51800)
+++ data/dla-needed.txt 2017-05-21 21:05:09 UTC (rev 51801)
@@ -86,9 +86,11 @@
--
openjdk-7 (Emilio Pozuelo)
--
-postgresql-8.4
+postgresql-8.4 (Thorsten Alteholz)
+ NOTE: 20170521, asking maintainer whether this version is affected
--
-postgresql-9.1
+postgresql-9.1 (Thorsten Alteholz
Author: alteholz
Date: 2017-05-28 13:39:48 + (Sun, 28 May 2017)
New Revision: 52029
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-958-1 for libonig
Modified: data/DLA/list
===
--- data/DLA/list
)
+++ data/dla-needed.txt 2017-05-28 13:53:20 UTC (rev 52030)
@@ -25,7 +25,7 @@
NOTE: 20170524, packages are prepared and a call for testing was sent to
debian-lts@l.d.o
--
jasper (Thorsten Alteholz)
- NOTE: 20170523, no patch available for the remaining CVEs yet
+ NOTE: 20170528, no patch
52027)
@@ -49,9 +49,6 @@
libpodofo
NOTE: maintainer asked for a review
--
-libsndfile (Thorsten Alteholz)
- NOTE: giving maintainer some time to respond to email
---
libxml2 (Thorsten Alteholz)
NOTE: 20170523, patches suggested but not accepted, bugs not yet public
-needed.txt 2017-05-28 13:19:56 UTC (rev 52028)
@@ -14,9 +14,6 @@
NOTE: 24031017: No upstream patch available yet. Have pinged bug#.
NOTE: Currently working on a patch fixing CVE-2017-6960 --Hugo
--
-bind9 (Thorsten Alteholz)
- NOTE: test package at
https://people.debian.org/~alteholz
:45 UTC (rev 52064)
+++ data/dla-needed.txt 2017-05-29 12:48:55 UTC (rev 52065)
@@ -74,8 +74,8 @@
NOTE: check added by the patch needs to be added after the
NOTE: png_get_rowbytes() call.
--
-postgresql-9.1 (Thorsten Alteholz)
- NOTE: 20170521, asking maintainer whether this version
)
+++ data/dla-needed.txt 2017-06-01 16:52:23 UTC (rev 52199)
@@ -29,7 +29,7 @@
jasper (Thorsten Alteholz)
NOTE: 20170528, no patch available for the remaining CVEs yet, pinged
upstream
--
-jbig2dec
+jbig2dec (Thorsten Alteholz)
NOTE: other no-dsa CVE issue open that might be worth fixing
)
+++ data/dla-needed.txt 2017-06-04 13:25:35 UTC (rev 52281)
@@ -129,7 +129,5 @@
--
zookeeper
--
-zziplib
- NOTE: added 2017-02-25, please give maintainer some time to respond
- NOTE: No patch available 2017-03-08.
+zziplib (Thorsten Alteholz
)
+++ data/dla-needed.txt 2017-06-18 20:39:01 UTC (rev 52698)
@@ -30,9 +30,10 @@
NOTE: the maintainer.
--
jasper (Thorsten Alteholz)
- NOTE: 20170528, no patch available for the remaining CVEs yet, pinged
upstream
+ NOTE: 20170618, no patch available for the remaining CVEs yet, pinged
Author: alteholz
Date: 2017-05-01 15:39:14 + (Mon, 01 May 2017)
New Revision: 51245
Modified:
data/packages/lts-do-not-call
Log:
add libarchive and reorder
Modified: data/packages/lts-do-not-call
===
---
Author: alteholz
Date: 2017-04-30 17:58:32 + (Sun, 30 Apr 2017)
New Revision: 51208
Modified:
data/dla-needed.txt
Log:
add libxstream-java
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-04-30 17:54:41 UTC (rev
-30 12:30:45 UTC (rev 51206)
+++ data/dla-needed.txt 2017-04-30 17:54:41 UTC (rev 51207)
@@ -96,6 +96,8 @@
--
qemu-kvm (Guido Günther)
--
+radicale (Thorsten Alteholz)
+--
sane-backends (Jörg Frings-Fürst)
NOTE: 2017-04-21 update:
https://lists.debian.org/1492754083.10406.1.ca...@jff
Author: alteholz
Date: 2017-04-30 18:00:26 + (Sun, 30 Apr 2017)
New Revision: 51210
Modified:
data/dla-needed.txt
Log:
add note
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-04-30 17:59:25 UTC (rev 51209)
+++
)
+++ data/dla-needed.txt 2017-04-30 17:59:25 UTC (rev 51209)
@@ -37,6 +37,7 @@
icu (Thorsten Alteholz)
--
jasper (Thorsten Alteholz)
+ NOTE: 20170430, not patch for the remaining CVEs yet
--
jbig2dec
--
___
Secure-testing-commits mailing list
Secure
51796)
+++ data/dla-needed.txt 2017-05-21 17:29:17 UTC (rev 51797)
@@ -17,7 +17,8 @@
bind9 (Thorsten Alteholz)
NOTE: test package at
https://people.debian.org/~alteholz/packages/wheezy-lts/bind9/amd64/
--
-dropbear
+dropbear (Thorsten Alteholz)
+ NOTE: maintainer prepared debdiff
--
ca
)
+++ data/dla-needed.txt 2017-05-19 13:45:32 UTC (rev 51751)
@@ -38,7 +38,7 @@
NOTE: sooner than later.
