[Secure-testing-commits] r51908 - data

2017-05-23 Thread Sebastien Delafond
Author: seb Date: 2017-05-24 05:51:18 + (Wed, 24 May 2017) New Revision: 51908 Modified: data/dsa-needed.txt Log: Add and claim libtasn1-6 Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2017-05-24 05:20:49 UTC (rev

[Secure-testing-commits] r51907 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-24 05:20:49 + (Wed, 24 May 2017) New Revision: 51907 Modified: data/CVE/list Log: Add CVE-2017-9214/openvswitch Modified: data/CVE/list === --- data/CVE/list 2017-05-24 04:49:13 UTC (rev

[Secure-testing-commits] r51906 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-24 04:49:13 + (Wed, 24 May 2017) New Revision: 51906 Modified: data/CVE/list Log: Add reporter reference for CVE-2017-1000363 Modified: data/CVE/list === --- data/CVE/list 2017-05-24

[Secure-testing-commits] r51905 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-24 04:22:04 + (Wed, 24 May 2017) New Revision: 51905 Modified: data/CVE/list Log: autotrace removed from unstable Modified: data/CVE/list === --- data/CVE/list 2017-05-24 04:19:38 UTC (rev

[Secure-testing-commits] r51904 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-24 04:19:38 + (Wed, 24 May 2017) New Revision: 51904 Modified: data/CVE/list Log: CVE-2017-2295, #863212 fixed in unstable Modified: data/CVE/list === --- data/CVE/list 2017-05-24 04:19:13

[Secure-testing-commits] r51903 - data

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-24 04:19:13 + (Wed, 24 May 2017) New Revision: 51903 Modified: data/dsa-needed.txt Log: Add puppet to dsa-needed list Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2017-05-23 21:10:13

[Secure-testing-commits] r51902 - data/CVE

2017-05-23 Thread security tracker role
Author: sectracker Date: 2017-05-23 21:10:13 + (Tue, 23 May 2017) New Revision: 51902 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-05-23 20:35:17 UTC (rev 51901) +++

[Secure-testing-commits] r51901 - in data: . DLA

2017-05-23 Thread Thorsten Alteholz
Author: alteholz Date: 2017-05-23 20:35:17 + (Tue, 23 May 2017) New Revision: 51901 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-950-1 for libtasn1-3 Modified: data/DLA/list === --- data/DLA/list

[Secure-testing-commits] r51899 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 19:43:32 + (Tue, 23 May 2017) New Revision: 51899 Modified: data/CVE/list Log: Sort top-down CVE-2013-2074 entry Modified: data/CVE/list === --- data/CVE/list 2017-05-23 19:38:30 UTC (rev

[Secure-testing-commits] r51900 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 19:43:51 + (Tue, 23 May 2017) New Revision: 51900 Modified: data/CVE/list Log: Add new linux issue, CVE-2017-1000363 Modified: data/CVE/list === --- data/CVE/list 2017-05-23 19:43:32 UTC

[Secure-testing-commits] r51898 - data/CVE

2017-05-23 Thread Emilio Pozuelo Monfort
Author: pochu Date: 2017-05-23 19:38:30 + (Tue, 23 May 2017) New Revision: 51898 Modified: data/CVE/list Log: CVE-2013-2074/kde4libs: update notes Modified: data/CVE/list === --- data/CVE/list 2017-05-23 19:26:28 UTC

[Secure-testing-commits] r51897 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 19:26:28 + (Tue, 23 May 2017) New Revision: 51897 Modified: data/CVE/list Log: Process more NFUs Modified: data/CVE/list === --- data/CVE/list 2017-05-23 19:15:49 UTC (rev 51896) +++

[Secure-testing-commits] r51895 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 19:15:38 + (Tue, 23 May 2017) New Revision: 51895 Modified: data/CVE/list Log: Process a couple of more NFUs Modified: data/CVE/list === --- data/CVE/list 2017-05-23 19:04:24 UTC (rev

[Secure-testing-commits] r51896 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 19:15:49 + (Tue, 23 May 2017) New Revision: 51896 Modified: data/CVE/list Log: Update CVE-2016-5735/pngquant Modified: data/CVE/list === --- data/CVE/list 2017-05-23 19:15:38 UTC (rev

[Secure-testing-commits] r51894 - in data: . CVE

2017-05-23 Thread Emilio Pozuelo Monfort
Author: pochu Date: 2017-05-23 19:04:24 + (Tue, 23 May 2017) New Revision: 51894 Modified: data/CVE/list data/dla-needed.txt Log: Mark CVE-2017-7263 as no-dsa for wheezy This is issue does not warrant a DLA. It can be fixed in the next update if other important issues are found.

