Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3f4661d4 by Sylvain Beucler at 2022-05-24T09:18:57+02:00
dla: add modsecurity-apache
- - - - -
c5ced46f by Sylvain Beucler at 2022-05-24T09:18:57+02:00
dla: add modsecurity-crs
- - - - -
1
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
02b03478 by Sylvain Beucler at 2022-05-23T18:32:53+02:00
dla: add libjpeg-turbo
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cef7f5f0 by Sylvain Beucler at 2022-05-23T17:56:50+02:00
dla: add manila
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e5d0646d by Sylvain Beucler at 2022-05-23T17:40:59+02:00
dla: add libdbi-perl
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8a668723 by Sylvain Beucler at 2022-05-23T17:15:54+02:00
dla: add lemonldap-ng
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d5f4ee68 by Sylvain Beucler at 2022-05-23T16:58:00+02:00
dla: add isync
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
18e6e036 by Sylvain Beucler at 2022-05-23T16:51:32+02:00
dla: add irssi
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
65a38eda by Sylvain Beucler at 2022-05-23T16:31:18+02:00
dla: clarify comments made with front-desk hat
- - - - -
501d40bc by Sylvain Beucler at 2022-05-23T16:37:02+02:00
dla: add horizon
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
96fa9a9e by Sylvain Beucler at 2022-05-23T15:43:51+02:00
dla: add haproxy
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
93e69d19 by Sylvain Beucler at 2022-05-23T15:26:05+02:00
dla: add glib2.0
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
90e8ed4c by Sylvain Beucler at 2022-05-23T15:21:48+02:00
CVE-2018-1000825/freecol: stretch end-of-life
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
79df5705 by Sylvain Beucler at 2022-05-23T15:17:32+02:00
dla: add filezilla
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
93fe2045 by Sylvain Beucler at 2022-05-23T15:09:05+02:00
CVE-2018-20196/faad2: drop postponed entry for stretch
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e4353990 by Sylvain Beucler at 2022-05-23T15:05:21+02:00
CVE-2020-20902/ffmpeg: fixed through DLA-3010-1
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes
Hi,
In LTS triage, 'packages-to-support' is only relevant for non-free packages.
Some sponsors requested updates for nvidia-graphics-drivers, so even if
it is in (unsupported) non-free, LTS supports it.
However no sponsors requested updates for (separate)
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6abf09a9 by Sylvain Beucler at 2022-05-23T14:37:23+02:00
CVE-2018-20196/faad2: fixed through DSA-4522-1
- - - - -
1 changed file:
- data/DSA/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d98e18b7 by Sylvain Beucler at 2022-05-23T14:18:48+02:00
CVE-2022-28181,CVE-2022-28185/nvidia-graphics-drivers-legacy-340xx: stretch
ignored
- - - - -
1 changed file:
- data/CVE/list
Changes
Hello Christoph,
On 23/05/2022 10:04, Christoph Berg wrote:
Re: Sylvain Beucler
According to the LTS files, you plan to take care of postgresql-9.6 security
updates for stretch.
I had told the security team that I do *not* intend to updated 9.6 in
stretch. I guess that got noted incorrectly
upstream since 2021-11
https://www.postgresql.org/support/versioning/
so if this changes anything in your plans please let me know.
Cheers!
Sylvain Beucler
Debian LTS Team
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6e3c133e by Sylvain Beucler at 2022-05-23T11:03:03+02:00
CVE-2018-1311/xerces-c: harmonize triaging with buster
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
732a513b by Sylvain Beucler at 2022-05-23T10:56:30+02:00
dla: add dpdk
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
09199456 by Sylvain Beucler at 2022-05-23T10:49:25+02:00
dla: add cyrus-imapd
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
df339ba3 by Sylvain Beucler at 2022-05-23T10:23:59+02:00
dla: add mailman
- - - - -
916c912b by Sylvain Beucler at 2022-05-23T10:23:59+02:00
dla: add atftp
- - - - -
63c04e9c by Sylvain Beucler
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
87be6155 by Sylvain Beucler at 2022-05-23T09:33:39+02:00
dla: assign postgresql-9.6 to Christoph Berg as per data/packages/lts-do-call-me
- - - - -
1 changed file:
- data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f0f0522f by Sylvain Beucler at 2022-05-23T09:24:37+02:00
dla: add postgresql-9.6
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Hi Mike,
On 21/05/2022 10:45, Mike Gabriel wrote:
as I have a company interest in Horde and thus in ckeditor3, I'd be
happy to co-fund work hours on ckeditor3. Esp. because ckeditor3 in
unstable needs the same love as in LTS. And we are currently working on
upgrading the company mailserver.