--
jasper (Thorsten Alteholz)
- NOTE: 20170515, no patch available for the remaining CVEs yet
+ NOTE: 20170519, no patch available for the remaining CVEs yet
--
libarchive (Markus
@@
NOTE: regression update, see:
NOTE: https://lists.debian.org/debian-lts/2017/05/msg00012.html
--
-libstruts1.2-java (Thorsten Alteholz)
---
libvorbis
NOTE: 20170829: no fix available yet
--
___
Secure-testing-commits mailing list
Secure
)
+++ data/dla-needed.txt 2017-09-23 17:35:19 UTC (rev 56066)
@@ -58,7 +58,7 @@
libmad
NOTE: Kurt wants to upload in case of available patches
--
-libraw
+libraw (Thorsten Alteholz)
NOTE: 2017-09-13: Cannot reproduce CVE-2017-14265 or CVE-2017-14348. (lamby)
--
libreoffice (Emilio Pozuelo
Author: alteholz
Date: 2017-09-23 17:28:44 + (Sat, 23 Sep 2017)
New Revision: 56065
Modified:
data/CVE/list
data/dla-needed.txt
Log:
following the security team
Modified: data/CVE/list
===
--- data/CVE/list
Author: alteholz
Date: 2017-09-23 18:02:15 + (Sat, 23 Sep 2017)
New Revision: 56067
Modified:
data/CVE/list
Log:
vulnerable code for CVE-2017-14265 not present in wheezy
Modified: data/CVE/list
===
--- data/CVE/list
Author: alteholz
Date: 2017-09-23 21:36:00 + (Sat, 23 Sep 2017)
New Revision: 56078
Modified:
data/CVE/list
Log:
vulnerable code for CVE-2017-14348 not present in wheezy
Modified: data/CVE/list
===
--- data/CVE/list
)
@@ -10,8 +10,6 @@
https://wiki.debian.org/LTS/Development#Triage_new_security_issues
--
-botan1.10 (Thorsten Alteholz)
---
ca-certificates
NOTE: 20170719: maintainer will handle the upload, see
https://lists.debian.org/d0b9674a-ac5b-5cc9-1982-fb6f36155...@pbandjelly.org
)
+++ data/dla-needed.txt 2017-10-08 14:53:18 UTC (rev 56520)
@@ -123,8 +123,6 @@
ruby-passenger
NOTE: 20170812: I think this is ext/nginx/ContentHandler.c in
create_request. (lamby)
--
-sam2p (Thorsten Alteholz)
---
simplesamlphp
NOTE: 2017-09-04: Maintainer will handle this.
