Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
07f19f44 by Sylvain Beucler at 2023-06-20T18:13:02+02:00
CVE-2023-28100,CVE-2023-28101/flatpak: reference patches
- - - - -
d686a698 by Sylvain Beucler at 2023-06-20T18:14:28+02:00
dla: add flatpak
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
23ac21a6 by Sylvain Beucler at 2023-06-20T17:46:50+02:00
dla: add suricata
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
432406f1 by Sylvain Beucler at 2023-06-20T11:24:07+02:00
dla: trace note author
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Hi,
On 17/06/2023 22:14, Roberto C. Sánchez wrote:
My opinion is that the package should be added to dla-needed.txt with
a note linking to this thread on the mailing list.
[snip]
There should also be a note there to consider backporting a new upstream
release once the security team decides
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
eb579a41 by Sylvain Beucler at 2023-06-20T11:01:38+02:00
dla: add renderdoc
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4265b5b2 by Sylvain Beucler at 2023-06-20T10:13:19+02:00
CVE-2023-2454,CVE-2023-2455/postgresql: reference patches
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a8569a60 by Sylvain Beucler at 2023-06-19T19:52:20+02:00
dla: add libxpm
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
af39026e by Sylvain Beucler at 2023-06-19T18:51:06+02:00
dla: add hsqldb1.8.0
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f776f37a by Sylvain Beucler at 2023-06-19T17:49:42+02:00
dla: add more context for debian-archive-keyring
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6c460108 by Sylvain Beucler at 2023-06-19T16:43:51+02:00
dla: add php7.3
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
15aad152 by Sylvain Beucler at 2023-06-19T16:39:52+02:00
CVE-2023-3247: reference for php7.3/buster
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
94fdcbaa by Sylvain Beucler at 2023-06-19T15:34:21+02:00
dla: add debian-archive-keyring
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ed2b0fc6 by Sylvain Beucler at 2023-06-19T15:06:58+02:00
dla: add dogecoin
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e65d3c6e by Sylvain Beucler at 2023-06-19T14:52:46+02:00
dogecoin: reference 3 CVEs from common bitcoin codebase
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5e90d069 by Sylvain Beucler at 2023-06-19T13:07:43+02:00
dla: precise rationale for linux
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e8073570 by Sylvain Beucler at 2023-06-19T11:45:07+02:00
dla: trace note author
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
04d5419b by Sylvain Beucler at 2023-06-19T11:22:51+02:00
dla: fix-up xmltooling entry
- - - - -
b2fa71b4 by Sylvain Beucler at 2023-06-19T11:26:22+02:00
dla: reference front-desk procedure
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3454-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
June 13, 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2aec0fa4 by Sylvain Beucler at 2023-06-13T17:11:27+02:00
Reserve DLA-3454-1 for ffmpeg
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
411dee3e by Sylvain Beucler at 2023-06-13T10:15:08+02:00
CVE-2022-3109,CVE-2022-3341/ffmpeg: update buster status
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bd770997 by Sylvain Beucler at 2023-06-12T17:33:55+02:00
dla: claim ffmpeg
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3449-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
June 08, 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b3ea2d11 by Sylvain Beucler at 2023-06-08T18:18:49+02:00
Reserve DLA-3449-1 for openssl
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
005cbe93 by Sylvain Beucler at 2023-06-06T22:41:14+02:00
dla: typo
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e365299f by Sylvain Beucler at 2023-06-03T17:08:35+02:00
CVE-2022-4304,CVE-2023-0465/openssl: reference additional fixes based on
DSA-5417-1
- - - - -
1 changed file:
- data/CVE/list
Changes
some time on the implementation, as part of my
work on LTS.
Do you think this can be achieved, and how?
Cheers!
Sylvain Beucler
Debian LTS Team
some time on the implementation, as part of my
work on LTS.
Do you think this can be achieved, and how?
Cheers!
