LTS:
glibc:
- Released DLA-3807-1, fixing CVE-2024-2961.
- Fixed and enabled the build tests and autopkgtest.
gst-plugins-base1.0:
- Released DLA-3824-1, fixing CVE-2024-4453.
libkf5ksieve:
- Released DLA-3809-1, fixing CVE-2023-52723.
ELTS:
glibc:
- Released ELA-1087-11, fixing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3824-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
May 30, 2024
LTS:
glibc:
- First part of work released as DLA-3807-1 in May.
gtkwave:
- DLA-3785-1 and DSA-5653-1 were released in April,
but the actual work was done and submitted for review in March.
pillow:
- Determined that CVE-2021-25291 does not affect buster.
- Released DLA-3786-1, fixing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3809-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
May 05, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3807-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
May 04, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3800-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
April 29, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3799-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
April 28, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3798-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
April 28, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3787-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
April 15, 2024
On Sun, Mar 31, 2024 at 10:12:34PM +0800, Sean Whitton wrote:
>...
> - looks like backporting the old branches is what's done in bullseye and
> bookworm; do you know of some reason we're not doing this for buster too?
bind9 in buster provides shared libraries,
with soversion changes in every
On Thu, Apr 11, 2024 at 09:34:00PM +0200, Ola Lundqvist wrote:
>...
> On Thu, 11 Apr 2024 at 15:34, Santiago Ruano Rincón
> wrote:
> ...
> > Taking one of the recent changes to data/CVE/list:
> >
> > @@ -6999,6 +7000,7 @@ CVE-2024-28579 (Buffer Overflow vulnerability in open
> > source FreeImage
On Thu, Apr 11, 2024 at 10:34:13AM -0300, Santiago Ruano Rincón wrote:
>...
> El 11/04/24 a las 08:25, Ola Lundqvist escribió:
>...
> > The ones I have now postponed are of the "local DoS" class. I'm here
> > interpreting that "local DoS" is the same as DoS after human
> > interaction. It is not
On Wed, Apr 10, 2024 at 10:08:51PM +0200, Ola Lundqvist wrote:
> Hi all
Hi Ola,
> Sorry for late reply. It took me too long today to answer the CVE
> triaging discussion. Now to this issue.
>
> Regarding the fedora patches. The patches seem to help for those
> specific issues they solve.
>
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3786-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
April 10, 2024
On Wed, Apr 10, 2024 at 12:17:33PM -0400, Roberto C. Sánchez wrote:
> On Mon, Apr 08, 2024 at 07:56:40PM +0300, Adrian Bunk wrote:
> > On Mon, Apr 08, 2024 at 05:34:47PM +0200, Moritz Muehlenhoff wrote:
> > >
> > > So a useful next step would be to break those reports d
LTS:
cpio:
- Added note that upstream considers CVE-2023-7216 (sole unfixed CVE)
normal behavior.
fontforge:
- Released DLA-3754-1, fixing CVE-2020-5395, CVE-2020-5496,
CVE-2024-25081 and CVE-2024-25082.
- Fixed CVE-2024-25081 and CVE-2024-25082 in sid.
- Fixed CVE-2024-25081 and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3785-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
April 09, 2024
On Mon, Apr 08, 2024 at 05:34:47PM +0200, Moritz Muehlenhoff wrote:
> On Mon, Apr 08, 2024 at 01:59:55PM +0200, Sylvain Beucler wrote:
> > Hi,
> >
> > I think this requires a bit of coordination:
> > - the package is basically dead upstream, there hasn't been a fix in the
> > official repos,
On Mon, Apr 08, 2024 at 12:06:25AM +0200, Ola Lundqvist wrote:
> Hi again
>
> Today I looked at the freeimage package that we have in dla-needed.
> My conclusion is that we have 19 CVEs postponed with motivation "revisit
> when fixed upstream" and 23 CVEs that are in bullseye declared as no-dsa
>
On Thu, Apr 04, 2024 at 11:21:21AM +0200, Emilio Pozuelo Monfort wrote:
> On 29/03/2024 00:06, Adrian Bunk wrote:
>...
> > As already mentioned in #1060407, the ghwdump tool (and manpage) was
> > dropped in 3.3.110 from the upstream sources, and is now in ghdl-tools.
> >
On Sun, Mar 31, 2024 at 01:52:40PM +0200, Moritz Mühlenhoff wrote:
> Hi Adrian,
Hi Moritz,
>...
> > debdiffs contain only changes to debian/
>
> The bookworm/bullseye debdiffs looks good, please upload to security-master,
> thanks!
both are now uploaded.
> Note that both need -sa, but dak
On Mon, Mar 18, 2024 at 09:40:45PM +0100, Moritz Muehlenhoff wrote:
> Emilio Pozuelo Monfort wrote:
> > Small nitpick: a CVE 'ignored' for (old)stable can still be fixed via point
> > release. The sec-team could be contacted to update that triaging, but that's
> > only ignored for
On Thu, Mar 14, 2024 at 04:47:57PM -0400, Roberto C. Sánchez wrote:
> Hello everyone,
>
> I have discussed with Santiago the idea of whether we need to somewhat
> expand the scope of dla-needed.txt.