NOTE: https
)
+++ data/dla-needed.txt 2017-10-05 13:41:09 UTC (rev 56429)
@@ -10,7 +10,7 @@
https://wiki.debian.org/LTS/Development#Triage_new_security_issues
--
-botan1.10
+botan1.10 (Thorsten Alteholz)
--
ca-certificates
NOTE: 20170719: maintainer will handle the upload, see
https://lists.debian.org
)
+++ data/dla-needed.txt 2017-10-16 14:04:46 UTC (rev 56756)
@@ -129,6 +129,8 @@
qemu-kvm
NOTE: 20171012 Can wait for more issues to pile up
--
+radare2 (Thorsten Alteholz)
+--
rbenv
NOTE: .ruby-version is .rbenv-version in wheezy
NOTE: 20170802: No upstream patch (lamby
55657)
+++ data/dla-needed.txt 2017-09-11 20:39:53 UTC (rev 55658)
@@ -96,7 +96,7 @@
NOTE: regression update, see:
NOTE: https://lists.debian.org/debian-lts/2017/05/msg00012.html
--
-libstruts1.2-java
+libstruts1.2-java (Thorsten Alteholz)
--
libvorbis
NOTE: 20170829: no fix available yet
)
+++ data/dla-needed.txt 2017-09-11 20:44:06 UTC (rev 55659)
@@ -130,7 +130,7 @@
NOTE: Make sure the advisory is clear that any created suid binaries using
NOTE: ocaml must be re-created once ocaml has been updated.
--
-opencv
+opencv (Thorsten Alteholz)
--
openexr
NOTE: 20170902: CVE
: Kurt wants to upload in case of available patches
--
-libraw (Thorsten Alteholz)
- NOTE: 2017-09-13: Cannot reproduce CVE-2017-14265 or CVE-2017-14348. (lamby)
---
libreoffice (Emilio Pozuelo)
NOTE: regression update, see:
NOTE: https://lists.debian.org/debian-lts/2017/05/msg00012.html
)
+++ data/dla-needed.txt 2017-09-24 17:45:28 UTC (rev 56098)
@@ -57,6 +57,8 @@
libmad
NOTE: Kurt wants to upload in case of available patches
--
+libofx (Thorsten Alteholz)
+--
libreoffice (Emilio Pozuelo)
NOTE: regression update, see:
NOTE: https://lists.debian.org/debian-lts/2017/05
)
+++ data/dla-needed.txt 2017-09-30 10:16:45 UTC (rev 56278)
@@ -117,8 +117,7 @@
ruby-passenger
NOTE: 20170812: I think this is ext/nginx/ContentHandler.c in
create_request. (lamby)
--
-sam2p
- NOTE: 20170925: no upstream patches yet
+sam2p (Thorsten Alteholz)
--
simplesamlphp
NOTE: 2017
(Thorsten Alteholz)
---
openexr
NOTE: 20170902: CVE-2017-12596: bug reported upstream but no response yet
(lamby)
--
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman
Author: alteholz
Date: 2017-08-26 15:12:02 + (Sat, 26 Aug 2017)
New Revision: 55106
Modified:
data/dla-needed.txt
Log:
some fontforge CVEs got no patch yet
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-08-26
,
sent email later
--
-fontforge (Thorsten Alteholz)
---
freerdp (Markus Koschany)
NOTE: I need to contact upstream because only half of the patch applies to
NOTE: Wheezy.
___
Secure-testing-commits mailing list
Secure-testing-commits
Author: alteholz
Date: 2017-08-26 20:47:59 + (Sat, 26 Aug 2017)
New Revision: 55113
Modified:
data/dla-needed.txt
Log:
no open issues at the moment
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-08-26 19:09:02
Author: alteholz
Date: 2017-08-26 20:48:18 + (Sat, 26 Aug 2017)
New Revision: 55114
Modified:
data/dla-needed.txt
Log:
no open issues at the moment
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-08-26 20:47:59
Author: alteholz
Date: 2017-08-26 20:52:32 + (Sat, 26 Aug 2017)
New Revision: 55115
Modified:
data/dla-needed.txt
Log:
no open issues at the moment
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-08-26 20:48:18
Author: alteholz
Date: 2017-08-25 12:31:58 + (Fri, 25 Aug 2017)
New Revision: 55063
Modified:
data/CVE/list
Log:
follow jessie with no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 12:30:12 UTC (rev
Author: alteholz
Date: 2017-08-25 12:30:12 + (Fri, 25 Aug 2017)
New Revision: 55062
Modified:
data/CVE/list
Log:
follow jessie with no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 10:27:04 UTC (rev
Author: alteholz
Date: 2017-08-25 13:27:53 + (Fri, 25 Aug 2017)
New Revision: 55066
Modified:
data/dla-needed.txt
Log:
marked as unimportant
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-08-25 13:23:11 UTC
Author: alteholz
Date: 2017-08-19 17:36:03 + (Sat, 19 Aug 2017)
New Revision: 54892
Modified:
data/CVE/list
Log:
mark CVE-2017-1000101 as not-affected for wheezy
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-19
)
+++ data/dla-needed.txt 2017-08-19 17:36:43 UTC (rev 54893)
@@ -29,7 +29,7 @@
clamav (Hugo Lefeuvre)
NOTE: https://lists.debian.org/debian-lts/2017/08/msg2.html
--
-curl
+curl (Thorsten Alteholz)
NOTE: 20170809: Not entirely sure vulnerable, adding just in case. (lamby)
--
db
+136,6 @@
NOTE: mysql-utilities and mysql-workbench.
