[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: cba0 by Emilio Pozuelo Monfort at 2024-05-15T09:26:10+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -85,6 +85,9 @@ edk2 NOTE: 20231230: CVE-2019-11098 fixed via bullseye 11.2 (lamby) NOTE: 20240312: CVE-2023-48733 fixed via DSA-5624-1 (Beuc/front-desk) -- +firefox-esr (Emilio) + NOTE: 20240515: Added by pochu +-- firmware-nonfree (tobi) NOTE: 20240502: Added by Front-Desk (Beuc) -- @@ -290,6 +293,9 @@ suricata (Adrian Bunk) NOTE: 20231016: Still reviewing+testing CVEs. (bunk) NOTE: 20231120: DLA coming soon. (bunk) -- +thunderbird (Emilio) + NOTE: 20240515: Added by pochu +-- tiff (Thorsten Alteholz) NOTE: 20240314: Added by coordinator (roberto) NOTE: 20240314: Several CVEs fixed in LTS remain unfixed (no-dsa) in bullseye and View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cba03f29632e821e872ff0a34e57da567d83 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cba03f29632e821e872ff0a34e57da567d83 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 2d09b63f by Emilio Pozuelo Monfort at 2024-04-17T10:41:55+02:00 lts: take firefox-esr - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -76,6 +76,9 @@ emacs (Sean Whitton) NOTE: 20240403: for example, CVE-2024-30202. But I think it is vulnerable NOTE: 20240403: to CVE-2024-30203. (lamby) -- +firefox-esr (Emilio) + NOTE: 20240417: Added by pochu +-- freeimage NOTE: 20240320: Added by Front-Desk (ta) NOTE: 20240320: lots of postponed issue could be fixed as well View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d09b63f9a9d435ccf146e2eaed263e8e3be29e8 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2d09b63f9a9d435ccf146e2eaed263e8e3be29e8 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: ff3cbf06 by Emilio Pozuelo Monfort at 2024-03-21T10:36:47+01:00 lts: take firefox-esr - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -75,7 +75,7 @@ edk2 expat (tobi) NOTE: 20240306: Added by Front-Desk (opal) -- -firefox-esr +firefox-esr (Emilio) NOTE: 20240320: Added by Front-Desk (ta) -- freeimage View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff3cbf068d3f20c94a42a6ee42cb12d300d6aa06 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ff3cbf068d3f20c94a42a6ee42cb12d300d6aa06 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 2f82bb5a by Emilio Pozuelo Monfort at 2024-02-22T19:35:15+01:00 lts: take firefox-esr - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -94,6 +94,9 @@ engrampa exiftags NOTE: 20240121: Added by Front-Desk (apo) -- +firefox-esr (Emilio) + NOTE: 20240222: Added by Front-Desk (pochu) +-- freeimage NOTE: 20240121: Added by Front-Desk (apo) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f82bb5afa8fde2fc0cf8f72e00fa9b2606f3d8b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f82bb5afa8fde2fc0cf8f72e00fa9b2606f3d8b You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 78b9cf35 by Emilio Pozuelo Monfort at 2024-01-25T11:13:39+01:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -85,6 +85,9 @@ edk2 exiftags NOTE: 20240121: Added by Front-Desk (apo) -- +firefox-esr (Emilio) + NOTE: 20240125: Added by pochu +-- freeimage NOTE: 20240121: Added by Front-Desk (apo) -- @@ -275,6 +278,9 @@ suricata NOTE: 20231016: Still reviewing+testing CVEs. (bunk) NOTE: 20231120: DLA coming soon. (bunk) -- +thunderbird (Emilio) + NOTE: 20240125: Added by pochu +-- tiff NOTE: 20231231: Added by Front-Desk (lamby) NOTE: 20231231: CVE-2023-3576 already fixed in bullseye via DSA or point release(s). (lamby) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78b9cf357cbb5246fc5956782c09a4b3da511db6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/78b9cf357cbb5246fc5956782c09a4b3da511db6 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 9a1eec85 by Emilio Pozuelo Monfort at 2023-12-21T16:00:09+01:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -73,6 +73,9 @@ dogecoin dropbear (guilhem) NOTE: 20231219: Added by Front-Desk (ta) -- +firefox-esr (Emilio) + NOTE: 20231221: Added by pochu +-- frr NOTE: 20231119: Added by Front-Desk (apo) -- @@ -229,6 +232,9 @@ suricata (Adrian