Sylvain Beucler
Debian LTS Team
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b8f80e40 by Sylvain Beucler at 2023-06-01T12:46:42+02:00
dla: claim openssl
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
said maintainer
- Internal discussions on Git workflow, and packages claimfiles
format/workflow
- IRC Meeting
http://meetbot.debian.net/debian-lts/2023/debian-lts.2023-05-25-13.58.html
--
Sylvain Beucler
Debian LTS Team
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
96456343 by Sylvain Beucler at 2023-05-27T13:43:04+02:00
DLA-3434-1: fix CVE list
- - - - -
1 changed file:
- data/DLA/list
Changes:
=
data/DLA/list
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3434-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
May 27, 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e58de570 by Sylvain Beucler at 2023-05-27T13:31:11+02:00
Reserve DLA-3434-1 for sysstat
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a4fa372b by Sylvain Beucler at 2023-05-26T22:21:48+02:00
dla: fix syntax
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5dc6639b by Sylvain Beucler at 2023-05-26T21:52:08+02:00
dla: sync with lts packages database
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d66921d4 by Sylvain Beucler at 2023-05-25T18:19:38+02:00
CVE-2023-33204/sysstat: link the merging commit which fixes compilation error
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8c27ceb2 by Sylvain Beucler at 2023-05-25T14:30:03+02:00
dla: claim sysstat
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
16b13cfc by Sylvain Beucler at 2023-05-25T11:38:33+02:00
CVE-2020-8492/python2.7: drop obsolete rationale and broken link
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2a496152 by Sylvain Beucler at 2023-05-25T00:10:43+02:00
dla: add authorship to some notes
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3432-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
May 24, 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1c425f85 by Sylvain Beucler at 2023-05-24T19:02:31+02:00
Reserve DLA-3432-1 for python2.7
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
44207d14 by Sylvain Beucler at 2023-05-23T14:06:51+02:00
CVE-2023-24329/python: buster ignored + link follow-up fix
- - - - -
81aaacbb by Sylvain Beucler at 2023-05-23T14:09:23+02:00
CVE-2022-0391
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8e00ad01 by Sylvain Beucler at 2023-05-23T13:31:48+02:00
CVE-2022-0391/python: buster ignored + clarifications
In particular my python3.5/stretch triage led Ubuntu to believe the regression
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7f2bcee1 by Sylvain Beucler at 2023-05-22T09:25:08+02:00
LTS: add sqlite to dla-needed.txt
Front-Desk by-pass rationale:
- FD pingd 2 days ago by tobi (no answer)
- I was responsible for sqlite
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e4db5778 by Sylvain Beucler at 2023-05-20T19:31:01+02:00
CVE-2019-9947/python2.7: reference introductory commit
- - - - -
1 changed file:
- data/CVE/list
Changes
Hi,
On 19/05/2023 21:14, Chris Frey wrote:
On Fri, May 19, 2023 at 08:45:23PM +0200, Sylvain Beucler wrote:
On 05/05/2023 05:14, Chris Frey wrote:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035537
At first glance, it looks like this could lead to data corruption, and hence
the
coreutil's package maintainers input on the subject first (right now the
BTS entry has no replies) :)
Cheers!
Sylvain Beucler
Debian LTS Team
For the record, typo was fixed: libpcap -> libcap2.
Cheers!
Sylvain
On 17/05/2023 12:01, Abhijith PA wrote:
Hello Anton,
From 5b2bcfaa20e12d0c90eb3999fba8b6e942e201ab Mon Sep 17 00:00:00 2001
From: Anton Gladky
Date: Tue, 16 May 2023 22:39:34 +0200
Subject: [PATCH] LTS:
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b78eb356 by Sylvain Beucler at 2023-05-15T22:50:17+02:00
CVE-2019-20907/python2.7: fixed in DLA-2337-1
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e0055c53 by Sylvain Beucler at 2023-05-15T22:28:29+02:00
dla: fix python-ipaddress added date
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
11839c12 by Sylvain Beucler at 2023-05-14T08:26:27+02:00
dla: update python2.7 status
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Hi,
On 11/05/2023 17:22, Tobias Frost wrote:
nvidia-graphics-drivers-legacy-390xx is now uploaded, (tested with some old
GTX770…)
A procedural question:
For the remaining CVE's (and those of nvidia-graphics-drivers), do I mark them
"end-of-life" (e.g by saying in CVE/list:
[buster] -
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bef7bf5d by Sylvain Beucler at 2023-05-05T14:08:22+02:00
CVE-2015-20107/python: drop superseded/unmerged pull request reference
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