NOTE: 20170810: Wait for more issues (see ML:
https://lists.debian.org/debian-lts/2017/08/msg00039.html)
--
-newsbeuter (Thorsten Alteholz)
---
openexr
NOTE: 20170707: Pinged upstream (lamby
)
@@ -110,8 +110,6 @@
libxml-libxml-perl
NOTE: 20170702: no upstream fix yet, so no need to bother maintainer yet,
sent email later
--
-libxml2 (Thorsten Alteholz)
---
libytnef
NOTE: 20170813: patches missing
--
___
Secure-testing-commits mailing list
Author: alteholz
Date: 2017-08-19 17:57:11 + (Sat, 19 Aug 2017)
New Revision: 54895
Modified:
data/dla-needed.txt
Log:
no issue for giflib available in tracker anymore
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt
@@
exiv2
NOTE: 20170702, no upstream fix yet, so no need to bother maintainer yet,
sent email later
--
-extplorer (Thorsten Alteholz)
---
faad2
NOTE: 20170702, no upstream fix yet, so no need to bother maintainer yet,
sent email later
--
___
Secure
Author: alteholz
Date: 2017-08-31 10:42:59 + (Thu, 31 Aug 2017)
New Revision: 55306
Modified:
data/CVE/list
Log:
mark CVE-2017-13775 as in Wheezy
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-31 10:32:30 UTC
(rev 55336)
@@ -57,8 +57,6 @@
NOTE: wheezy version. I cannot reproduce it, needs to find a way to check
NOTE: whether wheezy version is affected. (kanashiro)
--
-graphicsmagick (Thorsten Alteholz)
---
icedove (Guido Günther)
--
irssi (Lucas Kanashiro
56923)
+++ data/dla-needed.txt 2017-10-23 12:26:29 UTC (rev 56924)
@@ -141,7 +141,7 @@
--
tomcat7 (Roberto C. Sánchez)
--
-wireshark
+wireshark (Thorsten Alteholz)
NOTE: 2017-08-28: Contacted maintainer since most NOTE: issues affect
Jessie/Stretch as well
)
@@ -43,8 +43,6 @@
NOTE: The same should be done in wheezy too. So the action for this
NOTE: package is to contact the FTP masters in order to handle this.
--
-libofx (Thorsten Alteholz)
---
libreoffice (anarcat)
NOTE: regression update, see:
NOTE: https://lists.debian.org/debian-lts
:37 UTC (rev 57994)
+++ data/dla-needed.txt 2017-11-24 13:52:06 UTC (rev 57995)
@@ -55,6 +55,8 @@
NOTE: theora and sox. Awaiting feedback. Underlying reason for CVE-2017-14160
NOTE: unclear.
--
+libxml2 (Thorsten Alteholz)
+--
linux
--
ming (Hugo Lefeuvre
)
@@ -79,8 +79,6 @@
--
otrs2 (Emilio Pozuelo)
--
-python-werkzeug (Thorsten Alteholz)
---
roundcube (Roberto C. Sánchez)
NOTE: 20171124: Patch updated/tested based on upstream guidance, packages
prepared, call for testing sent out
--
___
Secure
)
+++ data/dla-needed.txt 2017-11-29 14:21:57 UTC (rev 58115)
@@ -17,7 +17,7 @@
couchdb
NOTE: Only in wheezy, we are on our own.
