Author: pabs
Date: 2016-02-29 07:44:39 + (Mon, 29 Feb 2016)
New Revision: 40051
Modified:
doc/security-team.d.o/security_tracker
Log:
automatic commits use the sectracker user instead of joeyh now
Modified: doc/security-team.d.o/security_tracker
Author: carnil
Date: 2016-02-29 07:28:11 + (Mon, 29 Feb 2016)
New Revision: 40050
Modified:
data/CVE/list
Log:
Add temporary item for new tidy-html5 issue
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-29
Author: carnil
Date: 2016-02-29 07:17:32 + (Mon, 29 Feb 2016)
New Revision: 40049
Modified:
data/CVE/list
Log:
Update status for CVE-2015-8373/isc-kea
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-29 06:32:30
Author: carnil
Date: 2016-02-29 06:32:30 + (Mon, 29 Feb 2016)
New Revision: 40048
Modified:
data/CVE/list
Log:
isc-kea entered the archive
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-29 06:18:53 UTC (rev
Author: carnil
Date: 2016-02-29 06:18:53 + (Mon, 29 Feb 2016)
New Revision: 40047
Modified:
data/CVE/list
Log:
Add more wireshark issues, see previous commit message for notes
Modified: data/CVE/list
===
--- data/CVE/list
Author: carnil
Date: 2016-02-29 06:05:05 + (Mon, 29 Feb 2016)
New Revision: 40046
Modified:
data/CVE/list
Log:
First set of wireshark issues
Note for reviwers: I have marked them undetermined since no time yet to
verify fixed status for unstable and affected versions. Thus I think it
is
Author: carnil
Date: 2016-02-29 05:56:07 + (Mon, 29 Feb 2016)
New Revision: 40045
Modified:
data/CVE/list
Log:
Add reference for CVE-2016-0799/openssl
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-29 05:55:58
Author: carnil
Date: 2016-02-29 05:55:58 + (Mon, 29 Feb 2016)
New Revision: 40044
Modified:
data/CVE/list
Log:
CVE-2016-2782 fixed in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-29 05:26:28 UTC (rev
Author: carnil
Date: 2016-02-29 05:26:21 + (Mon, 29 Feb 2016)
New Revision: 40042
Modified:
data/dsa-needed.txt
Log:
Take care of linux DSA
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2016-02-29 05:23:20 UTC
Author: carnil
Date: 2016-02-29 05:26:28 + (Mon, 29 Feb 2016)
New Revision: 40043
Modified:
data/CVE/list
Log:
Add workaround entry note for drupal
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-29 05:26:21 UTC
Author: carnil
Date: 2016-02-29 05:23:20 + (Mon, 29 Feb 2016)
New Revision: 40041
Modified:
data/CVE/list
Log:
Add fixed version for CVE-2016-0787, libssh2, #815662
Modified: data/CVE/list
===
--- data/CVE/list
Author: carnil
Date: 2016-02-29 05:23:04 + (Mon, 29 Feb 2016)
New Revision: 40040
Modified:
data/CVE/list
Log:
Slightly reorder entries for one temporary item
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28
Author: mgilbert
Date: 2016-02-28 23:43:04 + (Sun, 28 Feb 2016)
New Revision: 40039
Modified:
data/CVE/list
Log:
openjpeg issues in chromium
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 23:42:55 UTC (rev
Author: mgilbert
Date: 2016-02-28 23:42:55 + (Sun, 28 Feb 2016)
New Revision: 40038
Modified:
data/CVE/list
Log:
wine issue
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 22:32:11 UTC (rev 40037)
+++
Author: lamby
Date: 2016-02-28 22:32:11 + (Sun, 28 Feb 2016)
New Revision: 40037
Modified:
data/dla-needed.txt
Log:
Triage linux-2.6 for LTS
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2016-02-28 22:19:06 UTC
Author: jmm
Date: 2016-02-28 22:19:06 + (Sun, 28 Feb 2016)
New Revision: 40036
Modified:
data/CVE/list
Log:
more unimportant node packages
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 22:09:13 UTC (rev
Author: jmm
Date: 2016-02-28 22:09:13 + (Sun, 28 Feb 2016)
New Revision: 40035
Modified:
data/DSA/list
Log:
add CVE refs for pillow DSA
Modified: data/DSA/list
===
--- data/DSA/list 2016-02-28 22:07:42 UTC (rev 40034)
Author: jmm
Date: 2016-02-28 22:07:42 + (Sun, 28 Feb 2016)
New Revision: 40034
Modified:
data/CVE/list
data/DSA/list
Log:
add references for CVE-less drupal issues
fixup reference for pillow in wheezy (different source package)
