[Secure-testing-commits] r51863 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 05:04:02 + (Tue, 23 May 2017) New Revision: 51863 Modified: data/CVE/list Log: Add bug reference for libtasn1-6 issue Modified: data/CVE/list === --- data/CVE/list 2017-05-23 04:58:31 UTC

[Secure-testing-commits] r51862 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 04:58:31 + (Tue, 23 May 2017) New Revision: 51862 Modified: data/CVE/list Log: Add bug reference for tiff issue, #863185 Modified: data/CVE/list === --- data/CVE/list 2017-05-23 04:44:56

[Secure-testing-commits] r51861 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 04:44:56 + (Tue, 23 May 2017) New Revision: 51861 Modified: data/CVE/list Log: Mark CVE-2017-5657 as NFU Modified: data/CVE/list === --- data/CVE/list 2017-05-23 04:40:45 UTC (rev 51860)

[Secure-testing-commits] r51860 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 04:40:45 + (Tue, 23 May 2017) New Revision: 51860 Modified: data/CVE/list Log: Add new libtasn issue Modified: data/CVE/list === --- data/CVE/list 2017-05-23 04:36:20 UTC (rev 51859) +++

[Secure-testing-commits] r51859 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 04:36:20 + (Tue, 23 May 2017) New Revision: 51859 Modified: data/CVE/list Log: CVE-2017-7492 non-issue, REJECTED Modified: data/CVE/list === --- data/CVE/list 2017-05-23 04:35:09 UTC (rev

[Secure-testing-commits] r51858 - in data: CVE DLA DSA

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 04:35:09 + (Tue, 23 May 2017) New Revision: 51858 Modified: data/CVE/list data/DLA/list data/DSA/list Log: Cleanup CVE-2016-5483 reference, got REJECTED in favour of CVE-2017-3600 Modified: data/CVE/list

[Secure-testing-commits] r51857 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 04:21:24 + (Tue, 23 May 2017) New Revision: 51857 Modified: data/CVE/list Log: Add new libytnef issue, CVE-2017-9146, #862707 Modified: data/CVE/list === --- data/CVE/list 2017-05-23

[Secure-testing-commits] r51856 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 04:21:14 + (Tue, 23 May 2017) New Revision: 51856 Modified: data/CVE/list Log: Add new tiff issue Modified: data/CVE/list === --- data/CVE/list 2017-05-23 04:20:43 UTC (rev 51855) +++

[Secure-testing-commits] r51855 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 04:20:43 + (Tue, 23 May 2017) New Revision: 51855 Modified: data/CVE/list Log: CVE-2017-9149/mat assigned Modified: data/CVE/list === --- data/CVE/list 2017-05-22 21:21:14 UTC (rev 51854)

[Secure-testing-commits] r51854 - data

2017-05-22 Thread Markus Koschany
Author: apo Date: 2017-05-22 21:21:14 + (Mon, 22 May 2017) New Revision: 51854 Modified: data/dla-needed.txt Log: Update status of libarchive in dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt

[Secure-testing-commits] r51853 - data/CVE

2017-05-22 Thread Moritz Muehlenhoff
Author: jmm Date: 2017-05-22 21:20:08 + (Mon, 22 May 2017) New Revision: 51853 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list === --- data/CVE/list 2017-05-22 21:10:14 UTC (rev 51852) +++ data/CVE/list

[Secure-testing-commits] r51852 - data/CVE

2017-05-22 Thread security tracker role
Author: sectracker Date: 2017-05-22 21:10:14 + (Mon, 22 May 2017) New Revision: 51852 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-05-22 20:37:48 UTC (rev 51851) +++

[Secure-testing-commits] r51850 - data

2017-05-22 Thread Thorsten Alteholz
Author: alteholz Date: 2017-05-22 20:35:21 + (Mon, 22 May 2017) New Revision: 51850 Modified: data/dla-needed.txt Log: claim packages in case maintainer does not want to work on them Modified: data/dla-needed.txt === ---

[Secure-testing-commits] r51849 - data

2017-05-22 Thread Moritz Muehlenhoff
Author: jmm Date: 2017-05-22 20:34:34 + (Mon, 22 May 2017) New Revision: 51849 Modified: data/dsa-needed.txt Log: add and take imagemagick Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2017-05-22 20:32:05 UTC

[Secure-testing-commits] r51848 - data

2017-05-22 Thread Thorsten Alteholz
Author: alteholz Date: 2017-05-22 20:32:05 + (Mon, 22 May 2017) New Revision: 51848 Modified: data/dla-needed.txt Log: postgresql-8.4 is not needed anymore Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-05-22

[Secure-testing-commits] r51847 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-22 19:05:50 + (Mon, 22 May 2017) New Revision: 51847 Modified: data/CVE/list Log: CVE-2017-8929/yara fixed in unstable Modified: data/CVE/list === --- data/CVE/list 2017-05-22 19:00:52 UTC

