35 + (Thu, 23 Jun 2016) New Revision: 42741 Modified: data/dla-needed.txt Log: Add pidgin to dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2016-06-23 08:21:22 UTC

[Secure-testing-commits] r42703 - data/CVE

2016-06-22 Thread Markus Koschany
Author: apo Date: 2016-06-22 20:03:27 + (Wed, 22 Jun 2016) New Revision: 42703 Modified: data/CVE/list Log: CVE-2016-4492: Mark vulnerability in Wheezy as no-dsa Modified: data/CVE/list === --- data/CVE/list 2016-06-22

[Secure-testing-commits] r42702 - data/CVE

2016-06-22 Thread Markus Koschany
Author: apo Date: 2016-06-22 19:37:58 + (Wed, 22 Jun 2016) New Revision: 42702 Modified: data/CVE/list Log: CVE-2016-4493: Mark vulnerability as no-dsa for Wheezy Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r42650 - data/CVE

2016-06-20 Thread Markus Koschany
Author: apo Date: 2016-06-20 12:03:40 + (Mon, 20 Jun 2016) New Revision: 42650 Modified: data/CVE/list Log: CVE-2016-4970: wheezy is not affected. Same version as in Jessie. Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r42647 - data

2016-06-20 Thread Markus Koschany
Author: apo Date: 2016-06-20 11:29:20 + (Mon, 20 Jun 2016) New Revision: 42647 Modified: data/dla-needed.txt Log: Add clamav to dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2016-06-20 04:51:03 UTC

[Secure-testing-commits] r42657 - data

2016-06-20 Thread Markus Koschany
-06-20 17:39:07 UTC (rev 42656) +++ data/dla-needed.txt 2016-06-20 17:42:36 UTC (rev 42657) @@ -43,7 +43,7 @@ -- mat -- -mysql-connector-java +mysql-connector-java (Markus Koschany) -- nss NOTE: Not 100% this applies to wheezy yet; can't find the changeset and the diff between NSS 3.22

[Secure-testing-commits] r42755 - data

2016-06-23 Thread Markus Koschany
Author: apo Date: 2016-06-23 17:25:42 + (Thu, 23 Jun 2016) New Revision: 42755 Modified: data/dla-needed.txt Log: Add phpmyadmin to dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2016-06-23 16:59:44

[Secure-testing-commits] r39000 - data

2016-01-18 Thread Markus Koschany
:13:20 UTC (rev 38999) +++ data/dla-needed.txt 2016-01-18 17:19:22 UTC (rev 39000) @@ -44,7 +44,7 @@ pound NOTE: updating to the wheezy option might be less error prone -- -radicale +radicale (Markus Koschany) -- tiff -- ___ Secure-testing-commits

[Secure-testing-commits] r42790 - in data: . DLA

2016-06-25 Thread Markus Koschany
+51,6 @@ -- mat -- -mysql-connector-java (Markus Koschany) --- nss (Emilio Pozuelo) NOTE: Not 100% this applies to wheezy yet; can't find the changeset and the diff between NSS 3.22 and 3.23 is very large. -- ___ Secure-testing-commits mailing list

[Secure-testing-commits] r42806 - data/CVE

2016-06-26 Thread Markus Koschany
Author: apo Date: 2016-06-26 18:00:14 + (Sun, 26 Jun 2016) New Revision: 42806 Modified: data/CVE/list Log: CVE-2016-3092: Tomcat 6 is not affected Modified: data/CVE/list === --- data/CVE/list 2016-06-26 14:01:44

[Secure-testing-commits] r42807 - data

2016-06-26 Thread Markus Koschany
=== --- data/dla-needed.txt 2016-06-26 18:00:14 UTC (rev 42806) +++ data/dla-needed.txt 2016-06-26 18:01:41 UTC (rev 42807) @@ -103,8 +103,6 @@ -- tiff3 -- -tomcat6 (Markus Koschany) --- tomcat7 (Markus Koschany) -- wget (Thorsten Alteholz) ___ Secure

[Secure-testing-commits] r42809 - in data: . DLA

2016-06-26 Thread Markus Koschany
) @@ -101,8 +101,6 @@ -- tiff3 -- -tomcat7 (Markus Koschany) --- wget (Thorsten Alteholz) -- wireshark (Balint Reczey) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman

[Secure-testing-commits] r42808 - in data: . DLA

2016-06-26 Thread Markus Koschany
42808) @@ -36,8 +36,6 @@ -- libarchive (Markus Koschany) -- -libcommons-fileupload-java (Markus Koschany) --- libgd2 (Thorsten Alteholz) -- libjackson-json-java ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org

[Secure-testing-commits] r42810 - data/DLA

2016-06-26 Thread Markus Koschany
Author: apo Date: 2016-06-26 19:22:55 + (Sun, 26 Jun 2016) New Revision: 42810 Modified: data/DLA/list Log: Reserve DLA-530-1 for java-common Modified: data/DLA/list === --- data/DLA/list 2016-06-26 18:05:39 UTC (rev

[Secure-testing-commits] r39452 - in data: . DLA

2016-02-04 Thread Markus Koschany
) -- -openjdk-6 (Markus Koschany) --- php5 (Thorsten Alteholz) NOTE: next upload end of December -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure

[Secure-testing-commits] r39559 - data/CVE

2016-02-09 Thread Markus Koschany
Author: apo-guest Date: 2016-02-09 13:07:20 + (Tue, 09 Feb 2016) New Revision: 39559 Modified: data/CVE/list Log: CVE-2014-3566 is fixed in wheezy for lighttpd 1.4.31-4+deb7u3 Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r39806 - data

2016-02-22 Thread Markus Koschany
UTC (rev 39805) +++ data/dla-needed.txt 2016-02-22 12:54:25 UTC (rev 39806) @@ -9,7 +9,7 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues -- -bsh +bsh (Markus Koschany) -- cacti NOTE: Issue being disputed, check https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=814353

[Secure-testing-commits] r39959 - data/CVE

2016-02-26 Thread Markus Koschany
Author: apo-guest Date: 2016-02-26 19:59:55 + (Fri, 26 Feb 2016) New Revision: 39959 Modified: data/CVE/list Log: CVE-2015-5346 Remove fixed version for Tomcat 6 Modified: data/CVE/list === --- data/CVE/list 2016-02-26

[Secure-testing-commits] r40004 - data/CVE

2016-02-28 Thread Markus Koschany
Author: apo-guest Date: 2016-02-28 13:51:43 + (Sun, 28 Feb 2016) New Revision: 40004 Modified: data/CVE/list Log: Mark CVE-2015-5351 as fixed since 6.0.45-1~deb6u1 The upstream advisory makes no reference about the 6.x series but looking at the code reveals that this issue was also fixed

[Secure-testing-commits] r40018 - data

2016-02-28 Thread Markus Koschany
:18 UTC (rev 40017) +++ data/dla-needed.txt 2016-02-28 18:26:38 UTC (rev 40018) @@ -58,7 +58,7 @@ -- xymon (Chris Lamb) -- -pcre3 +pcre3 (Markus Koschany) -- policykit-1 -- ___ Secure-testing-commits mailing list Secure-testing-commits

[Secure-testing-commits] r40057 - in data: . DLA

2016-02-29 Thread Markus Koschany
@@ -- openssl -- -pcre3 (Markus Koschany) --- php5 (Thorsten Alteholz) NOTE: next upload end of December -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure

[Secure-testing-commits] r40059 - in data: . DLA

2016-02-29 Thread Markus Koschany
/Development#Triage_new_security_issues -- -bsh (Markus Koschany) --- cacti NOTE: Issue being disputed, check https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=814353#10 -- ___ Secure-testing-commits mailing list Secure-testing-commits

[Secure-testing-commits] r39953 - data

2016-02-26 Thread Markus Koschany
:51:31 UTC (rev 39952) +++ data/dla-needed.txt 2016-02-26 14:25:29 UTC (rev 39953) @@ -62,7 +62,7 @@ -- xymon (Chris Lamb) -- -tomcat6 +tomcat6 (Markus Koschany) -- pcre3 -- ___ Secure-testing-commits mailing list Secure-testing-commits

[Secure-testing-commits] r39992 - in data: . DLA

2016-02-27 Thread Markus Koschany
(Markus Koschany) --- pcre3 -- policykit-1 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39993 - data/DLA

2016-02-27 Thread Markus Koschany
Author: apo-guest Date: 2016-02-27 18:45:30 + (Sat, 27 Feb 2016) New Revision: 39993 Modified: data/DLA/list Log: Reserve only DLA-435-1 Modified: data/DLA/list === --- data/DLA/list 2016-02-27 18:43:06 UTC (rev 39992)