[Secure-testing-commits] r51893 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 18:50:38 + (Tue, 23 May 2017) New Revision: 51893 Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list === --- data/CVE/list 2017-05-23 18:32:58 UTC (rev 51892) +++

[Secure-testing-commits] r51892 - data

2017-05-23 Thread Emilio Pozuelo Monfort
Author: pochu Date: 2017-05-23 18:32:58 + (Tue, 23 May 2017) New Revision: 51892 Modified: data/dla-needed.txt Log: dla: claim potrace Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-05-23 18:09:09 UTC (rev

[Secure-testing-commits] r51891 - data

2017-05-23 Thread Emilio Pozuelo Monfort
Author: pochu Date: 2017-05-23 18:09:09 + (Tue, 23 May 2017) New Revision: 51891 Modified: data/dla-needed.txt Log: dla: remove lzo2 Turns out CVE-2017-8845 is on lrzip, not lzo2. Modified: data/dla-needed.txt === ---

[Secure-testing-commits] r51890 - in data: . CVE

2017-05-23 Thread Emilio Pozuelo Monfort
Author: pochu Date: 2017-05-23 17:50:23 + (Tue, 23 May 2017) New Revision: 51890 Modified: data/CVE/list data/dla-needed.txt Log: lrzip no-dsa on wheezy no arbitrary code execution, just a possible application crash / dos like with the other lrzip recent cves Modified: data/CVE/list

[Secure-testing-commits] r51889 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 17:24:06 + (Tue, 23 May 2017) New Revision: 51889 Modified: data/CVE/list Log: Add bug reference for CVE-2017-2295/puppet Modified: data/CVE/list === --- data/CVE/list 2017-05-23 17:13:49

[Secure-testing-commits] r51888 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 17:13:49 + (Tue, 23 May 2017) New Revision: 51888 Modified: data/CVE/list Log: perltidy fixed in unstable Modified: data/CVE/list === --- data/CVE/list 2017-05-23 17:11:37 UTC (rev 51887)

[Secure-testing-commits] r51887 - data/CVE

2017-05-23 Thread Moritz Muehlenhoff
Author: jmm Date: 2017-05-23 17:11:37 + (Tue, 23 May 2017) New Revision: 51887 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list === --- data/CVE/list 2017-05-23 17:06:26 UTC (rev 51886) +++ data/CVE/list

[Secure-testing-commits] r51886 - data/CVE

2017-05-23 Thread Emilio Pozuelo Monfort
Author: pochu Date: 2017-05-23 17:06:26 + (Tue, 23 May 2017) New Revision: 51886 Modified: data/CVE/list Log: CVE-2017-8422: add upstream patch for src:kde4libs Modified: data/CVE/list === --- data/CVE/list 2017-05-23

[Secure-testing-commits] r51885 - data

2017-05-23 Thread Emilio Pozuelo Monfort
51884) +++ data/dla-needed.txt 2017-05-23 17:04:27 UTC (rev 51885) @@ -37,7 +37,7 @@ jasper (Thorsten Alteholz) NOTE: 20170523, no patch available for the remaining CVEs yet -- -kde4libs +kde4libs (Emilio Pozuelo) NOTE: Maintainer wants debdiff to record our upload in his VCS. See NOTE

[Secure-testing-commits] r51884 - data

2017-05-23 Thread Thorsten Alteholz
Author: alteholz Date: 2017-05-23 16:59:08 + (Tue, 23 May 2017) New Revision: 51884 Modified: data/dla-needed.txt Log: claim a package with upstream fix Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-05-23

[Secure-testing-commits] r51883 - in data: . CVE

2017-05-23 Thread Thorsten Alteholz
-needed.txt 2017-05-23 16:37:26 UTC (rev 51883) @@ -35,7 +35,7 @@ NOTE: 20170522, there are numerous issues to address and work continues -- jasper (Thorsten Alteholz) - NOTE: 20170519, no patch available for the remaining CVEs yet + NOTE: 20170523, no patch available for the remaining CVEs yet

[Secure-testing-commits] r51882 - data/CVE

2017-05-23 Thread Moritz Muehlenhoff
Author: jmm Date: 2017-05-23 13:19:11 + (Tue, 23 May 2017) New Revision: 51882 Modified: data/CVE/list Log: NFU Modified: data/CVE/list === --- data/CVE/list 2017-05-23 12:56:13 UTC (rev 51881) +++ data/CVE/list

[Secure-testing-commits] r51881 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 12:56:13 + (Tue, 23 May 2017) New Revision: 51881 Modified: data/CVE/list Log: Sync CVE-2017-9150 with kernel-sec Modified: data/CVE/list === --- data/CVE/list 2017-05-23 11:50:29 UTC

[Secure-testing-commits] r51880 - data/CVE

2017-05-23 Thread Sebastien Delafond
Author: seb Date: 2017-05-23 11:50:29 + (Tue, 23 May 2017) New Revision: 51880 Modified: data/CVE/list Log: Mark CVE-2017-9066 (wordpress) as not affecting versions < 4.6 Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r51879 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 10:22:21 + (Tue, 23 May 2017) New Revision: 51879 Modified: data/CVE/list Log: Add autotrace issues Modified: data/CVE/list === --- data/CVE/list 2017-05-23 10:16:26 UTC (rev 51878) +++