--
-curl
+curl (Thorsten Alteholz)
--
irssi (Rhonda D'Vine)
--
___
Secure-testing-commits mailing list
Secure-testing
Author: alteholz
Date: 2017-11-29 14:48:58 + (Wed, 29 Nov 2017)
New Revision: 58117
Modified:
data/CVE/list
Log:
CVE-2017-8816 not for Wheezy
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-29 14:25:12 UTC (rev
.
--
-libxml2 (Thorsten Alteholz)
- NOTE: bugfix needs confirmation by upstream
---
linux
--
ming (Hugo Lefeuvre)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo
+56,6 @@
--
libxfont (Emilio Pozuelo)
--
-libxml2 (Thorsten Alteholz)
---
linux
--
ming (Hugo Lefeuvre)
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo
@@
couchdb
NOTE: Only in wheezy, we are on our own.
--
-curl (Thorsten Alteholz)
---
irssi (Rhonda D'Vine)
--
jasperreports
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin
Author: alteholz
Date: 2017-11-19 16:20:14 + (Sun, 19 Nov 2017)
New Revision: 57831
Modified:
data/CVE/list
Log:
CVE does not affect Debian
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-19 16:14:33 UTC (rev
Author: alteholz
Date: 2017-12-08 14:41:57 + (Fri, 08 Dec 2017)
New Revision: 58357
Modified:
data/CVE/list
Log:
follow security team for CVE-2017-17446
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-08 09:18:39
Author: alteholz
Date: 2017-12-08 14:48:31 + (Fri, 08 Dec 2017)
New Revision: 58359
Modified:
data/CVE/list
Log:
follow security team for CVE-2017-17456 and CVE-2017-17457
Modified: data/CVE/list
===
--- data/CVE/list
:36 UTC (rev 58361)
+++ data/dla-needed.txt 2017-12-08 14:52:12 UTC (rev 58362)
@@ -74,6 +74,8 @@
--
qemu
--
+qemu-kvm
+--
rsync (Thorsten Alteholz)
--
rtpproxy
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
UTC (rev 58359)
+++ data/dla-needed.txt 2017-12-08 14:49:37 UTC (rev 58360)
@@ -70,6 +70,8 @@
--
otrs2 (Emilio Pozuelo)
--
+qemu
+--
rsync (Thorsten Alteholz)
--
rtpproxy
___
Secure-testing-commits mailing list
Secure-testing-commits
)
+++ data/dla-needed.txt 2017-12-08 14:51:36 UTC (rev 58361)
@@ -51,6 +51,8 @@
--
libxfont (Emilio Pozuelo)
--
+libxml2 (Thorsten Alteholz)
+--
linux
--
ming (Hugo Lefeuvre)
___
Secure-testing-commits mailing list
Secure-testing-commits
Author: alteholz
Date: 2017-12-08 14:45:02 + (Fri, 08 Dec 2017)
New Revision: 58358
Modified:
data/CVE/list
Log:
follow security team for CVE-2017-17440
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-08 14:41:57
Author: alteholz
Date: 2017-10-25 13:50:59 + (Wed, 25 Oct 2017)
New Revision: 56963
Modified:
data/CVE/list
data/DLA/list
Log:
CVE was also fixed in DLA-858-1 by patch 0144
Modified: data/CVE/list
===
--- data/CVE/list
-10-24 12:52:33 UTC (rev 56937)
+++ data/dla-needed.txt 2017-10-24 13:28:01 UTC (rev 56938)
@@ -19,6 +19,8 @@
NOTE: HTML escaped. Without trying, it's hard to know if the error
NOTE: messages do include user controllable content.
--
+curl (Thorsten Alteholz)
+--
exiv2 (Raphaël Hertzog)
NOTE
Author: alteholz
Date: 2017-10-24 12:52:33 + (Tue, 24 Oct 2017)
New Revision: 56937
Modified:
data/CVE/list
data/dla-needed.txt
Log:
follow security team and mark everything as , patches still not
available
Modified: data/CVE/list
)
@@ -19,8 +19,6 @@
NOTE: HTML escaped. Without trying, it's hard to know if the error
NOTE: messages do include user controllable content.