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b4933652 by Sylvain Beucler at 2022-05-21T10:38:20+02:00
ckeditor3: link related ckeditor CVEs
follow-up to 9a55e943bca823e36337c8b47cd65adcf0405fd4
- - - - -
1 changed file:
- data/CVE/list
Hi all,
On 12/05/2022 08:35, Mike Gabriel wrote:
On Tue, May 10, 2022 at 12:31:46PM +0200, Sylvain Beucler wrote:
On 08/05/2022 21:17, Salvatore Bonaccorso wrote:
Now, php-horde-editor is the only rdepends of ckeditor3.
IMHO we need to do a re-evaluation of the current CVEs for ckeditor
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9a55e943 by Sylvain Beucler at 2022-05-21T09:50:59+02:00
ckeditor3: link related ckeditor CVEs
See https://lists.debian.org/debian-lts/2022/05/msg00018.html
- - - - -
1 changed file:
- data/CVE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3016-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
May 20, 2022
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
82908a92 by Sylvain Beucler at 2022-05-20T15:34:31+02:00
Reserve DLA-3016-1 for rsyslog
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b1ac88cb by Sylvain Beucler at 2022-05-19T15:21:25+02:00
CVE-2022-24903/rsyslog: clarify introductory patches
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7a04b929 by Sylvain Beucler at 2022-05-19T08:56:37+02:00
CVE-2022-24903/rsyslog: reference more introductory patches
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
81941f17 by Sylvain Beucler at 2022-05-19T08:30:21+02:00
CVE-2022-24903/rsyslog: documentation relationship with CVE-2018-16881
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2d995b7b by Sylvain Beucler at 2022-05-17T16:49:35+02:00
dla: claim rsyslog
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Hi,
On 17/05/2022 15:37, Anton Gladky wrote:
As far as I understand all of those packages can be
added into the dla-needed without pre-review? Why not just
put all of them together.
Some can be added to dla-needed.txt, some need finer triage (e.g. no-dsa
-> ignored); and some may be false
is section is where we are late compared to stable/oldstable, where
CVEs are already fixed and published in Debian, but not in Debian LTS,
sometimes months after.
This sounds more urgent to me than checking untriaged CVEs, hence why
it's output before. So I'd keep the ordering as-is.
Cheers!
Sylvain Beucler
Debian LTS Team
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1fb5ae3d by Sylvain Beucler at 2022-05-17T12:03:51+02:00
dla: update ckeditor status
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Hello Salvatore,
On 08/05/2022 21:17, Salvatore Bonaccorso wrote:
On Fri, May 06, 2022 at 09:23:27PM +0200, Sylvain Beucler wrote:
Hello Security Team,
I'm currently checking 'ckeditor' (v4), an HTML editor for web applications,
currently v4), for vulnerabilities to fix.
(I may send
!
Sylvain Beucler
Debian LTS Team
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cbf06ae8 by Sylvain Beucler at 2022-05-04T17:37:05+02:00
CVE-2021-26272/ckeditor: reference patch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f267c3e8 by Sylvain Beucler at 2022-05-04T16:56:50+02:00
dla: libz-mingw-w64 triage notes
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9c0b365a by Sylvain Beucler at 2022-05-02T19:14:53+02:00
CVE-2018-17960/ckeditor: stretch ignored
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1a7f87d2 by Sylvain Beucler at 2022-05-02T18:09:41+02:00
dla: claim ckeditor
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5958df03 by Sylvain Beucler at 2022-05-02T18:04:07+02:00
dla: minor clarifications/formatting
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
- triage: precise how to use the 'oldstable' report
https://wiki.debian.org/LTS/Development?action=diff=289=288
- Internal discussions
- Unsupported packages in jessie and stretch ELTS
- Documenting specific procedures for packages
- Jitsi meeting
--
Sylvain Beucler
Debian LTS Team
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-2986-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
April 28, 2022
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-2985-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
April 28, 2022
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
beccce19 by Sylvain Beucler at 2022-04-28T11:36:00+02:00
Reserve DLA-2986-1 for golang-1.8
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
89ddeab6 by Sylvain Beucler at 2022-04-28T11:35:20+02:00
Reserve DLA-2985-1 for golang-1.7
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fabdec5d by Sylvain Beucler at 2022-04-21T17:48:31+02:00
dla: claim golang
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d2b62c39 by Sylvain Beucler at 2022-04-21T17:16:58+02:00
lts-cve-triage: triage_possible_missed_fixes: skip packages already in
dla-needed
- - - - -
1 changed file:
- bin/lts-cve-triage.py
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4c274565 by Sylvain Beucler at 2022-04-21T09:08:59+02:00
CVE-2020-14983/chocolate-doom: precise stretch triage
- - - - -
617fa593 by Sylvain Beucler at 2022-04-21T09:10:04+02:00
CVE-2018-1311
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
52b3b18f by Sylvain Beucler at 2022-04-21T08:51:31+02:00
node-*: clarify stretch triage
- - - - -
ba251893 by Sylvain Beucler at 2022-04-21T08:54:47+02:00
Revert lts-cve-triage.py changes
wrote:
I have just tested the patch and it really produces much more packages
to be triaged and they are really reasonable!