[Secure-testing-commits] r51878 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 10:16:26 + (Tue, 23 May 2017) New Revision: 51878 Modified: data/CVE/list Log: Initial information for CVE-2017-9150 Modified: data/CVE/list === --- data/CVE/list 2017-05-23 09:33:23 UTC

[Secure-testing-commits] r51877 - data/CVE

2017-05-23 Thread Moritz Muehlenhoff
Author: jmm Date: 2017-05-23 09:33:23 + (Tue, 23 May 2017) New Revision: 51877 Modified: data/CVE/list Log: qemu fixed Modified: data/CVE/list === --- data/CVE/list 2017-05-23 09:25:27 UTC (rev 51876) +++ data/CVE/list

[Secure-testing-commits] r51876 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 09:25:27 + (Tue, 23 May 2017) New Revision: 51876 Modified: data/CVE/list Log: Triage CVE-2017-9211 Modified: data/CVE/list === --- data/CVE/list 2017-05-23 09:23:38 UTC (rev 51875) +++

[Secure-testing-commits] r51875 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 09:23:38 + (Tue, 23 May 2017) New Revision: 51875 Modified: data/CVE/list Log: Add initial information for CVE-2017-9211 Modified: data/CVE/list === --- data/CVE/list 2017-05-23 09:22:57

[Secure-testing-commits] r51874 - data/CVE

2017-05-23 Thread Moritz Muehlenhoff
Author: jmm Date: 2017-05-23 09:22:57 + (Tue, 23 May 2017) New Revision: 51874 Modified: data/CVE/list Log: add reference to puppet fix Modified: data/CVE/list === --- data/CVE/list 2017-05-23 09:10:12 UTC (rev 51873)

[Secure-testing-commits] r51873 - data/CVE

2017-05-23 Thread security tracker role
Author: sectracker Date: 2017-05-23 09:10:12 + (Tue, 23 May 2017) New Revision: 51873 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-05-23 09:03:59 UTC (rev 51872) +++

[Secure-testing-commits] r51872 - data/CVE

2017-05-23 Thread Moritz Muehlenhoff
Author: jmm Date: 2017-05-23 09:03:59 + (Tue, 23 May 2017) New Revision: 51872 Modified: data/CVE/list Log: qpdf no-dsa Modified: data/CVE/list === --- data/CVE/list 2017-05-23 08:48:56 UTC (rev 51871) +++

[Secure-testing-commits] r51871 - data

2017-05-23 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-23 08:48:56 + (Tue, 23 May 2017) New Revision: 51871 Modified: data/dla-needed.txt Log: Add libtasn1-3 to dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-05-23

[Secure-testing-commits] r51870 - data/CVE

2017-05-23 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-23 08:48:54 + (Tue, 23 May 2017) New Revision: 51870 Modified: data/CVE/list Log: Triage CVE-2017-9147 on wheezy Modified: data/CVE/list === --- data/CVE/list 2017-05-23 08:24:00 UTC (rev

[Secure-testing-commits] r51869 - data/CVE

2017-05-23 Thread Salvatore Bonaccorso
Author: carnil Date: 2017-05-23 08:24:00 + (Tue, 23 May 2017) New Revision: 51869 Modified: data/CVE/list Log: Add three qpdf issues Modified: data/CVE/list === --- data/CVE/list 2017-05-23 08:22:14 UTC (rev 51868) +++

[Secure-testing-commits] r51868 - data/CVE

2017-05-23 Thread Sebastien Delafond
Author: seb Date: 2017-05-23 08:22:14 + (Tue, 23 May 2017) New Revision: 51868 Modified: data/CVE/list Log: Remove httrack entry: no privilege escalation, and no way to crash an existing instance, so not a security problem at all. Modified: data/CVE/list

[Secure-testing-commits] r51867 - data/CVE

2017-05-23 Thread Moritz Muehlenhoff
Author: jmm Date: 2017-05-23 08:16:30 + (Tue, 23 May 2017) New Revision: 51867 Modified: data/CVE/list Log: NFUs Modified: data/CVE/list === --- data/CVE/list 2017-05-23 08:03:15 UTC (rev 51866) +++ data/CVE/list

[Secure-testing-commits] r51866 - data/CVE

2017-05-23 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-23 08:03:15 + (Tue, 23 May 2017) New Revision: 51866 Modified: data/CVE/list Log: Filed a github issue for the OpenEXR CVE Modified: data/CVE/list === --- data/CVE/list 2017-05-23 08:02:54

[Secure-testing-commits] r51865 - data

2017-05-23 Thread Raphaël Hertzog
Author: hertzog Date: 2017-05-23 08:02:54 + (Tue, 23 May 2017) New Revision: 51865 Modified: data/dla-needed.txt Log: Add request of kde4libs maintainer Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-05-23

[Secure-testing-commits] r51864 - data/CVE

2017-05-23 Thread Moritz Muehlenhoff
Author: jmm Date: 2017-05-23 06:25:37 + (Tue, 23 May 2017) New Revision: 51864 Modified: data/CVE/list Log: new foreman issue, concludes external check Modified: data/CVE/list === --- data/CVE/list 2017-05-23 05:04:02