Bunk) NOTE: 20231016: Still reviewing+testing CVEs. (bunk) NOTE: 20231120: DLA coming soon. (bunk) -- +thunderbird (Emilio) + NOTE: 20231221: Added by pochu +-- tinymce NOTE: 20231123: Added by Front-Desk (ola) NOTE: 20231216: Someone with more XSS experience needed to assess the View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a1eec858c2d864b41e19defb8e3112f024ffc31 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9a1eec858c2d864b41e19defb8e3112f024ffc31 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 97415239 by Emilio Pozuelo Monfort at 2023-11-23T10:36:59+01:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -61,7 +61,7 @@ dogecoin NOTE: 20230619: also I just referenced 3 older bitcoin-related CVEs to fix; NOTE: 20230619: dogecoin not present in bullseye/bookworm, so we lead the initiatives. (Beuc/front-desk) -- -firefox-esr +firefox-esr (Emilio) NOTE: 20231122: Added by Front-Desk (ola) -- flatpak @@ -261,7 +261,7 @@ suricata (Adrian Bunk) symfony (Markus Koschany) NOTE: 20231118: Added by Front-Desk (apo) -- -thunderbird +thunderbird (Emilio) NOTE: 20231122: Added by Front-Desk (ola) -- tor View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97415239a90462de31fc4d637dfd8b2d8fa6c5f6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97415239a90462de31fc4d637dfd8b2d8fa6c5f6 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 68a64f9b by Emilio Pozuelo Monfort at 2023-10-25T16:03:58+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -58,7 +58,7 @@ dogecoin NOTE: 20230619: also I just referenced 3 older bitcoin-related CVEs to fix; NOTE: 20230619: dogecoin not present in bullseye/bookworm, so we lead the initiatives. (Beuc/front-desk) -- -firefox-esr +firefox-esr (Emilio) NOTE: 20231024: Added by Front-Desk (gladk) -- flatpak @@ -232,6 +232,9 @@ suricata (Adrian Bunk) NOTE: 20230731: Still reviewing+testing CVEs. (bunk) NOTE: 20231016: Still reviewing+testing CVEs. (bunk) -- +thunderbird (Emilio) + NOTE: 20231025: Added by pochu +-- trafficserver (Adrian Bunk) NOTE: 20231011: Added by Front-Desk (ta) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68a64f9befcce4f511adcd46ad0f6aa49cf7f868 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68a64f9befcce4f511adcd46ad0f6aa49cf7f868 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 17194f99 by Emilio Pozuelo Monfort at 2023-09-29T20:04:37+02:00 lts: take firefox-esr - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -66,6 +66,9 @@ dogecoin exim4 NOTE: 20230928: Added by Front-Desk (ola) -- +firefox-esr (Emilio) + NOTE: 20230929: Added by pochu +-- firmware-nonfree (tobi) NOTE: 20230820: Added by Front-Desk (ta) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17194f992760fefc3c8e30ff29c85c65afe6edc2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17194f992760fefc3c8e30ff29c85c65afe6edc2 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 25e94294 by Emilio Pozuelo Monfort at 2023-09-26T12:08:56+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -66,6 +66,10 @@ dogecoin exiv2 NOTE: 20230906: Added by Front-Desk (lamby) -- +firefox-esr (Emilio) + NOTE: 20230926: Added by pochu + NOTE: 20230926: updating to ESR 115.3 +-- firmware-nonfree (tobi) NOTE: 20230820: Added by Front-Desk (ta) -- @@ -228,6 +232,10 @@ suricata (tobi) NOTE: 20230714: Still reviewing+testing CVEs. (bunk) NOTE: 20230731: Still reviewing+testing CVEs. (bunk) -- +thunderbird (Emilio) + NOTE: 20230926: Added by pochu + NOTE: 20230926: updating to 115.3 +-- trafficserver (Adrian Bunk) NOTE: 20230826: Added by Front-Desk (utkarsh) NOTE: 20230826: have pinged Leo in Ubuntu to clarify the status on the View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25e942942f299f9247a3d0e3f5d7dec8fbefd515 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25e942942f299f9247a3d0e3f5d7dec8fbefd515 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: e2136716 by Emilio Pozuelo Monfort at 2023-09-15T11:37:07+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -62,6 +62,9 @@ exiv2 file (Thorsten Alteholz) NOTE: 20230901: Added by Front-Desk (gladk) -- +firefox-esr (Emilio) + NOTE: 