I would propose to merge it into the master branch and start to use it.
Thanks for that!
Am Mi., 20. Apr. 2022 um 20:54 Uhr schrieb Sylvain Beucler
mailto:b...@beuc.net
for your work! Could you please create a merge request,
so we can discuss this nice improvement there?
Regards
Am Mi., 20. Apr. 2022 um 17:33 Uhr schrieb Sylvain Beucler
mailto:b...@beuc.net>>:
Now with the patch.
On Wed, Apr 20, 2022 at 05:08:20PM +0200, Sylvain Beucler
Now with the patch.
On Wed, Apr 20, 2022 at 05:08:20PM +0200, Sylvain Beucler wrote:
> During my last front-desk week I noticed that we tend to miss or delay
> some buster security updates, in particular those that come in point
> releases, and a few batches of minor postponed fi
'
sparingly in the future, in favor of its 'postponed' and 'ignored'
sub-states [4], so as to better help the tool.
What do you think?
Cheers!
Sylvain Beucler
Debian LTS Team
[1] https://security-tracker.debian.org/tracker/source-package/dpdk
[2] https://security-tracker.debian.org/tracker/source-package
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
14d3df2f by Sylvain Beucler at 2022-04-14T16:15:54+02:00
lts-cve-triage: support debian-security-support patterns
e.g. better analysis for node-moment and
golang-github-prometheus-client-golang
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bba95208 by Sylvain Beucler at 2022-04-14T15:45:41+02:00
CVE-2018-1311/xerces-c: reference stretch mitigation
- - - - -
1 changed file:
- data/CVE/list
Changes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-2981-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Sylvain Beucler
April 13, 2022
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
83a46f9b by Sylvain Beucler at 2022-04-13T14:38:50+02:00
Reserve DLA-2981-1 for lrzip
- - - - -
3 changed files:
- data/CVE/list
- data/DLA/list
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9cf66e4a by Sylvain Beucler at 2022-04-12T17:59:43+02:00
dla: add lrzip
Following work on a lrzip ELA, 2 CVEs were opened in the
security-tracker (1 undetermined-unfixed, one fixed-unfixed).
Front
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
87756264 by Sylvain Beucler at 2022-04-12T10:43:58+02:00
CVE-2018-5786/lrzip: stretch unfixed
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f5664051 by Sylvain Beucler at 2022-04-09T18:53:42+02:00
lrzip: document CVE-2021-27345/CVE-2021-27347/CVE-2022-26291 relationship
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8b151868 by Sylvain Beucler at 2022-04-09T17:20:10+02:00
CVE-2017-9928/lrzip: reference fixing commit
- - - - -
60718c50 by Sylvain Beucler at 2022-04-09T17:20:11+02:00
CVE-2017-9929/lrzip
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b000148e by Sylvain Beucler at 2022-04-09T15:51:39+02:00
CVE-2018-9058/lrzip: fixed in stretch
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
33f8c91e by Sylvain Beucler at 2022-04-09T15:18:09+02:00
CVE-2021-27345,CVE-2021-27347/lrzip: reference fixing commit and upload
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7e920853 by Sylvain Beucler at 2022-04-09T14:55:04+02:00
CVE-2020-25467/lrzip: check fixing commit and upload
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c602bf6f by Sylvain Beucler at 2022-04-07T18:21:02+02:00
lrzip: reference CVE-2017-884X unimportant issues fixed by DLA single patch
- - - - -
2 changed files:
- data/CVE/list
- data/DLA/list
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dff2f462 by Sylvain Beucler at 2022-04-07T17:29:55+02:00
CVE-2017-8844/lrzip: reference patch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
39b0ceba by Sylvain Beucler at 2022-04-04T22:25:43+02:00
CVE-2021-25636/libreoffice: revisit stretch triage
Unlike CVE-2021-25633 and CVE-2021-25634, the patch doesnt require the
XSecParser rewrite
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9f39b1f5 by Sylvain Beucler at 2022-04-02T17:51:07+02:00
dla: add ckeditor
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
996cf01d by Sylvain Beucler at 2022-04-02T16:24:57+02:00
lts-cve-triage.py: handle /stable /oldstable notations in dsa-needed.txt
e.g. twig/oldstable
- - - - -
e85386b7 by Sylvain Beucler at 2022
Hi Holger,
On 02/04/2022 14:30, Holger Levsen wrote:
On Fri, Apr 01, 2022 at 12:06:40PM +0200, Sylvain Beucler wrote:
Holger, can you clarify if you want the LTS team to handle
debian-security-support backports to stretch, or if you intend to do it
yourself?
thanks for asking, I'd be glad
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2c77b640 by Sylvain Beucler at 2022-04-02T15:46:39+02:00
dla: add debian-security-support
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2316a1c7 by Sylvain Beucler at 2022-04-02T12:51:01+02:00
dla: add puppet-module-puppetlabs-firewall
- - - - -
1 changed file:
- data/dla-needed.txt
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9eef by Sylvain Beucler at 2022-04-02T12:35:14+02:00
CVE-2022-1049/pcs: stretch not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
faebe3df by Sylvain Beucler at 2022-04-02T12:18:58+02:00
dla: add pdns
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
efcee35d by Sylvain Beucler at 2022-04-02T12:08:16+02:00
dla: add openvpn
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2b73343c by Sylvain Beucler at 2022-04-02T11:57:08+02:00
dla: duplicate golang packages
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
eff18a62 by Sylvain Beucler at 2022-04-02T11:55:56+02:00
CVE-2022-28202,CVE-2022-28203/mediawiki: stretch postponed
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3f7c500f by Sylvain Beucler at 2022-04-02T11:41:21+02:00
dla: add kvmtool
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
185cec50 by Sylvain Beucler at 2022-04-02T11:20:07+02:00
CVE-2022-24763/pjproject: stretch postponed
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
020987e7 by Sylvain Beucler at 2022-04-02T11:15:16+02:00
CVE-2022-23773/golang: stretch not-affected
- - - - -
a16ee2c1 by Sylvain Beucler at 2022-04-02T11:15:16+02:00
dla: add golang
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c385b2f8 by Sylvain Beucler at 2022-04-01T20:07:39+02:00
CVE-2022-/weechat: add reference commit
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
18a5feb5 by Sylvain Beucler at 2022-04-01T19:44:00+02:00
CVE-2022-1154/vim: stretch postponed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE
documentation: proofread / fix typo
https://wiki.debian.org/LTS/Development
- ELTS documentation: newly-supported-packages: improve procedure
--
Sylvain Beucler
Debian LTS Team
Hi,
On 01/04/2022 11:50, Emilio Pozuelo Monfort wrote:
On 03/12/2021 23:50, Markus Koschany wrote:
Am Freitag, dem 03.12.2021 um 14:28 +0100 schrieb Sylvain Beucler:
This year I worked on libspring-java twice for LTS In both case
upstream provided limited information for the CVEs, and for 5
Hi,
On 01/04/2022 11:50, Emilio Pozuelo Monfort wrote:
On 03/12/2021 23:50, Markus Koschany wrote:
Am Freitag, dem 03.12.2021 um 14:28 +0100 schrieb Sylvain Beucler:
This year I worked on libspring-java twice for LTS In both case
upstream provided limited information for the CVEs, and for 5
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
40c3fd9f by Sylvain Beucler at 2022-04-01T10:21:55+02:00
CVE-2022-22965/libspring-java: stretch end-of-life
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
78a5b053 by Sylvain Beucler at 2022-03-31T11:45:49+02:00
dla: golang-go.crypto note
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
93bd22e4 by Sylvain Beucler at 2022-03-31T11:28:44+02:00
dla: add mitmproxy
- - - - -
d65888df by Sylvain Beucler at 2022-03-31T11:31:53+02:00
Revert Mark CVE-2020-5991/nvidia-cude-toolkit
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b045ee4e by Sylvain Beucler at 2022-03-31T10:46:26+02:00
CVE-2022-28202/mediawiki: stretch postponed
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
befae42a by Sylvain Beucler at 2022-03-31T10:38:40+02:00
dla: add libz-mingw-w64
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1a73898b by Sylvain Beucler at 2022-03-31T10:34:22+02:00
CVE-2021-44906/node-minimist: stretch end-of-life
- - - - -
1 changed file:
- data/CVE/list
Changes
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e6fdd805 by Sylvain Beucler at 2022-03-31T10:24:22+02:00
CVE-2021-41736,CVE-2021-41737/faust: stretch postponed
- - - - -
3dd1fc06 by Sylvain Beucler at 2022-03-31T10:24:23+02:00
CVE-2021-23556
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
771031e8 by Sylvain Beucler at 2022-03-31T09:23:50+02:00
CVE-2022-26291/lrzip: stretch postponed
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f139b125 by Sylvain Beucler at 2022-03-30T09:57:19+02:00
dla: add openjpeg2
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0114476e by Sylvain Beucler at 2022-03-30T09:41:20+02:00
qemu/CVE-2022-1050: stretch not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data
701 - 800 of 8893 matches
Mail list logo