288c9c23 by Sylvain Beucler at 2023-05-03T20:38:43+02:00
CVE-2015-20107/python2.7: fix misleading triage
stretch is not supported anymore but the comment is erroneous and may lead to
confusion
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
749a4beb by Sylvain Beucler at 2023-05-03T20:14:06+02:00
sqlite: associate past sqlite3 CVEs to sqlite + buster triage (2013-2019)
Follow-up to afc2c3682db83440621c28005b856e21ebb51907
--
Sylvain Beucler
Debian LTS Team
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
afc2c368 by Sylvain Beucler at 2023-04-29T18:45:13+02:00
sqlite: associate past sqlite3 CVEs to sqlite + buster triage (open + 2020-2022)
See https://lists.debian.org/debian-lts/2023/04/msg00027
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
93e048b5 by Sylvain Beucler at 2023-04-28T16:14:48+02:00
dla: claim python2.7
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3395-2debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
April 20, 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3247a7a2 by Sylvain Beucler at 2023-04-20T22:38:20+02:00
Reserve DLA-3395-2 for golang-1.11
- - - - -
1 changed file:
- data/DLA/list
Changes:
=
data/DLA
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1a84b20b by Sylvain Beucler at 2023-04-19T23:43:24+02:00
DLA-3395-1/golang-1.11: drop fix for CVE-2022-23772
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3395-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
April 19, 2023
Hi,
On 17/04/2023 21:36, Sylvain Beucler wrote:
On 20/03/2023 09:40, Emilio Pozuelo Monfort wrote:
On 17/03/2023 19:39, Raphael Hertzog wrote:
On Thu, 16 Mar 2023, Emilio Pozuelo Monfort wrote:
The result is an improved pipeline with better support for both LTS and
ELTS. [1]
Great work
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
df4f6128 by Sylvain Beucler at 2023-04-19T17:47:48+02:00
Reserve DLA-3395-1 for golang-1.11
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cf04c43b by Sylvain Beucler at 2023-04-19T13:48:49+02:00
golang-1.11: postpone open CVEs unfixed in bullseye
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4a61374d by Sylvain Beucler at 2023-04-19T13:32:10+02:00
CVE-2022-23773/golang-1.11: buster ignored
- - - - -
1 changed file:
- data/CVE/list
Changes
Hi,
On 20/03/2023 09:40, Emilio Pozuelo Monfort wrote:
On 17/03/2023 19:39, Raphael Hertzog wrote:
On Thu, 16 Mar 2023, Emilio Pozuelo Monfort wrote:
The result is an improved pipeline with better support for both LTS and
ELTS. [1]
Great work Emilio!
It would be nice to have all this
y apply really to the
> old code-base. In such a case, add
>
> - sqlite
>
> and triage it further for buster.
So we can do the same as with python2.7, expect this time the LTS Team
members are the only ones adding the '- sqlite ' entries for
new sqlite3 CVEs.
I can proceed to add such entries for the past CVEs and prepare LTS
procedures to ensure this is done, until the end of buster-lts next
year.
Are you OK with this?
Cheers!
Sylvain Beucler
Debian LTS Team
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
68ecea4f by Sylvain Beucler at 2023-04-15T12:28:56+02:00
python2.7: associate past python3.x CVEs to python2.7 (2)
Follow-up to fb0c9868f5bb6a7c5457f397cdfb603d629ef0c3
Compare with python3.7/buster
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
59ccb3a7 by Sylvain Beucler at 2023-04-14T23:40:03+02:00
CVE-2020-28367/golang: reference patch and regression fix
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fb0c9868 by Sylvain Beucler at 2023-04-14T14:45:32+02:00
python2.7: associate past python3.x CVEs to python2.7 + buster triage
See https://lists.debian.org/debian-lts/2023/04/msg00019.html
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fa172b55 by Sylvain Beucler at 2023-04-12T22:33:43+02:00
dla: claim golang-1.11
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2807a546 by Sylvain Beucler at 2023-04-08T20:05:51+02:00
dla: add lldpd
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
396fbe06 by Sylvain Beucler at 2023-04-08T19:44:03+02:00
Typo
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5050da30 by Sylvain Beucler at 2023-04-07T22:29:46+02:00
CVE-2023-0842/node-xml2js: reference upstream issue
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f351f69b by Sylvain Beucler at 2023-04-07T22:06:03+02:00
CVE-2023-24813/php-dompdf: buster not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1dd085d6 by Sylvain Beucler at 2023-04-07T21:06:04+02:00
CVE-2023-28858/redis-py: buster not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
49992412 by Sylvain Beucler at 2023-04-07T20:55:10+02:00
CVE-2022-4899/libzstd: buster not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes
' CLI: for accessing v2
databases, and migrate v2 databases to v3 (AFAICS).