20230915: Added by Front-Desk (pochu) +-- firmware-nonfree NOTE: 20230820: Added by Front-Desk (ta) -- @@ -215,6 +218,9 @@ suricata NOTE: 20230714: Still reviewing+testing CVEs. (bunk) NOTE: 20230731: Still reviewing+testing CVEs. (bunk) -- +thunderbird (Emilio) + NOTE: 20230915: Added by Front-Desk (pochu) +-- tiff (gladk) NOTE: 20230826: Added by Front-Desk (utkarsh) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2136716a9d0336a9b5c8a65c62c180c5b9c3c03 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2136716a9d0336a9b5c8a65c62c180c5b9c3c03 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 33364e18 by Emilio Pozuelo Monfort at 2023-08-29T11:33:55+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -54,6 +54,9 @@ dogecoin NOTE: 20230619: also I just referenced 3 older bitcoin-related CVEs to fix; NOTE: 20230619: dogecoin not present in bullseye/bookworm, so we lead the initiatives. (Beuc/front-desk) -- +firefox-esr (Emilio) + NOTE: 20230829: Added by pochu +-- firmware-nonfree NOTE: 20230820: Added by Front-Desk (ta) -- @@ -227,6 +230,9 @@ suricata (Adrian Bunk) NOTE: 20230714: Still reviewing+testing CVEs. (bunk) NOTE: 20230731: Still reviewing+testing CVEs. (bunk) -- +thunderbird (Emilio) + NOTE: 20230829: Added by pochu +-- tiff NOTE: 20230826: Added by Front-Desk (utkarsh) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33364e18f290dcea4378342c07d5fc05aa44e266 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33364e18f290dcea4378342c07d5fc05aa44e266 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: c6052f73 by Emilio Pozuelo Monfort at 2023-08-02T10:40:42+02:00 lts: take firefox-esr - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -56,6 +56,9 @@ dogecoin NOTE: 20230619: also I just referenced 3 older bitcoin-related CVEs to fix; NOTE: 20230619: dogecoin not present in bullseye/bookworm, so we lead the initiatives. (Beuc/front-desk) -- +firefox-esr (Emilio) + NOTE: 20230802: Added by pochu +-- glib2.0 (santiago) NOTE: 20230612: Added by Front-Desk (apo) NOTE: 20230710: WIP (santiago) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6052f73603c3fc726070b37d54780fd048cedcb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6052f73603c3fc726070b37d54780fd048cedcb You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 86e91416 by Emilio Pozuelo Monfort at 2023-07-04T22:25:18+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -54,6 +54,9 @@ erlang (Markus Koschany) NOTE: 20221119: Added by Front-Desk (ta) NOTE: 20221119: at least CVE-2022-37026 needs to be fixed (original request has been for Stretch) -- +firefox-esr (pochu) + NOTE: 20230704: Added by pochu +-- flatpak NOTE: 20230620: Added by Front-Desk (Beuc) NOTE: 20230620: Follow fixes from bullseye 11.7 (2 CVEs) (Beuc/front-desk) @@ -246,6 +249,9 @@ symfony (guilhem) syncthing (Abhijith PA) NOTE: 20230616: Added by Front-Desk (opal) -- +thunderbird (pochu) + NOTE: 20230704: Added by pochu +-- tiff (Adrian Bunk) NOTE: 20230702: Added by Front-Desk (ta) -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86e91416836bee61371870ce772cda11dc958558 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/86e91416836bee61371870ce772cda11dc958558 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 1b4cad96 by Emilio Pozuelo Monfort at 2023-06-06T16:54:23+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -42,6 +42,9 @@ erlang (Markus Koschany) NOTE: 20221119: Added by Front-Desk NOTE: 20221119: at least CVE-2022-37026 needs to be fixed (original request has been for Stretch) -- +firefox-esr (Emilio) + NOTE: 20230606: Added by pochu +-- fusiondirectory (Abhijith PA) NOTE: 20221203: Added by Front-Desk NOTE: 20221203: Please evaluate, whether the package can be fixed (gladk). @@ -183,6 +186,9 @@ samba (Lee Garrett) NOTE: 20220904: Many postponed or open CVE in general. (apo) NOTE: 20230323: Still working on the long list of CVEs, will likely release an intermittent package first (lee) -- +thunderbird (Emilio) + NOTE: 20230606: Added by pochu +-- webkit2gtk (Emilio) NOTE: 20230512: Added by Front-Desk NOTE: 20230512: checking if upgrade to 2.40.x is