--
-curl (Thorsten Alteholz)
---
exiv2 (Raphaël Hertzog)
NOTE: 20170702, no upstream fix yet, so no need to bother maintainer yet,
sent email later
Author: alteholz
Date: 2017-10-28 15:16:00 + (Sat, 28 Oct 2017)
New Revision: 57076
Modified:
data/CVE/list
Log:
wheezy and jessie are not affected by CVE-2017-15931 and CVE-2017-15932
Modified: data/CVE/list
===
---
Author: alteholz
Date: 2017-10-28 15:31:15 + (Sat, 28 Oct 2017)
New Revision: 57078
Modified:
data/CVE/list
Log:
follow security team with CVE-2017-15938 of binutils
Modified: data/CVE/list
===
--- data/CVE/list
)
+++ data/dla-needed.txt 2017-10-28 17:11:35 UTC (rev 57086)
@@ -49,6 +49,9 @@
NOTE: asked for reproducers for CVE-2017-14160 and CVE-2017-14633 on
NOTE: gitlab and vendor-sec
--
+libxml (Thorsten Alteholz)
+ NOTE: bugfix needs confirmation by upstream
+--
libxml-libxml-perl
NOTE
57086)
+++ data/dla-needed.txt 2017-10-28 17:18:57 UTC (rev 57087)
@@ -36,6 +36,9 @@
--
libdatetime-timezone-perl (Emilio Pozuelo)
--
+libextractor
+ NOTE: not all patches available, so didn't bothered maintainer yet
+--
liblouis
--
libofx (Thorsten Alteholz
Author: alteholz
Date: 2017-10-19 13:58:44 + (Thu, 19 Oct 2017)
New Revision: 56871
Modified:
data/CVE/list
Log:
jessie and wheezy are not affected by CVE-2017-15385
Modified: data/CVE/list
===
--- data/CVE/list
UTC (rev 56871)
+++ data/dla-needed.txt 2017-10-19 14:05:44 UTC (rev 56872)
@@ -110,8 +110,6 @@
qemu-kvm
NOTE: 20171012 Can wait for more issues to pile up
--
-radare2 (Thorsten Alteholz)
---
rbenv
NOTE: .ruby-version is .rbenv-version in wheezy
NOTE: 20170802: No upstream patch (lamby
Author: alteholz
Date: 2017-10-19 13:28:02 + (Thu, 19 Oct 2017)
New Revision: 56870
Modified:
data/CVE/list
Log:
Wheezy is not affected as well
Modified: data/CVE/list
===
--- data/CVE/list 2017-10-19 12:24:36 UTC (rev
Author: alteholz
Date: 2017-10-26 14:04:28 + (Thu, 26 Oct 2017)
New Revision: 56981
Modified:
data/dla-needed.txt
Log:
add imagemagick again
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-10-26 14:00:11 UTC
)
+++ data/dla-needed.txt 2017-10-27 09:57:50 UTC (rev 57012)
@@ -129,6 +129,8 @@
--
tzdata (Emilio Pozuelo)
--
+wget (Thorsten Alteholz)
+--
wireshark (Thorsten Alteholz)
NOTE: 2017-08-28: Contacted maintainer since most NOTE: issues affect
Jessie/Stretch as well
Author: alteholz
Date: 2017-10-27 10:18:25 + (Fri, 27 Oct 2017)
New Revision: 57014
Modified:
data/CVE/list
Log:
add fix for CVE-2017-15908
Modified: data/CVE/list
===
--- data/CVE/list 2017-10-27 10:07:32 UTC (rev
Author: alteholz
Date: 2017-10-27 10:19:42 + (Fri, 27 Oct 2017)
New Revision: 57015
Modified:
data/CVE/list
Log:
mark Wheezy as not affected from CVE-2017-15908
Modified: data/CVE/list
===
--- data/CVE/list 2017-10-27
Author: alteholz
Date: 2017-10-27 09:57:38 + (Fri, 27 Oct 2017)
New Revision: 57011
Modified:
data/CVE/list
Log:
add wget patches
Modified: data/CVE/list
===
--- data/CVE/list 2017-10-27 09:25:33 UTC (rev 57010)
+++
Author: alteholz
Date: 2017-10-27 10:07:32 + (Fri, 27 Oct 2017)
New Revision: 57013
Modified:
data/CVE/list
Log:
mark glusterfs as no-dsa for wheezy
Modified: data/CVE/list
===
--- data/CVE/list 2017-10-27 09:57:50 UTC
Author: alteholz
Date: 2017-10-26 14:14:47 + (Thu, 26 Oct 2017)
New Revision: 56984
Modified:
data/CVE/list
Log:
follow security team with web2py
Modified: data/CVE/list
===
--- data/CVE/list 2017-10-26 14:09:00 UTC
Author: alteholz
Date: 2017-10-26 14:09:00 + (Thu, 26 Oct 2017)