[Secure-testing-commits] r39958 - data/CVE

2016-02-26 Thread Markus Koschany
Author: apo-guest Date: 2016-02-26 19:39:16 + (Fri, 26 Feb 2016) New Revision: 39958 Modified: data/CVE/list Log: Triage CVE-2015-5346. Mark as minor issue and no-dsa for Tomcat 6 Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r39208 - in data: . DLA

2016-01-26 Thread Markus Koschany
@@ php5 (Thorsten Alteholz) NOTE: next upload end of December -- -radicale (Markus Koschany) --- tiff -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo

[Secure-testing-commits] r39210 - data/DLA

2016-01-26 Thread Markus Koschany
Author: apo-guest Date: 2016-01-26 19:36:57 + (Tue, 26 Jan 2016) New Revision: 39210 Modified: data/DLA/list Log: Fix version number of DLA-403 Modified: data/DLA/list === --- data/DLA/list 2016-01-26 19:27:36 UTC (rev

[Secure-testing-commits] r39638 - data

2016-02-12 Thread Markus Koschany
:10:13 UTC (rev 39637) +++ data/dla-needed.txt 2016-02-12 22:53:41 UTC (rev 39638) @@ -51,5 +51,5 @@ -- xymon (Chris Lamb) -- -wordpress +wordpress (Markus Koschany) -- ___ Secure-testing-commits mailing list Secure-testing-commits

[Secure-testing-commits] r39722 - in data: . DLA

2016-02-16 Thread Markus Koschany
+64,3 @@ -- xymon (Chris Lamb) -- -wordpress (Markus Koschany) --- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r39755 - data

2016-02-18 Thread Markus Koschany
-18 08:16:31 UTC (rev 39754) +++ data/dla-needed.txt 2016-02-18 13:35:42 UTC (rev 39755) @@ -60,7 +60,7 @@ php5 (Thorsten Alteholz) NOTE: next upload end of December -- -python-imaging +python-imaging (Markus Koschany) -- tiff -- ___ Secure

[Secure-testing-commits] r39795 - in data: . DLA

2016-02-21 Thread Markus Koschany
@@ php5 (Thorsten Alteholz) NOTE: next upload end of December -- -python-imaging (Markus Koschany) --- tiff -- xymon (Chris Lamb) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http

[Secure-testing-commits] r39796 - data/CVE

2016-02-21 Thread Markus Koschany
Author: apo-guest Date: 2016-02-21 13:53:06 + (Sun, 21 Feb 2016) New Revision: 39796 Modified: data/CVE/list Log: Mark pillow, python-imaging prior version 2.7 as not-affected Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r39395 - org

2016-02-01 Thread Markus Koschany
-From 11-04 to 17-04: +From 11-04 to 17-04:Markus Koschany <a...@debian.org> From 18-04 to 24-04: From 25-04 to 01-05: From 02-05 to 08-05: ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.

[Secure-testing-commits] r39396 - data

2016-02-01 Thread Markus Koschany
:05:20 UTC (rev 39395) +++ data/dla-needed.txt 2016-02-01 18:11:07 UTC (rev 39396) @@ -63,7 +63,7 @@ ntp NOTE: maybe maintainer wants to upload package (as done before) -- -openjdk-6 +openjdk-6 (Markus Koschany) -- openssh (Guido Günther

[Secure-testing-commits] r40451 - data

2016-03-18 Thread Markus Koschany
:10:24 UTC (rev 40450) +++ data/dsa-needed.txt 2016-03-18 14:43:53 UTC (rev 40451) @@ -78,7 +78,7 @@ -- tomcat6 (Markus Koschany) -- -tomcat7 +tomcat7 (Markus Koschany) -- tomcat8 -- ___ Secure-testing-commits mailing list Secure-testing-commits

[Secure-testing-commits] r40508 - data

2016-03-21 Thread Markus Koschany
:11 UTC (rev 40507) +++ data/dsa-needed.txt 2016-03-21 22:31:30 UTC (rev 40508) @@ -35,6 +35,8 @@ no-dsa bugs CVE-2014-8354 CVE-2014-8355 CVE-2014-8562 CVE-2014-8716 should be fixed along -- +imlib2 (Markus Koschany) +-- inspircd/oldstable (Thorsten Alteholz) NOTE: .debdiff sent