Modified: data/CVE/list
Author: jmm
Date: 2016-02-28 21:49:44 + (Sun, 28 Feb 2016)
New Revision: 40033
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
drupal, pillow DSAs
Modified: data/DSA/list
===
--- data/DSA/list 2016-02-28 21:48:29
Author: jmm
Date: 2016-02-28 21:48:29 + (Sun, 28 Feb 2016)
New Revision: 40032
Modified:
data/CVE/list
Log:
node-ws unimportant
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 21:33:06 UTC (rev 40031)
+++
Author: carnil
Date: 2016-02-28 21:33:06 + (Sun, 28 Feb 2016)
New Revision: 40031
Modified:
data/CVE/list
Log:
Bug #814030 fixed in unstable for tcpdf
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 21:31:08
Author: kitterman
Date: 2016-02-28 21:31:08 + (Sun, 28 Feb 2016)
New Revision: 40030
Modified:
data/DLA/list
Log:
Reserve DLA-440-1 for dansguardian
Modified: data/DLA/list
===
--- data/DLA/list 2016-02-28 21:10:12 UTC
Author: sectracker
Date: 2016-02-28 21:10:12 + (Sun, 28 Feb 2016)
New Revision: 40029
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 21:10:06 UTC (rev 40028)
+++
Author: carnil
Date: 2016-02-28 21:10:06 + (Sun, 28 Feb 2016)
New Revision: 40028
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
Reserve DSA number for php-horde and php-horde-core
Modified: data/DSA/list
===
---
Author: benh
Date: 2016-02-28 21:02:54 + (Sun, 28 Feb 2016)
New Revision: 40027
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-439-1 for linux-2.6
Modified: data/DLA/list
===
--- data/DLA/list
Author: jmm
Date: 2016-02-28 20:10:14 + (Sun, 28 Feb 2016)
New Revision: 40026
Modified:
data/CVE/list
Log:
mark tomcat6 in jessie as not-affected
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 20:05:44 UTC
Author: jmm
Date: 2016-02-28 20:05:44 + (Sun, 28 Feb 2016)
New Revision: 40025
Modified:
data/CVE/list
Log:
libssh fixed
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 19:06:40 UTC (rev 40024)
+++
Author: carnil
Date: 2016-02-28 19:06:40 + (Sun, 28 Feb 2016)
New Revision: 40024
Modified:
data/dsa-needed.txt
Log:
Take care of releasing php-horde and php-horde-core
Modified: data/dsa-needed.txt
===
---
Author: agx
Date: 2016-02-28 19:00:23 + (Sun, 28 Feb 2016)
New Revision: 40023
Modified:
data/dsa-needed.txt
Log:
Grab apt-daemon in dsa-needed
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2016-02-28 18:50:51 UTC
Author: carnil
Date: 2016-02-28 18:50:51 + (Sun, 28 Feb 2016)
New Revision: 40022
Modified:
data/CVE/list
Log:
Add CVE-2016-2782/linux
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 18:46:42 UTC (rev 40021)
Author: carnil
Date: 2016-02-28 18:46:42 + (Sun, 28 Feb 2016)
New Revision: 40021
Modified:
data/CVE/list
Log:
CVE-2016-2510/bsh fixed in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 18:36:59 UTC
Author: carnil
Date: 2016-02-28 18:36:59 + (Sun, 28 Feb 2016)
New Revision: 40020
Modified:
data/CVE/list
Log:
php-dompdf fixed in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 18:33:11 UTC (rev
Author: apo-guest
Date: 2016-02-28 18:26:38 + (Sun, 28 Feb 2016)
New Revision: 40018
Modified:
data/dla-needed.txt
Log:
Claim pcre3 in dla-needed.txt
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2016-02-28
Author: carnil
Date: 2016-02-28 18:21:18 + (Sun, 28 Feb 2016)
New Revision: 40017
Modified:
data/next-point-update.txt
Log:
Add php-dompdf for next jessie point release (but still needs ack from SRM)
Modified: data/next-point-update.txt
Author: carnil
Date: 2016-02-28 18:19:29 + (Sun, 28 Feb 2016)
New Revision: 40016
Modified:
data/CVE/list
Log:
Mark php-dompdf as no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 17:47:47 UTC (rev 40015)
Author: lamby
Date: 2016-02-28 17:47:47 + (Sun, 28 Feb 2016)
New Revision: 40015
Modified:
data/dla-needed.txt
Log:
Triage coreutils for LTS
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2016-02-28 17:46:03 UTC
Author: lamby
Date: 2016-02-28 17:46:03 + (Sun, 28 Feb 2016)
New Revision: 40014
Modified:
data/dla-needed.txt
Log:
Triage libebml for LTS
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2016-02-28 15:56:49 UTC (rev
Author: carnil
Date: 2016-02-28 15:56:49 + (Sun, 28 Feb 2016)
New Revision: 40013
Modified:
data/CVE/list
Log:
Add CVE-2016-2781/coreutils
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 15:22:39 UTC (rev
Author: carnil
Date: 2016-02-28 15:22:39 + (Sun, 28 Feb 2016)
New Revision: 40012
Modified:
data/CVE/list
Log:
Add bug reference for CVE-2015-8368/ntopng, #816190
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28
Author: carnil
Date: 2016-02-28 15:13:39 + (Sun, 28 Feb 2016)
New Revision: 40011
Modified:
data/CVE/list
Log:
Reference upstream commit for fixing this issue
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28
Author: dmn
Date: 2016-02-28 15:01:12 + (Sun, 28 Feb 2016)
New Revision: 40010
Modified:
data/DLA/list
Log:
correct squeeze version of libebml fixing the issues
Modified: data/DLA/list
===
--- data/DLA/list 2016-02-28
Author: dmn
Date: 2016-02-28 14:59:48 + (Sun, 28 Feb 2016)
New Revision: 40009
Modified:
data/DLA/list
data/dla-needed.txt
Log:
reserve DLA-438-1 for libebml
Modified: data/DLA/list
===
--- data/DLA/list 2016-02-28
Author: carnil
Date: 2016-02-28 14:50:31 + (Sun, 28 Feb 2016)
New Revision: 40008
Modified:
data/CVE/list
Log:
Mark two NFUs
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 14:39:59 UTC (rev 40007)
+++
Author: carnil
Date: 2016-02-28 14:39:59 + (Sun, 28 Feb 2016)
New Revision: 40007
Modified:
data/CVE/list
data/DSA/list
Log:
Add CVE-2016-1526 for the graphite2
Note: Details still missing, but from the mfsa2016-14 it is referenced
and probably the second DoS vulnerability. Mark with
Author: carnil
Date: 2016-02-28 14:00:17 + (Sun, 28 Feb 2016)
New Revision: 40006
Modified:
data/CVE/list
Log:
CVE-2015-5351: Adjust comment since fix is as well included in upstream version
@apo: thanks for the upstream VCS references added.
Modified: data/CVE/list
Author: carnil
Date: 2016-02-28 13:56:05 + (Sun, 28 Feb 2016)
New Revision: 40005
Modified:
data/CVE/list
Log:
Adjust version for CVE-2015-5351, fixed in unstable with 6.0.45+dfsg-1
Modified: data/CVE/list
===
---
Author: apo-guest
Date: 2016-02-28 13:51:43 + (Sun, 28 Feb 2016)
New Revision: 40004
Modified:
data/CVE/list
Log:
Mark CVE-2015-5351 as fixed since 6.0.45-1~deb6u1
The upstream advisory makes no reference about the 6.x series but looking at
the code reveals that this issue was also fixed
Author: kroeckx
Date: 2016-02-28 13:49:10 + (Sun, 28 Feb 2016)
New Revision: 40003
Modified:
data/CVE/list
Log:
CVE-2016-0799 does affect squeeze
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 13:10:29 UTC
Author: carnil
Date: 2016-02-28 12:13:29 + (Sun, 28 Feb 2016)
New Revision: 40001
Modified:
data/CVE/list
Log:
Update status for tomcat6 in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 11:36:59 UTC
)
+++ data/DLA/list 2016-02-28 11:36:59 UTC (rev 4)
@@ -1,3 +1,6 @@
+[28 Feb 2016] DLA-436-1 ia32-libs - security update
+ [squeeze] - ia32-libs 20160228
+ [squeeze] - ia32-libs-gtk 20160228
[27 Feb 2016] DLA-435-1 tomcat6 - security update
{CVE-2015-5174 CVE-2015-5345
Author: jmm
Date: 2016-02-28 11:34:07 + (Sun, 28 Feb 2016)
New Revision: 3
Modified:
data/CVE/list
Log:
pcre fixed
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 10:52:16 UTC (rev 39998)
+++ data/CVE/list
Author: carnil
Date: 2016-02-28 10:52:16 + (Sun, 28 Feb 2016)
New Revision: 39998
Modified:
data/DSA/list
Log:
Reserve DSA-3492-2 for gajim regression
Modified: data/DSA/list
===
--- data/DSA/list 2016-02-28 10:08:09
Author: carnil
Date: 2016-02-28 10:08:09 + (Sun, 28 Feb 2016)
New Revision: 39997
Modified:
data/CVE/list
Log:
Clarify todo item
Modified: data/CVE/list
===
--- data/CVE/list 2016-02-28 10:00:14 UTC (rev 39996)
+++
Author: seb
Date: 2016-02-28 10:00:14 + (Sun, 28 Feb 2016)
New Revision: 39996
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
Reserve DSA-3495-1 for CVE-2016-205[4-8] (xymon)
Modified: data/DSA/list
===
--- data/DSA/list
54 matches
Mail list logo