[Secure-testing-commits] r51846 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-22 19:00:52 + (Mon, 22 May 2017) New Revision: 51846 Modified: data/CVE/list Log: Add bug reference for CVE-2017-8842 Modified: data/CVE/list === --- data/CVE/list 2017-05-22 19:00:35 UTC

[Secure-testing-commits] r51845 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-22 19:00:35 + (Mon, 22 May 2017) New Revision: 51845 Modified: data/CVE/list Log: Add bug reference for CVE-2017-8843 Modified: data/CVE/list === --- data/CVE/list 2017-05-22 18:47:53 UTC

[Secure-testing-commits] r51844 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-22 18:47:53 + (Mon, 22 May 2017) New Revision: 51844 Modified: data/CVE/list Log: Add bug reference for CVE-2017-8844 Modified: data/CVE/list === --- data/CVE/list 2017-05-22 18:42:42 UTC

[Secure-testing-commits] r51843 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-22 18:42:42 + (Mon, 22 May 2017) New Revision: 51843 Modified: data/CVE/list Log: Add bug reference for CVE-2017-8846 Modified: data/CVE/list === --- data/CVE/list 2017-05-22 18:41:56 UTC

[Secure-testing-commits] r51842 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-22 18:41:56 + (Mon, 22 May 2017) New Revision: 51842 Modified: data/CVE/list Log: Add bug reference for CVE-2017-8845 Modified: data/CVE/list === --- data/CVE/list 2017-05-22 17:53:57 UTC

[Secure-testing-commits] r51841 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-22 17:53:57 + (Mon, 22 May 2017) New Revision: 51841 Modified: data/CVE/list Log: Add bug reference for one checked issue Modified: data/CVE/list === --- data/CVE/list 2017-05-22 17:11:27

[Secure-testing-commits] r51840 - data

2017-05-22 Thread Thorsten Alteholz
Author: alteholz Date: 2017-05-22 17:11:27 + (Mon, 22 May 2017) New Revision: 51840 Modified: data/dla-needed.txt Log: lintian in wheezy not affected Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-05-22

[Secure-testing-commits] r51839 - data/CVE

2017-05-22 Thread Moritz Muehlenhoff
Author: jmm Date: 2017-05-22 16:50:55 + (Mon, 22 May 2017) New Revision: 51839 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list === --- data/CVE/list 2017-05-22 16:48:18 UTC (rev 51838) +++ data/CVE/list

[Secure-testing-commits] r51837 - data

2017-05-22 Thread Moritz Muehlenhoff
Author: jmm Date: 2017-05-22 16:28:23 + (Mon, 22 May 2017) New Revision: 51837 Modified: data/next-point-update.txt Log: salt spu Modified: data/next-point-update.txt === --- data/next-point-update.txt 2017-05-22 16:03:00

[Secure-testing-commits] r51836 - in data: . DLA

2017-05-22 Thread Chris Lamb
Author: lamby Date: 2017-05-22 16:03:00 + (Mon, 22 May 2017) New Revision: 51836 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-949-1 for miniupnpc Modified: data/DLA/list === --- data/DLA/list

[Secure-testing-commits] r51835 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-22 15:21:16 + (Mon, 22 May 2017) New Revision: 51835 Modified: data/CVE/list Log: CVE's assigned for imagemagick issues Modified: data/CVE/list === --- data/CVE/list 2017-05-22 14:52:49 UTC

[Secure-testing-commits] r51834 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-22 14:52:49 + (Mon, 22 May 2017) New Revision: 51834 Modified: data/CVE/list Log: Update information for CVE-2017-8845 (lzo -> lrzip) Further analysis shows that the issue is located in lrzip and not lzo2, so resolve the TODO and mark the correct source

[Secure-testing-commits] r51833 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-22 14:10:47 + (Mon, 22 May 2017) New Revision: 51833 Modified: data/CVE/list Log: Adjust two wheezy entries, jessie was not-affected (vulnerable code not present) thus wheezy with older code as well Modified: data/CVE/list

[Secure-testing-commits] r51832 - templates

2017-05-22 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-22 13:47:51 + (Mon, 22 May 2017) New Revision: 51832 Modified: templates/lts-no-dsa.txt templates/lts-update-planned.txt Log: Add MIME header to template mails to avoid problems with non-ASCII characters Modified: templates/lts-no-dsa.txt

[Secure-testing-commits] r51831 - data

2017-05-22 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-22 13:43:22 + (Mon, 22 May 2017) New Revision: 51831 Modified: data/dla-needed.txt Log: Add kde4libs to dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-05-22

[Secure-testing-commits] r51830 - data/CVE

2017-05-22 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-22 13:41:14 + (Mon, 22 May 2017) New Revision: 51830 Modified: data/CVE/list Log: Mark many issues as end-of-life in wheezy Modified: data/CVE/list === --- data/CVE/list 2017-05-22 13:41:02