[Secure-testing-commits] r40561 - data

2016-03-24 Thread Markus Koschany
-03-24 16:33:35 UTC (rev 40560) +++ data/dsa-needed.txt 2016-03-24 17:02:13 UTC (rev 40561) @@ -41,6 +41,7 @@ NOTE: debdiff sent to the Security Team on 2016-03-21 -- libebml (Markus Koschany) + NOTE: debdiff sent to the Security Team on 2016-03-24 -- libidn Working debdiff for wheezy

[Secure-testing-commits] r40529 - data

2016-03-22 Thread Markus Koschany
:10:14 UTC (rev 40528) +++ data/dsa-needed.txt 2016-03-23 00:06:25 UTC (rev 40529) @@ -42,6 +42,8 @@ NOTE: OK Thorsten's upload (seb) NOTE: .debdiff sent to the Security Team, waiting for feedback -- +libebml (Markus Koschany) +-- libidn Working debdiff for wheezy-security at https

[Secure-testing-commits] r40087 - data

2016-03-01 Thread Markus Koschany
=== --- data/dsa-needed.txt 2016-03-01 12:37:25 UTC (rev 40086) +++ data/dsa-needed.txt 2016-03-01 12:51:17 UTC (rev 40087) @@ -76,7 +76,7 @@ -- tiff3 -- -tomcat6 +tomcat6 (Markus Koschany) -- tomcat7

[Secure-testing-commits] r40634 - data

2016-03-29 Thread Markus Koschany
:13 UTC (rev 40633) +++ data/dsa-needed.txt 2016-03-29 18:03:48 UTC (rev 40634) @@ -87,6 +87,8 @@ -- squid/oldstable -- +srtp (Markus Koschany) +-- tardiff fw asked maintainer for preparing debdiffs for wheezy- and jessie-security -- ___ Secure

[Secure-testing-commits] r40509 - data

2016-03-21 Thread Markus Koschany
:31:30 UTC (rev 40508) +++ data/dsa-needed.txt 2016-03-22 00:06:38 UTC (rev 40509) @@ -74,6 +74,8 @@ redmine/stable Updates proposed by terceiro, check debdiff -- +roundcube/oldstable (Markus Koschany) +-- smarty3/oldstable NOTE: https://lists.debian.org/debian-lts/2016/03/msg0.html

[Secure-testing-commits] r41220 - data

2016-04-26 Thread Markus Koschany
:13 UTC (rev 41219) +++ data/dla-needed.txt 2016-04-26 21:19:20 UTC (rev 41220) @@ -62,7 +62,7 @@ NOTE: maintainer wants to upload package (as done before) NOTE: <20160213161710.ga9...@roeckx.be> -- -openjdk-7 +openjdk-7 (Markus Koschany) -- o

[Secure-testing-commits] r41202 - data

2016-04-26 Thread Markus Koschany
10:46:52 UTC (rev 41201) +++ data/dla-needed.txt 2016-04-26 11:20:33 UTC (rev 41202) @@ -78,6 +78,8 @@ samba Samba maintainers are preparing updates for regressions -- +smarty3 (Markus Koschany) +-- squid -- tardiff ___ Secure-testing-commits

[Secure-testing-commits] r41204 - org

2016-04-26 Thread Markus Koschany
<ch...@chris-lamb.co.uk> -From 13-06 to 19-06: +From 13-06 to 19-06:Markus Koschany <a...@debian.org> From 20-06 to 26-06:Thorsten Alteholz <alteh...@debian.org> From 27-06 to 03-07: From 04-07 to 10-07:Chris Lamb <ch...@chris-lamb.co.uk> __

[Secure-testing-commits] r41201 - data/CVE

2016-04-26 Thread Markus Koschany
Author: apo Date: 2016-04-26 10:46:52 + (Tue, 26 Apr 2016) New Revision: 41201 Modified: data/CVE/list Log: Add CVE-2016-2849/botan1.10 Modified: data/CVE/list === --- data/CVE/list 2016-04-26 09:58:11 UTC (rev 41200)