So I'm more inclined to keep it supported for the duration of buster-lts
(package was removed in later dists).
What do you think?
Cheers!
Sylvain Beucler
Debian LTS Team
On 01/04/2023 21:31, Salvatore Bonaccorso wrote
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bd929e22 by Sylvain Beucler at 2023-04-06T13:15:52+02:00
CVE-2023-24536: tidy version tag
- - - - -
472cc4fb by Sylvain Beucler at 2023-04-06T13:15:54+02:00
CVE-2023-24537/golang-1.*: reference
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0040624c by Sylvain Beucler at 2023-04-05T20:03:01+02:00
dla: re-add grunt
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ca3f5556 by Sylvain Beucler at 2023-04-05T12:53:29+02:00
dla: php-cas: clarification
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
02339e2e by Sylvain Beucler at 2023-04-04T20:34:38+02:00
dla: libapache2-mod-auth-openidc: one more CVE to fix
- - - - -
d2caf3e4 by Sylvain Beucler at 2023-04-04T20:44:09+02:00
dla: add grunt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2feba5f6 by Sylvain Beucler at 2023-04-04T20:26:14+02:00
dla: add udisks2
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
60f07ef4 by Sylvain Beucler at 2023-04-04T20:16:14+02:00
dla: salt is now sponsored
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0572e951 by Sylvain Beucler at 2023-04-04T19:59:46+02:00
dla: add libapache2-mod-auth-openidc
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
173ef561 by Sylvain Beucler at 2023-04-04T08:39:01+02:00
CVE-2023-24532/golang-1.11: buster postponed
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b921f844 by Sylvain Beucler at 2023-04-03T19:53:38+02:00
CVE-2023-1436/libjettison-java: reference introductory commit
- - - - -
705ca49b by Sylvain Beucler at 2023-04-03T20:14:08+02:00
TEMP
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cf39b23b by Sylvain Beucler at 2023-04-03T17:33:43+02:00
CVE-2023-1436/libjettison-java: buster postponed
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8a4d78dd by Sylvain Beucler at 2023-04-03T17:15:32+02:00
CVE-2023-0836/haproxy: buster not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d1e87dd7 by Sylvain Beucler at 2023-04-03T15:22:45+02:00
dla: add jruby
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
285112bc by Sylvain Beucler at 2023-04-03T14:54:11+02:00
CVE-2023-*/nvidia-graphics-drivers-legacy-340xx: buster ignored
- - - - -
1 changed file:
- data/CVE/list
Changes
IRC
- User help: seabios buggy in Buster
https://lists.debian.org/debian-lts/2023/03/msg00046.html
- Monthly meeting (via IRC)
http://meetbot.debian.net/debian-lts/2023/debian-lts.2023-03-23-13.58.html
--
Sylvain Beucler
Debian LTS Team
upgrading to bullseye?
Cheers!
Sylvain Beucler
Debian LTS Team
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c4013038 by Sylvain Beucler at 2023-03-29T13:38:33+02:00
CVE-2023-28642/runc: buster fixed
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes
AFAICT we're missing these at security.debian.org/pool/:
- golang-github-mrunalp-fileutils (= 0.0~git20160930.0.4ee1cc9-1)
- golang-github-urfave-cli (= 1.20.0-1)
Could an ftp-master inject these dependencies and re-process the .changes?
Cheers!
Sylvain Beucler
Debian LTS Team
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3369-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
March 27, 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5a55272e by Sylvain Beucler at 2023-03-27T17:34:33+02:00
Fix-up DLA-3369-1
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes:
=
data/CVE
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f78e09f4 by Sylvain Beucler at 2023-03-27T17:31:35+02:00
Reserve DLA-3369-1 for runc
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7b67001c by Sylvain Beucler at 2023-03-24T13:34:44+01:00
CVE-2023-27561/runc: reference superseding PR
- - - - -
1 changed file:
- data/CVE/list
Changes
te somehow?)
If they are not triaged and you do not wish to perform such triage,
would you mind if we do, and do you have recommendations so as to
respect each other's workflows?
Cheers!
Sylvain Beucler
Debian LTS Team
301 - 400 of 8893 matches
Mail list logo