>
> In essence, we need to continue tracking packages as in-work in some
> cases even after a DLA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3774-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
March 25, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3772-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
March 24, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3771-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
March 24, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3764-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
March 18, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3762-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
March 15, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3760-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
March 14, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3759-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
March 11, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3755-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
March 09, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3754-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
March 08, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3753-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
March 06, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3752-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
March 05, 2024
LTS:
gsoap:
- Released DLA-3745-1, fixing CVE-2020-13574, CVE-2020-13575,
CVE-2020-13576, CVE-2020-13577 and CVE-2020-13578.
wireshark:
- Determined that CVE-2023-2906/wireshark does not affect <= buster.
- Determined that CVE-2023-5371 does not affect <= bullseye.
- Determined that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3746-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
February 29, 2024
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3745-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
February 29, 2024
LTS:
curl:
- Determined that CVE-2022-32207 does not affect <= buster.
- Found and documented a regression in CVE-2023-27534.
- CVE-2022-32207 does not affect <= buster
- Released DLA 3692-1, fixing CVE-2023-28322 and CVE-2023-46218,
also including 2 non-security fixes from contributors.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3692-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
December 19, 2023
On Sat, Dec 16, 2023 at 10:39:08PM -0300, Samuel Henrique wrote:
>...
> On Thu, 30 Nov 2023 at 06:36, Markus Koschany wrote:
> > I have recently triaged CVE-2023-28322 and CVE-2023-27534 for curl as
> > ignored
> > for Buster because I believe those are minor issues. Since you expressed
> >
LTS:
trafficserver:
- Released DLA-3645-1, fixing CVE-2023-41752 and CVE-2023-44487.
galera-3:
- Determined that CVE-2023-5157 in galera-4 does not affect galera-3.
gimp:
- Released DLA-3659-1, fixing CVE-2022-30067, CVE-2023-2
and CVE-2023-4.
- Determined that CVE-2023-3 does
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3679-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
November 30, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3677-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
November 30, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3659-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
November 21, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3645-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
November 05, 2023
LTS:
poppler:
- Confirmed that CVE-2020-18839 is a duplicate of CVE-2020-27778
- Released DLA-3620-1, fixing CVE-2020-23804 CVE-2022-37050 CVE-2022-37051
- PoCs for all 3 CVEs were confirmed to be present in the unfixed
version and fixed in the fixed version
krb:
- Released DLA-3626-1, fixing
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3626-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
October 22, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3620-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
October 16, 2023
DLAs released:
DLA-3593-1 gerbv
CVE-2021-40393 CVE-2021-40394 CVE-2023-4508
DLA-3595-1 trafficserver
CVE-2022-47185 CVE-2023-33934
ELAs released:
ELA-942-2 qpdf (stretch)
regression update
ELA-972-1 exempi (stretch)
CVE-2020-18651 CVE-2020-18652
ELA-974-1 ghostscript (jessie+stretch)
On Tue, Jul 25, 2023 at 11:39:38PM +0200, Guilhem Moulin wrote:
>...
> The Security Team decided not to issue a DSA for that CVE, but it's now fixed
> in
> buster-security (2.2.1-3+deb10u1) as well as sid (2.17.1.1-2), so it makes
> sense
> to fix it via (o)s-pu too.
>...
In all 3 distributions
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3595-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
September 30, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3593-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
September 30, 2023
On Mon, Sep 25, 2023 at 09:26:10PM +0200, Tobias Frost wrote:
> Hi Adrian,
Hi Tobi,
>...
> This sounds it's almost ready, so I think the best thing is if you
> complete the work, so if this is ok with you, please take oever and
> complete the package!
thanks, I've taken it back and will make a
On Sun, Sep 24, 2023 at 11:34:55AM +0200, Tobias Frost wrote:
> Hi Adrian,
Hi Tobias,
> I've just claimed "suricata" for LTS, and the log says that you've
> already worked on the package. Unfortunatly I could not find any
> repository for your LTS changes, if there are some already, can you
>
On Sun, Sep 10, 2023 at 09:22:03PM +0300, Adrian Bunk wrote:
> DLAs released:
>...
> DLA-3552-1 gst-plugins-ugly1.0
> 2 vulnerabilities without CVE numbers assigned
>
>
> ELAs released:
>...
> ELA-941-1 gst-plugins-ugly1.0 (stretch)
> 2 vulnerabilitie
DLAs released:
DLA-3517-1 pdfcrack
CVE-2020-22336
DLA-3519-1 ghostscript
CVE-2023-38559
DLA-3528-1 poppler
CVE-2020-36023 CVE-2020-36024
DLA-3552-1 gst-plugins-ugly1.0
2 vulnerabilities without CVE numbers assigned
ELAs released:
ELA-928-1 poppler (jessie+stretch)
CVE-2020-36023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3552-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
August 31, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3528-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
August 14, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3519-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
August 07, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3517-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
August 06, 2023
DLAs released:
DLA-3497-1 pypdf2
CVE-2023-36810
DLA-3513-1 tiff
CVE-2023-2908 CVE-2023-3316 CVE-2023-3618 CVE-2023-25433
CVE-2023-26965 CVE-2023-26966 CVE-2023-38288 CVE-2023-38289
ELAs released:
ELA-893-1 pypdf2 (stretch)
CVE-2023-36810
ELA-909-1 tiff (jessie+stretch)
CVE-2023-2908
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3513-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
July 31, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3497-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
July 14, 2023
On Thu, Jul 06, 2023 at 01:19:51PM +, Alberto Garcia wrote:
>...
> Bear in mind that supporting older distros means refraining from using
> newer versions of the libraries and build dependencies that Webkit
> uses. This is already complicated, but there's a bigger problem than
> that: it also
DLAs released:
DLA-3443-1 wireshark
CVE-2023-2856 CVE-2023-2858 CVE-2023-2879 CVE-2023-2952
DLA 3445-1 cpio
CVE-2019-14866 CVE-2021-38185
DLA-3470-1 owslib
CVE-2023-27476
DLA-3472-1 libx11
CVE-2023-3138
DLA-3474-1 systemd
CVE-2022-3821
DLA-3475-1 trafficserver
CVE-2022-47184 CVE-2023-30631
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3477-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
June 30, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3475-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
June 30, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3474-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
June 29, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3472-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
June 26, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3470-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
June 25, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3445-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
June 04, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3443-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
June 03, 2023
DLAs released:
DLA-3402-1 wireshark
CVE-2023-1161 CVE-2023-1992 CVE-2023-1993 CVE-2023-1994
DLA-3407-1 jackson-databind
CVE-2020-10650
DLA-3408-1 jruby
CVE-2017-17742 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255
CVE-2020-25613 CVE-2021-31810 CVE-2021-32066 CVE-2023-28755
CVE-2023-28756
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3409-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
April 30, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3408-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
April 30, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3407-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
April 30, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3402-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
April 29, 2023
DLA released:
DLA-3377-1 systemd
CVE-2023-26604
cu
Adrian
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3377-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
March 31, 2023
DLAs released:
DLA-3332-1 apr-util
CVE-2022-25147
DLA-3334-1 sofia-sip
CVE-2022-47516
DLA-3339-1 binwalk
CVE-2022-4510
DLA-3341-1 curl
CVE-2023-23916
DLA-3343-1 mono
CVE-2023-26314
A DLA for emacs was prepared, but is waiting for confirmation
that a regression that was discovered in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3343-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
February 24, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3341-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
February 24, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3339-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
February 23, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3334-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
February 22, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3332-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
February 21, 2023
DLAs released:
DLA-3292-1 sofia-sip
CVE-2023-22741
DLA-3304-1 fig2dev
CVE-2020-21529 CVE-2020-21531 CVE-2020-21532 CVE-2020-21676
CVE-2021-32280
DLA-3305-1 libstb
CVE-2018-16981 CVE-2019-13217 CVE-2019-13218 CVE-2019-13219
CVE-2019-13220 CVE-2019-13221 CVE-2019-13222 CVE-2019-13223
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3305-1debian-...@lists.debian.org
https://www.debian.org/lts/security/Adrian Bunk
January 31, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3304-1debian-...@lists.debian.org
https://www.debian.org/lts/security/Adrian Bunk
January 31, 2023
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-3292-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
January 29, 2023
Hours worked:
70.75 hours
DLAs released:
DLA-2849-1 wireshark
CVE-2021-22207 CVE-2021-22235 CVE-2021-39921 CVE-2021-39922
CVE-2021-39923 CVE-2021-39924 CVE-2021-39925 CVE-2021-39928
CVE-2021-39929
DLA-2850-1 libpcap
CVE-2019-15165
DLA-2851-1 libextractor
CVE-2019-15531
DLA-2855-1 monit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-2873-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
December 31, 2021
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-2872-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
December 31, 2021
On Wed, Dec 29, 2021 at 07:46:39PM +0200, Adrian Bunk wrote:
> On Wed, Dec 29, 2021 at 05:04:29PM +0100, Peter De Wachter wrote:
> > In postgis LTS update 2.3.1+dfsg-2+deb9u1, the package
> > postgresql-9.6-postgis-2.3-scripts is empty (containing only
> > /usr/share/do
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-2868-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
December 29, 2021
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-2857-2debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
December 29, 2021
On Wed, Dec 29, 2021 at 05:04:29PM +0100, Peter De Wachter wrote:
> In postgis LTS update 2.3.1+dfsg-2+deb9u1, the package
> postgresql-9.6-postgis-2.3-scripts is empty (containing only
> /usr/share/doc files). The scripts are missing. Without the scripts, I
> believe it's not possible to create
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-2866-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
December 29, 2021
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-2865-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
December 29, 2021
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-2861-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
December 28, 2021
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian LTS Advisory DLA-2857-1debian-...@lists.debian.org
https://www.debian.org/lts/security/ Adrian Bunk
December 28, 2021
1 - 100 of 228 matches
Mail list logo