[Secure-testing-commits] r41306 - in data: . DLA

2016-04-30 Thread Markus Koschany
(rev 41305) +++ data/dla-needed.txt 2016-04-30 09:33:56 UTC (rev 41306) @@ -11,8 +11,6 @@ -- asterisk (Thorsten Alteholz) -- -botan1.10 (Markus Koschany) --- cacti NOTE: CVE-2016-3659 doesn't have a fix yet, 20160425 -- ___ Secure-testing-commits

[Secure-testing-commits] r41317 - in data: . DLA

2016-04-30 Thread Markus Koschany
41316) +++ data/dla-needed.txt 2016-04-30 17:40:59 UTC (rev 41317) @@ -19,8 +19,6 @@ -- extplorer (Thorsten Alteholz) -- -gdk-pixbuf (Markus Koschany) --- gosa (Mike Gabriel) NOTE: .debdiff sent to the Security Team, waiting for feedback NOTE: asked about jessie status (seb

[Secure-testing-commits] r41259 - data

2016-04-28 Thread Markus Koschany
-04-28 16:04:31 UTC (rev 41258) +++ data/dla-needed.txt 2016-04-28 17:00:29 UTC (rev 41259) @@ -21,6 +21,8 @@ -- extplorer (Thorsten Alteholz) -- +gdk-pixbuf (Markus Koschany) +-- gosa (Mike Gabriel) NOTE: .debdiff sent to the Security Team, waiting for feedback NOTE: asked about jessie

[Secure-testing-commits] r41929 - data/CVE

2016-05-21 Thread Markus Koschany
Author: apo Date: 2016-05-21 16:32:55 + (Sat, 21 May 2016) New Revision: 41929 Modified: data/CVE/list Log: CVE-2016-2317: Add more links to patches. Modified: data/CVE/list === --- data/CVE/list 2016-05-21 14:22:04

[Secure-testing-commits] r41931 - in data: . DLA

2016-05-21 Thread Markus Koschany
(rev 41930) +++ data/dla-needed.txt 2016-05-21 18:08:56 UTC (rev 41931) @@ -31,8 +31,6 @@ NOTE: .debdiff sent to the Security Team, waiting for feedback NOTE: asked about jessie status (seb) -- -graphicsmagick (Markus Koschany) --- icu (Roberto C. Sánchez) NOTE: check comments on CVE-2016

[Secure-testing-commits] r41930 - data/CVE

2016-05-21 Thread Markus Koschany
Author: apo Date: 2016-05-21 16:35:00 + (Sat, 21 May 2016) New Revision: 41930 Modified: data/CVE/list Log: CVE-2016-2318: Add link to patch Modified: data/CVE/list === --- data/CVE/list 2016-05-21 16:32:55 UTC (rev

[Secure-testing-commits] r41918 - data/CVE

2016-05-20 Thread Markus Koschany
Author: apo Date: 2016-05-20 21:03:37 + (Fri, 20 May 2016) New Revision: 41918 Modified: data/CVE/list Log: Add FIX for CVE-2016-2317 Modified: data/CVE/list === --- data/CVE/list 2016-05-20 20:31:52 UTC (rev 41917)

[Secure-testing-commits] r41895 - in data: . DLA

2016-05-19 Thread Markus Koschany
.) -- -expat (Markus Koschany) --- extplorer (Thorsten Alteholz) NOTE: package for testing uploaded -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo

[Secure-testing-commits] r41896 - in data: . CVE

2016-05-19 Thread Markus Koschany
Author: apo Date: 2016-05-19 19:37:39 + (Thu, 19 May 2016) New Revision: 41896 Modified: data/CVE/list data/dla-needed.txt Log: Mark sogo as unsupported in Wheezy LTS. Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r41679 - in data: . DLA

2016-05-12 Thread Markus Koschany
@@ -- libtasn1-3 (Thorsten Alteholz) -- -libuser (Markus Koschany) - NOTE: More information and fixing commit in https://bugs.debian.org/793465 --- libxml2 NOTE: 20160226, no fix available yet -- ___ Secure-testing-commits mailing list Secure

[Secure-testing-commits] r41816 - data/CVE

2016-05-17 Thread Markus Koschany
Author: apo Date: 2016-05-17 19:36:58 + (Tue, 17 May 2016) New Revision: 41816 Modified: data/CVE/list Log: Mark xymon CVE-2016-2057 as not-affected Modified: data/CVE/list === --- data/CVE/list 2016-05-17 19:21:36 UTC

  1   2   3   4   5   6   7   8   >