possible, otherwise we'll have to EOL webkit (pochu) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b4cad9642083953def67fcf644a67c2a2c457b7 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b4cad9642083953def67fcf644a67c2a2c457b7 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 2c857647 by Emilio Pozuelo Monfort at 2023-05-10T09:56:25+02:00 lts: take firefox-esr - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -44,6 +44,8 @@ erlang (Markus Koschany) NOTE: 20230111: VCS: https://salsa.debian.org/erlang-team/packages/erlang NOTE: 20230111: Maintainer notes: Coordinate with maintainer, whether their VCS can be used. Mail send to mailing list. -- +firefox-esr (Emilio) +-- fusiondirectory (Abhijith PA) NOTE: 20221203: Programming language: PHP. NOTE: 20221203: Please evaluate, whether the package can be fixed (gladk). View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c85764792ae3f223277e9ad4ce1120ab4c9e328 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c85764792ae3f223277e9ad4ce1120ab4c9e328 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 9f55d707 by Emilio Pozuelo Monfort at 2023-04-12T11:34:11+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -70,6 +70,8 @@ erlang NOTE: 20230111: VCS: https://salsa.debian.org/erlang-team/packages/erlang NOTE: 20230111: Maintainer notes: Coordinate with maintainer, whether their VCS can be used. Mail send to mailing list. -- +firefox-esr (Emilio) +-- fusiondirectory NOTE: 20221203: Programming language: PHP. NOTE: 20221203: Please evaluate, whether the package can be fixed (gladk). @@ -287,6 +289,8 @@ sssd NOTE: 20230131: Programming language: C. NOTE: 20230205: VCS: https://salsa.debian.org/lts-team/packages/sssd.git -- +thunderbird (Emilio) +-- tinymce NOTE: 20221227: Programming language: PHP. NOTE: 20230206: VCS: https://salsa.debian.org/lts-team/packages/tinymce.git View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f55d70740f4f321581e75ad365bae26f5a5cf71 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f55d70740f4f321581e75ad365bae26f5a5cf71 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 4e777964 by Emilio Pozuelo Monfort at 2023-03-15T11:53:31+01:00 lts: take firefox-esr - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -58,6 +58,8 @@ erlang NOTE: 20230111: VCS: https://salsa.debian.org/erlang-team/packages/erlang NOTE: 20230111: Maintainer notes: Coordinate with maintainer, whether their VCS can be used. -- +firefox-esr (Emilio) +-- firmware-nonfree (tobi) NOTE: 20220906: Consider to check the severity of the issues again and judge whether a correction is worth it. NOTE: 20221204: Coming soon in the first week of December. (apo) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e7779647aedad1ae8d1ab50a1d93c4b17818b40 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e7779647aedad1ae8d1ab50a1d93c4b17818b40 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: fa9d4779 by Emilio Pozuelo Monfort at 2023-02-15T14:24:44+01:00 lts: take firefox-esr - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -51,6 +51,8 @@ erlang NOTE: 20230111: VCS: https://salsa.debian.org/erlang-team/packages/erlang NOTE: 20230111: Maintainer notes: Coordinate with maintainer, whether their VCS can be used. -- +firefox-esr (Emilio) +-- firmware-nonfree NOTE: 20220906: Consider to check the severity of the issues again and judge whether a correction is worth it. NOTE: 20221204: Coming soon in the first week of December. (apo) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa9d47790867680485b778f6028547f57ebd4f97 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fa9d47790867680485b778f6028547f57ebd4f97 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 046bf5f7 by Emilio Pozuelo Monfort at 2023-01-17T13:04:55+01:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -61,6 +61,8 @@ fig2dev NOTE: 20230105: Programming language: C. NOTE: 20230105: Harmonize with bullseye 11.5 and stretch (Beuc/front-desk) -- +firefox-esr (Emilio) +-- firmware-nonfree NOTE: 20220906: Consider to check the severity of the issues again and judge whether a correction is worth