New Revision: 56983
Modified:
data/CVE/list
Log:
follow security team with openssh
Modified: data/CVE/list
===
--- data/CVE/list 2017-10-26 14:06:13 UTC
Author: alteholz
Date: 2017-10-26 14:06:13 + (Thu, 26 Oct 2017)
New Revision: 56982
Modified:
data/CVE/list
Log:
follow security team with busybox
Modified: data/CVE/list
===
--- data/CVE/list 2017-10-26 14:04:28 UTC
Author: alteholz
Date: 2017-10-26 20:48:49 + (Thu, 26 Oct 2017)
New Revision: 57000
Modified:
data/CVE/list
Log:
redmine is EOL in wheezy
Modified: data/CVE/list
===
--- data/CVE/list 2017-10-26 18:39:52 UTC (rev 56999)
Author: alteholz
Date: 2017-10-26 20:59:27 + (Thu, 26 Oct 2017)
New Revision: 57001
Modified:
data/dla-needed.txt
Log:
add Rhonda for irssi
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-10-26 20:48:49 UTC
Author: alteholz
Date: 2017-10-27 18:07:01 + (Fri, 27 Oct 2017)
New Revision: 57033
Modified:
data/dla-needed.txt
Log:
add suricata
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-10-27 17:55:53 UTC (rev 57032)
Author: alteholz
Date: 2017-10-27 18:09:36 + (Fri, 27 Oct 2017)
New Revision: 57035
Modified:
data/dla-needed.txt
Log:
add puppet
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-10-27 18:08:23 UTC (rev 57034)
Author: alteholz
Date: 2017-10-27 18:08:23 + (Fri, 27 Oct 2017)
New Revision: 57034
Modified:
data/dla-needed.txt
Log:
add spip
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-10-27 18:07:01 UTC (rev 57033)
+++
)
--
-wget (Thorsten Alteholz)
---
wireshark (Thorsten Alteholz)
NOTE: 2017-08-28: Contacted maintainer since most NOTE: issues affect
Jessie/Stretch as well
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a28bdc03 by Thorsten Alteholz at 2017-12-30T20:09:04+01:00
follow security team with no-dsa for wireshark CVEs
- - - - -
fb814126 by Thorsten Alteholz at 2017-12-30T20:09:30+01:00
Merge branch
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3e3703df by Thorsten Alteholz at 2017-12-31T15:32:25+01:00
Reserve DLA-1226-1 for wireshark
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f7c75ea5 by Thorsten Alteholz at 2017-12-31T15:45:23+01:00
add opencv to do-not-call
- - - - -
8f806211 by Thorsten Alteholz at 2017-12-31T15:45:56+01:00
claim opencv
- - - - -
2 changed files
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7dbb48c9 by Thorsten Alteholz at 2018-01-08T19:43:58+01:00
Reserve DLA-1235-1 for opencv
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
79191309 by Thorsten Alteholz at 2018-01-08T19:50:28+01:00
claim couchdb
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
54fa11d7 by Thorsten Alteholz at 2018-01-08T22:51:00+01:00
new issues appeared for opencv
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
37d32e36 by Thorsten Alteholz at 2018-01-21T22:44:56+01:00
claim isc-dhcp
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f27cf5d5 by Thorsten Alteholz at 2018-01-21T22:39:03+01:00
Reserve DLA-1255-1 for bind9
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c6f28eed by Thorsten Alteholz at 2018-01-26T09:02:48+01:00
add krb5
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1b12bb22 by Thorsten Alteholz at 2018-01-26T09:13:31+01:00
add openssh
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5ab7ffe0 by Thorsten Alteholz at 2018-01-26T09:12:16+01:00
add openssh
- - - - -
9df17abe by Thorsten Alteholz at 2018-01-26T09:12:37+01:00
Merge branch master of
salsa.debian.org:security-tracker
601 - 700 of 760 matches
Mail list logo