[Secure-testing-commits] r51829 - bin

2017-05-22 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-22 13:41:02 + (Mon, 22 May 2017) New Revision: 51829 Modified: bin/lts-cve-triage.py Log: Use a color that works on a light background as well Modified: bin/lts-cve-triage.py === ---

[Secure-testing-commits] r51828 - bin

2017-05-22 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-22 13:29:10 + (Mon, 22 May 2017) New Revision: 51828 Modified: bin/lts-cve-triage.py Log: Add back unsupported packages but in a dedicated list We still need to mark the entries as when we don't support the package so that it disappears from the tracker and

[Secure-testing-commits] r51827 - data

2017-05-22 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-22 12:43:13 + (Mon, 22 May 2017) New Revision: 51827 Modified: data/dla-needed.txt Log: Add tnef to dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-05-22 12:14:05

[Secure-testing-commits] r51826 - data

2017-05-22 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-22 12:14:05 + (Mon, 22 May 2017) New Revision: 51826 Modified: data/dla-needed.txt Log: Add libsndfile to dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-05-22

[Secure-testing-commits] r51825 - data

2017-05-22 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-22 12:05:23 + (Mon, 22 May 2017) New Revision: 51825 Modified: data/dla-needed.txt Log: Add swftools to dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-05-22

[Secure-testing-commits] r51824 - data/CVE

2017-05-22 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-22 11:46:25 + (Mon, 22 May 2017) New Revision: 51824 Modified: data/CVE/list Log: Mark httrack issue as no-dsa on wheezy Modified: data/CVE/list === --- data/CVE/list 2017-05-22 11:32:32

[Secure-testing-commits] r51823 - data

2017-05-22 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-22 11:32:32 + (Mon, 22 May 2017) New Revision: 51823 Modified: data/dla-needed.txt Log: Add lrzip to dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-05-22 11:17:34

[Secure-testing-commits] r51822 - data/CVE

2017-05-22 Thread Moritz Muehlenhoff
Author: jmm Date: 2017-05-22 11:17:34 + (Mon, 22 May 2017) New Revision: 51822 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list === --- data/CVE/list 2017-05-22 11:11:47 UTC (rev 51821) +++ data/CVE/list

[Secure-testing-commits] r51821 - data/CVE

2017-05-22 Thread Moritz Muehlenhoff
Author: jmm Date: 2017-05-22 11:11:47 + (Mon, 22 May 2017) New Revision: 51821 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list === --- data/CVE/list 2017-05-22 10:48:43 UTC (rev 51820) +++ data/CVE/list

[Secure-testing-commits] r51820 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-22 10:48:43 + (Mon, 22 May 2017) New Revision: 51820 Modified: data/CVE/list Log: Add four temporary items for imagemagick for which maintainer requested CVEs Modified: data/CVE/list === ---

[Secure-testing-commits] r51818 - data/CVE

2017-05-22 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-22 10:19:02 + (Mon, 22 May 2017) New Revision: 51818 Modified: data/CVE/list Log: CVE-2017-9117 does not affect tiff3 Modified: data/CVE/list === --- data/CVE/list 2017-05-22 09:10:12 UTC

[Secure-testing-commits] r51819 - data/CVE

2017-05-22 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-22 10:19:16 + (Mon, 22 May 2017) New Revision: 51819 Modified: data/CVE/list Log: Mark CVE-2014-9970 as no-dsa on wheezy Modified: data/CVE/list === --- data/CVE/list 2017-05-22 10:19:02

[Secure-testing-commits] r51817 - data/CVE

2017-05-22 Thread security tracker role
Author: sectracker Date: 2017-05-22 09:10:12 + (Mon, 22 May 2017) New Revision: 51817 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-05-22 06:53:22 UTC (rev 51816) +++

[Secure-testing-commits] r51816 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-22 06:53:22 + (Mon, 22 May 2017) New Revision: 51816 Modified: data/CVE/list Log: Record back-and-forth with libgit2 Note for reviewers: needs now a double-check the issues are really fixed and not reopened for any of the CVEs. libgit2 had several iternations,

[Secure-testing-commits] r51814 - data

2017-05-22 Thread Chris Lamb
Author: lamby Date: 2017-05-22 06:38:37 + (Mon, 22 May 2017) New Revision: 51814 Modified: data/dla-needed.txt Log: Claim miniupnpc in data/dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-05-22

[Secure-testing-commits] r51815 - data

2017-05-22 Thread Chris Lamb
will be for ESR 52 as ESR 45 is now NOTE: EOL. I have already started to look at ESR 52 to anticipate any problems. NOTE: Patches for ESR 52 on wheezy sent to maintainer. -- +graphicsmagick (Markus Koschany) +-- imagemagick (Roberto C. Sánchez) NOTE: 20170522, there are numerous issues

[Secure-testing-commits] r51813 - data/CVE

2017-05-22 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-22 06:17:50 + (Mon, 22 May 2017) New Revision: 51813 Modified: data/CVE/list Log: Update CVE-2017-8829 information, does not affect jessie Modified: data/CVE/list === --- data/CVE/list