it. NOTE: 20221204: Coming soon in the first week of December. (apo) @@ -329,6 +331,8 @@ sox NOTE: 20221003: https://sourceforge.net/p/sox/bugs/362/ Re-pinged upstream committer (abhijith) NOTE: 20230111: VCS: https://salsa.debian.org/lts-team/packages/sox.git -- +thunderbird (Emilio) +-- tiff (Sylvain Beucler) NOTE: 20221031: Programming language: C. NOTE: 20221031: VCS: https://salsa.debian.org/lts-team/packages/tiff.git View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/046bf5f7c741b111dc8d058d03478ffe1c642c21 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/046bf5f7c741b111dc8d058d03478ffe1c642c21 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: a3cfa8d9 by Emilio Pozuelo Monfort at 2022-12-13T14:03:17+01:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -45,6 +45,8 @@ erlang exiv2 (Helmut Grohne) NOTE: 20221119: Programming language: C. -- +firefox-esr (Emilio) +-- firmware-nonfree (Markus Koschany) NOTE: 20220906: Consider to check the severity of the issues again and judge whether a correction is worth it. NOTE: 20221204: Coming soon in the first week of December. (apo) @@ -300,6 +302,8 @@ sox NOTE: 20220818: Requires some investigation; see #1012138 etc. NOTE: 20221003: https://sourceforge.net/p/sox/bugs/362/ Re-pinged upstream committer (abhijith) -- +thunderbird (Emilio) +-- tiff NOTE: 20221031: Programming language: C. NOTE: 20221031: VCS: https://salsa.debian.org/lts-team/packages/tiff.git View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3cfa8d955836509d30f43da53e9473f1e5bfaf2 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a3cfa8d955836509d30f43da53e9473f1e5bfaf2 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 0dc432ac by Emilio Pozuelo Monfort at 2022-11-15T19:51:04+01:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -44,6 +44,8 @@ curl NOTE: 20220904: VCS: https://salsa.debian.org/lts-team/packages/curl.git NOTE: 20220904: Special attention: high popcon!. -- +firefox-esr (Emilio) +-- firmware-nonfree NOTE: 20220906: Consider to check the severity of the issues again and judge whether a correction is worth it. -- @@ -361,6 +363,8 @@ sox NOTE: 20220818: Requires some investigation; see #1012138 etc. NOTE: 20221003: https://sourceforge.net/p/sox/bugs/362/ Re-pinged upstream committer (abhijith) -- +thunderbird (Emilio) +-- tiff NOTE: 20221031: Programming language: C. NOTE: 20221031: VCS: https://salsa.debian.org/lts-team/packages/tiff.git View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0dc432acb5cf5ed32b02e34f6b2ea3b3c9b251c4 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0dc432acb5cf5ed32b02e34f6b2ea3b3c9b251c4 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: fdbb25ae by Emilio Pozuelo Monfort at 2022-10-19T10:55:26+02:00 lts: take firefox-esr - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -38,6 +38,8 @@ exiv2 NOTE: 20220819: Programming language: C++. NOTE: 20220819: https://github.com/Exiv2/exiv2/commit/109d5df7abd329f141b500c92a00178d35a6bef3#diff-bd28aafd4c87975a3a236af74c2200db447587fa0bb4f43ba9beb98738c77b2aL292 does not directly apply, but a very quick glance suggests the earlier code may be equally vulnerable. (Chris Lamb) -- +firefox-esr (Emilio) +-- firmware-nonfree NOTE: 20220906: Consider to check the severity of the issues again and judge whether a correction is worth it. -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fdbb25ae9d364b384542fa1daff0b7fe3d075b35 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fdbb25ae9d364b384542fa1daff0b7fe3d075b35 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 647b6eb7 by Emilio Pozuelo Monfort at 2022-09-21T09:59:22+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -36,6 +36,8 @@ exiv2 (Roberto C. Sánchez) NOTE: 20220819: Programming language: C++. NOTE: 20220819: https://github.com/Exiv2/exiv2/commit/109d5df7abd329f141b500c92a00178d35a6bef3#diff-bd28aafd4c87975a3a236af74c2200db447587fa0bb4f43ba9beb98738c77b2aL292 does not directly apply, but a very quick glance suggests the earlier code may be equally vulnerable. (Chris Lamb) -- +firefox-esr (Emilio) +-- firmware-nonfree NOTE: 20220906: Consider to check the severity of the issues again and judge whether a correction is worth it. -- @@ -175,6 +177,8 @@ sox (Abhijith PA) NOTE: 20220818: Programming language: C. NOTE: 20220818: Requires some investigation; see #1012138 etc. -- +thunderbird (Emilio) +-- trafficserver NOTE: 20220905: Programming language: C. -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/647b6eb7fe43f59187a561f8fc9f17aa589cfcc6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/647b6eb7fe43f59187a561f8fc9f17aa589cfcc6 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 99278b4a by Emilio Pozuelo Monfort at 2022-06-28T14:35:30+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -51,6 +51,8 @@ exempi NOTE: 20220517: A lot of packages reverse depends on libexmpi8. Further analysis NOTE: 20220517: is needed. -- +firefox-esr (Emilio) +-- firejail (Sylvain Beucler) NOTE: 20220616: Programming language: C -- @@ -292,6 +294,8 @@ systemd NOTE: 20220524: nor DLA-2715-1; the issue looks somewhat invasive to fix but at the NOTE: 20220524: same time is severe and was fixed in other old distros (Beuc/front-desk) -- +thunderbird (Emilio) +-- tiff NOTE: 20220529: Programming language: C. NOTE: 20220404: jessie upload at https://salsa.debian.org/lts-team/packages/tiff. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99278b4ae4da3ece5337d615e67b496bcdedee7b -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/99278b4ae4da3ece5337d615e67b496bcdedee7b You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: ceed33d3 by Emilio Pozuelo Monfort at 2022-06-01T01:33:09+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -72,6 +72,8 @@ exempi NOTE: 20220517: A lot of packages reverse depends on libexmpi8. Further analysis NOTE: 20220517: is needed. -- +firefox-esr (Emilio) +-- firmware-nonfree (Markus Koschany) NOTE: 20220529: Programming language: binary blob. NOTE: 20210731: WIP: https://salsa.debian.org/lts-team/packages/firmware-nonfree @@ -323,7 +325,7 @@ systemd NOTE: 20220524: nor DLA-2715-1; the issue looks somewhat invasive to fix but at the NOTE: 20220524: same time is severe and was fixed in other old distros (Beuc/front-desk) -- -thunderbird +thunderbird (Emilio) NOTE: 20220529: Programming language: C++. NOTE: 20220527: DSA-5141-1 & DLA-3020-1 were just released, but thunderbird NOTE: 20220527: is back in dsa-needed.txt with 2 new CVEs (Beuc/front-desk) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ceed33d393e62e3992e92393e239a9cd401d3406 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ceed33d393e62e3992e92393e239a9cd401d3406 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 9f590002 by Emilio Pozuelo Monfort at 2022-05-23T09:50:27+02:00 lts: take firefox-esr - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -48,7 +48,7 @@ exempi NOTE: 20220517: A lot of packages reverse depends on libexmpi8. Further analysis NOTE: 20220517: is needed. -- -firefox-esr +firefox-esr (Emilio) NOTE: 20220522: From the description this looks criticial. Did not check whether the code is vulnerable or not. Leaving that to someone else. -- firmware-nonfree View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f590002a31bd1d06267cf6aee7181ae59267a69 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f590002a31bd1d06267cf6aee7181ae59267a69 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 576f61df by Emilio Pozuelo Monfort at 2022-05-04T09:52:59+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -51,6 +51,8 @@ debian-security-support (Utkarsh) ffmpeg (enrico) NOTE: 20220503: update to 3.2.17 (pochu) -- +firefox-esr (Emilio) +-- firmware-nonfree NOTE: 20210731: WIP: https://salsa.debian.org/lts-team/packages/firmware-nonfree NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding possible "ignore" tag @@ -169,6 +171,8 @@ subversion (Roberto C. Sánchez) NOTE: 20220422: and, once applied manually, appears to break multiple and possibly unrelated parts of the testsuite. (lamby) NOTE: 20220501: Done some analysis, worked on a patch, cannot find a way to test it, mailed results to Roberto C. Sánchez (enrico) -- +thunderbird (Emilio) +-- tiff (Utkarsh) NOTE: 20220404: jessie upload at https://salsa.debian.org/lts-team/packages/tiff. NOTE: 20220404: if that works out well, I'll roll the same for stretch. (utkarsh) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/576f61df31b174caebac481b216e9f0cb290cb84 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/576f61df31b174caebac481b216e9f0cb290cb84 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 313c381b by Emilio Pozuelo Monfort at 2022-04-05T12:38:25+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -31,6 +31,8 @@ debian-security-support (Utkarsh) NOTE: 20220402: check debian/README.source, sync with h01ger, and announce EOL'd packages (Beuc) NOTE: 20220402: context: https://lists.debian.org/debian-lts/2022/04/msg0.html (Beuc) -- +firefox-esr (Emilio) +-- firmware-nonfree NOTE: 20210731: WIP: https://salsa.debian.org/lts-team/packages/firmware-nonfree NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding possible "ignore" tag @@ -143,6 +145,8 @@ sox NOTE: 20220326: CVE-2019-13590 is fixed in git (Anton) NOTE: 20220326: fix for CVE-2021-40426 is not yet available (Anton) -- +thunderbird (Emilio) +-- tiff (Utkarsh) NOTE: 20220404: jessie upload at https://salsa.debian.org/lts-team/packages/tiff. NOTE: 20220404: if that works out well, I'll roll the same for stretch. (utkarsh) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/313c381b07dbf3c20f8784ca78c459c1a63891a6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/313c381b07dbf3c20f8784ca78c459c1a63891a6 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: b063754f by Emilio Pozuelo Monfort at 2022-03-08T18:15:00+01:00 lts: take firefox-esr - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -32,6 +32,8 @@ debian-archive-keyring (Anton) NOTE: 20211018: with him and upload and publish the DLA. (utkarsh) NOTE: 20220307: WIP (Anton) -- +firefox-esr (Emilio) +-- firmware-nonfree (Markus Koschany) NOTE: 20210731: WIP: https://salsa.debian.org/lts-team/packages/firmware-nonfree NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding possible "ignore" tag View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b063754fd17acf52bdc894fd20a5e5680fd20559 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b063754fd17acf52bdc894fd20a5e5680fd20559 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 3854a594 by Emilio Pozuelo Monfort at 2022-03-07T08:03:32+01:00 lts: take firefox-esr - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -32,6 +32,8 @@ debian-archive-keyring (Anton) expat (Emilio) NOTE: 20220221: please wait for DSA first. (Anton) -- +firefox-esr (Emilio) +-- firmware-nonfree (Markus Koschany) NOTE: 20210731: WIP: https://salsa.debian.org/lts-team/packages/firmware-nonfree NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding possible "ignore" tag View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3854a59457336102a223cbe1f12590e12ddcb9a6 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3854a59457336102a223cbe1f12590e12ddcb9a6 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: b8b3b16c by Emilio Pozuelo Monfort at 2022-02-08T09:54:44+01:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -35,6 +35,8 @@ debian-edu-config NOTE: 20220204: upcoming DSA (Beuc) NOTE: 20220206: Mike told he'll take care of the DLA himself. (utkarsh) -- +firefox-esr (Emilio) +-- firmware-nonfree (Markus Koschany) NOTE: 20210731: WIP: https://salsa.debian.org/lts-team/packages/firmware-nonfree NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding possible "ignore" tag @@ -85,6 +87,8 @@ samba NOTE: 20220110: fix applied, but will need a second opinion. (utkarsh) NOTE: 20220125: ftbfs, wip. (utkarsh) -- +thunderbird (Emilio) +-- ujson (Anton) NOTE: 20220121: please reheck, at least the mentioned function is available in Stretch NOTE: 20220206: https://salsa.debian.org/lts-team/packages/ujson Investigating, whether affected or not (Anton) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8b3b16cbc0a0b0fdd374f2861d9f58244f9647d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8b3b16cbc0a0b0fdd374f2861d9f58244f9647d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 