09:37:51 UTC (rev 57846)
+++ data/dla-needed.txt 2017-11-20 10:22:27 UTC (rev 57847)
@@ -24,8 +24,8 @@
lame (Hugo Lefeuvre)
NOTE: Couldn't reproduce CVE-2017-{69-72}, but successfully reproduced
CVE-2017-150{18,45,46}
NOTE: 20171120: Backporting 3.100 is not conceivable, diff >40k li
Author: sectracker
Date: 2017-11-20 09:10:15 + (Mon, 20 Nov 2017)
New Revision: 57843
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20 05:59:51 UTC (rev 57842)
+++
whether a
backport is possible or not
- NOTE: (since Stretch isn't affected by these issues they are probably not
going to accept
- NOTE: a backport to Stretch, which will therefore make a backport to
Jessie/Wheezy impossible).
+ NOTE: 20171120: Backporting 3.100 is not conceivable, diff >
Author: seb
Date: 2017-11-20 09:37:51 + (Mon, 20 Nov 2017)
New Revision: 57846
Modified:
data/dsa-needed.txt
Log:
Add and take libspring-ldap-java
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-11-20 09:37:35
Author: seb
Date: 2017-11-20 09:34:52 + (Mon, 20 Nov 2017)
New Revision: 57844
Modified:
data/dsa-needed.txt
Log:
Add and take nova
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-11-20 09:10:15 UTC (rev 57843)
Author: fgeyer
Date: 2017-11-20 12:05:47 + (Mon, 20 Nov 2017)
New Revision: 57848
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-1181-1 for xen
Modified: data/DLA/list
===
--- data/DLA/list 2017-11-20
UTC (rev 57855)
+++ data/dla-needed.txt 2017-11-20 15:57:34 UTC (rev 57856)
@@ -88,10 +88,10 @@
NOTE: 20171118: Update is prepared, call for testing has been sent, will
upload and release DLA 20171125
--
qemu
- NOTE: 20171012 Can wait for more issues to pile up
+ NOTE: 20171120 Can wait
Author: pabs
Date: 2017-11-20 15:56:49 + (Mon, 20 Nov 2017)
New Revision: 57855
Modified:
data/CVE/list
Log:
busybox: autocompletion escape sequence vulnerability
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20
: Couldn't reproduce CVE-2017-{69-72}, but successfully reproduced
CVE-2017-150{18,45,46}
NOTE: 20171120: Backporting 3.100 is not conceivable, diff >40k lines.
NOTE: Instead, lame's maintainer will switch jessie to also use libsndfile
in the next Jessie
NOTE: point update, simply forw
Author: pochu
Date: 2017-11-20 18:45:55 + (Mon, 20 Nov 2017)
New Revision: 57861
Modified:
data/CVE/list
Log:
poppler fixed in experimental
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20 18:17:54 UTC (rev
Author: agx
Date: 2017-11-20 16:00:20 + (Mon, 20 Nov 2017)
New Revision: 57857
Modified:
data/dla-needed.txt
Log:
lts: if sox gets an update we should add the missing error handling
Modified: data/dla-needed.txt
===
---
Author: jmm
Date: 2017-11-20 18:17:54 + (Mon, 20 Nov 2017)
New Revision: 57860
Modified:
data/CVE/list
data/DLA/list
Log:
fix opencv entry
htslib no-dsa
ffmpeg postponed
Modified: data/CVE/list
===
--- data/CVE/list
Author: carnil
Date: 2017-11-20 21:51:55 + (Mon, 20 Nov 2017)
New Revision: 57875
Modified:
data/CVE/list
Log:
Add CVE-2017-16892/bftpd
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20 21:51:44 UTC (rev 57874)
Author: pochu
Date: 2017-11-20 22:22:50 + (Mon, 20 Nov 2017)
New Revision: 57877
Modified:
data/dla-needed.txt
Log:
dla: claim cacti
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-11-20 21:52:06 UTC (rev
sent, will
upload and release DLA 20171125
--
-qemu
- NOTE: 20171120 Can wait for more issues to pile up
---
-qemu-kvm
- NOTE: 20171120 Can wait for more issues to pile up
---
roundcube (Roberto C. Sánchez)
NOTE: 2017118: Patch is ready; because of code differences, waiting on
upstream
Author: agx
Date: 2017-11-20 16:14:36 + (Mon, 20 Nov 2017)
New Revision: 57859
Modified:
data/dla-needed.txt
Log:
lts: grab openexr
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-11-20 16:14:35 UTC (rev 57858)
Author: agx
Date: 2017-11-20 16:14:35 + (Mon, 20 Nov 2017)
New Revision: 57858
Modified:
data/dla-needed.txt
Log:
lts: break line
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-11-20 16:00:20 UTC (rev 57857)
Author: carnil
Date: 2017-11-20 21:52:06 + (Mon, 20 Nov 2017)
New Revision: 57876
Modified:
data/CVE/list
Log:
Add CVE-2017-15110/moodle
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20 21:51:55 UTC (rev 57875)
Author: carnil
Date: 2017-11-20 21:51:33 + (Mon, 20 Nov 2017)
New Revision: 57873
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20 21:42:40 UTC (rev 57872)
+++
Author: carnil
Date: 2017-11-20 21:51:44 + (Mon, 20 Nov 2017)
New Revision: 57874
Modified:
data/CVE/list
Log:
Add tt-rss issue
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20 21:51:33 UTC (rev 57873)
+++
Author: pochu
Date: 2017-11-20 22:24:04 + (Mon, 20 Nov 2017)
New Revision: 57878
Modified:
data/dla-needed.txt
Log:
dla: claim transfig
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-11-20 22:22:50 UTC (rev
Author: carnil
Date: 2017-11-20 21:42:40 + (Mon, 20 Nov 2017)
New Revision: 57872
Modified:
data/CVE/list
Log:
Add source package for CVE-2017-1690{6,7,8}
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20
Author: carnil
Date: 2017-11-20 19:39:00 + (Mon, 20 Nov 2017)
New Revision: 57862
Modified:
data/dsa-needed.txt
Log:
add note for nova
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-11-20 18:45:55 UTC (rev
Author: carnil
Date: 2017-11-20 19:55:13 + (Mon, 20 Nov 2017)
New Revision: 57864
Modified:
data/CVE/list
Log:
Add bug reference for busybox issue
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20 19:53:19 UTC
Author: carnil
Date: 2017-11-20 20:28:50 + (Mon, 20 Nov 2017)
New Revision: 57866
Modified:
data/CVE/list
Log:
Mark CVE-2017-16641/cacti as no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20 20:08:15 UTC
Author: sectracker
Date: 2017-11-20 21:10:13 + (Mon, 20 Nov 2017)
New Revision: 57868
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20 20:59:32 UTC (rev 57867)
+++
Author: hle
Date: 2017-11-20 21:15:20 + (Mon, 20 Nov 2017)
New Revision: 57870
Modified:
data/CVE/list
Log:
ming (removed, only in wheezy) is affected by new CVE-2017-16898 (more infos on
upstreams bug tracker)
Modified: data/CVE/list
Author: carnil
Date: 2017-11-20 19:53:19 + (Mon, 20 Nov 2017)
New Revision: 57863
Modified:
data/dla-needed.txt
Log:
Expand note for sox's missing error checking when encoding vorbis
Modified: data/dla-needed.txt
===
---
Author: carnil
Date: 2017-11-20 20:59:32 + (Mon, 20 Nov 2017)
New Revision: 57867
Modified:
data/CVE/list
Log:
Mark busybox issues as no-dsa for stretch and jessie
Modified: data/CVE/list
===
--- data/CVE/list
Author: carnil
Date: 2017-11-20 21:17:08 + (Mon, 20 Nov 2017)
New Revision: 57871
Modified:
data/CVE/list
Log:
Mark CVE-2017-16899 as no-dsa, add renamed source package
Modified: data/CVE/list
===
--- data/CVE/list
Author: carnil
Date: 2017-11-20 21:12:21 + (Mon, 20 Nov 2017)
New Revision: 57869
Modified:
data/CVE/list
Log:
Add CVE-2017-16899/fig2dev
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20 21:10:13 UTC (rev 57868)
Author: pochu
Date: 2017-11-21 00:18:33 + (Tue, 21 Nov 2017)
New Revision: 57881
Modified:
data/CVE/list
data/dla-needed.txt
Log:
cacti no-dsa on wheezy following jessie et al
Modified: data/CVE/list
===
--- data/CVE/list
Author: pochu
Date: 2017-11-21 00:12:35 + (Tue, 21 Nov 2017)
New Revision: 57880
Modified:
data/CVE/list
data/dla-needed.txt
Log:
transfig no-dsa on wheezy
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20
Author: roberto
Date: 2017-11-21 01:48:26 + (Tue, 21 Nov 2017)
New Revision: 57882
Modified:
data/CVE/list
Log:
Annotate CVE-2017-1000232 as not affecting ldns in wheezy
Modified: data/CVE/list
===
--- data/CVE/list
Author: roberto
Date: 2017-11-21 01:55:04 + (Tue, 21 Nov 2017)
New Revision: 57883
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-1182-1 for ldns
Modified: data/DLA/list
===
--- data/DLA/list 2017-11-21
Author: carnil
Date: 2017-11-20 20:08:15 + (Mon, 20 Nov 2017)
New Revision: 57865
Modified:
data/dsa-needed.txt
Log:
Assign jmm to vlc, as said by jmm
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-11-20
Author: agx
Date: 2017-11-20 13:40:30 + (Mon, 20 Nov 2017)
New Revision: 57849
Modified:
data/dla-needed.txt
Log:
lts: update libvorbis status
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-11-20 12:05:47 UTC
Author: agx
Date: 2017-11-20 13:40:41 + (Mon, 20 Nov 2017)
New Revision: 57850
Modified:
data/CVE/list
Log:
lts: mark xsa-244 as no-dsa
The issue can only be triggered in during cpu hotplug and is too risky
to backport for that corner case
Modified: data/CVE/list
Author: carnil
Date: 2017-11-20 14:28:02 + (Mon, 20 Nov 2017)
New Revision: 57851
Modified:
data/CVE/list
Log:
Add status for CVE-2017-15864/otrs2
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20 13:40:41 UTC
Author: carnil
Date: 2017-11-20 14:55:43 + (Mon, 20 Nov 2017)
New Revision: 57852
Modified:
data/dsa-needed.txt
Log:
vlc upload is prepared
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-11-20 14:28:02 UTC
Author: carnil
Date: 2017-11-20 15:08:38 + (Mon, 20 Nov 2017)
New Revision: 57853
Modified:
data/CVE/list
Log:
Add proposed patch / pull request from agx, #876778
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-20
41 matches
Mail list logo