8b210808 by Emilio Pozuelo Monfort at 2022-01-11T15:34:31+01:00 lts: take firefox-esr - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -42,6 +42,8 @@ debian-archive-keyring -- expat -- +firefox-esr (Emilio) +-- firmware-nonfree (Markus Koschany) NOTE: 20210731: WIP: https://salsa.debian.org/lts-team/packages/firmware-nonfree NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding possible "ignore" tag View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b21080805bdefb57b35222d1397494c36d5c8aa -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b21080805bdefb57b35222d1397494c36d5c8aa You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 3fbc2270 by Emilio Pozuelo Monfort at 2021-10-06T13:19:56+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -41,6 +41,8 @@ faad2 (Thorsten Alteholz) ffmpeg (Anton Gladky) NOTE: probably wait until stuff is fixed in Buster -- +firefox-esr (Emilio) +-- firmware-nonfree NOTE: 20210731: WIP: https://salsa.debian.org/lts-team/packages/firmware-nonfree NOTE: 20210828: Most CVEs are difficult to backport. Contacted Ben regarding possible "ignore" tag @@ -112,3 +114,5 @@ smarty3 squashfs-tools (Thorsten Alteholz) NOTE: 20210926: coordinate with upload to other releases -- +thunderbird (Emilio) +-- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3fbc2270c3b00018cf55c61ba3af1e8c81c4b68d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3fbc2270c3b00018cf55c61ba3af1e8c81c4b68d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 568b260c by Emilio Pozuelo Monfort at 2021-09-08T10:52:11+02:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -29,7 +29,7 @@ cacti (Roberto C. Sánchez) debian-archive-keyring (Utkarsh) NOTE: https://lists.debian.org/debian-lts/2021/08/msg00037.html -- -firefox-esr +firefox-esr (Emilio) -- firmware-nonfree NOTE: 20210731: WIP: https://salsa.debian.org/lts-team/packages/firmware-nonfree @@ -118,3 +118,5 @@ smarty3 (Abhijith PA) sssd (Anton Gladky) NOTE: Prepared repo -- +thunderbird (Emilio) +-- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/568b260c4c53164e76f2ae9d658851b3e0f90446 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/568b260c4c53164e76f2ae9d658851b3e0f90446 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 6b908c33 by Emilio Pozuelo Monfort at 2021-03-24T09:15:57+01:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -48,6 +48,8 @@ edk2 -- freediameter (Thorsten Alteholz) -- +firefox-esr (Emilio) +-- firmware-nonfree NOTE: 20201207: wait for the update in buster and backport that (Emilio) -- @@ -148,6 +150,8 @@ spotweb subversion (Thorsten Alteholz) NOTE: 20210322: have a look at #985556 and #948834 -- +thunderbird (Emilio) +-- xmlbeans (Roberto C. Sánchez) NOTE: 20210222: Affected code changed significantly from 2.6.0 to 3.0.0 (the NOTE: 20210222: upstream release with the fix). Trying to determine how to View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b908c33196ab0a6558fde140b7ae5edd3b661a1 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6b908c33196ab0a6558fde140b7ae5edd3b661a1 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] lts: take firefox-esr and thunderbird
Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: c5691f80 by Emilio Pozuelo Monfort at 2020-11-17T19:24:00+01:00 lts: take firefox-esr and thunderbird - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -50,6 +50,8 @@ f2fs-tools NOTE: 20200815: About CVE-2020-6070. The fix got introduced between 1.12.0 and 1.13.0, but it is not trivial to NOTE: 20200815: to detect which of the patches correlates to the CVE. Contacting upstream might be necessary. (sunweaver) -- +firefox-esr (Emilio) +-- firmware-nonfree (Emilio) -- freerdp (Abhijith PA) @@ -178,6 +180,8 @@ snapd (Brian May) -- spice-vdagent (Abhijith PA) -- +thunderbird (Emilio) +-- webcit (Markus Koschany) -- wireshark (Adrian Bunk) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5691f80dbbd92db584c91151926adac2d07ca38 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5691f80dbbd92db584c91151926adac2d07ca38 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits