[Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-1945/ant
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: c0caae25 by Salvatore Bonaccorso at 2020-05-18T07:43:26+02:00 Add fixed version for CVE-2020-1945/ant - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -29123,7 +29123,7 @@ CVE-2020-1947 (In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the Shar CVE-2020-1946 RESERVED CVE-2020-1945 (Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default tempora ...) - - ant (low; bug #960630) + - ant 1.10.8-1 (low; bug #960630) [buster] - ant (Minor issue) [stretch] - ant (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2020/05/13/1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c0caae254d2af3ced8d73077503d05518eef610f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c0caae254d2af3ced8d73077503d05518eef610f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] DLA: add note about xcftools
Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker Commits: 37574891 by Anton Gladky at 2020-05-18T07:27:19+02:00 DLA: add note about xcftools - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -112,6 +112,7 @@ xcftools (Anton Gladky) NOTE: 20200111: wrote a patch + reproducer for CVE-2019-5086, waiting for upstream review (hle) NOTE: 20200414: Flurry of activity on/around 20200401 essentially rejecting original patch NOTE: 20200414: from 20200111 as incomplete, but with suggestion on improvement. (lamby) + NOTE: 20200517: work is ongoing. (gladk) -- xen NOTE: 20200414: debian-security-support has been updated with EOL status View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37574891e1cfb80c0c6f129b36143cf8087e0b6d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37574891e1cfb80c0c6f129b36143cf8087e0b6d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries which got an update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 3eaa9756 by Salvatore Bonaccorso at 2020-05-18T06:51:22+02:00 Remove no-dsa tagged entries which got an update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -83698,7 +83698,6 @@ CVE-2018-20031 (A Denial of Service vulnerability related to preemptive item del CVE-2018-20030 (An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EX ...) - libexif 0.6.21-5.1 (bug #918730) [stretch] - libexif (Minor issue) - [jessie] - libexif (Minor issue) NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-28/ NOTE: https://github.com/libexif/libexif/commit/6aa11df549114ebda520dde4cdaea2f9357b2c89 CVE-2018-20029 (The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6 ...) @@ -173985,7 +173984,6 @@ CVE-2017-7545 (It was discovered that the XmlUtils class in jbpmmigration 6.5 pe CVE-2017-7544 (libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulner ...) - libexif 0.6.21-2.1 (bug #876466) [stretch] - libexif (Minor issue) - [jessie] - libexif (Minor issue) [wheezy] - libexif (Minor issue) NOTE: https://sourceforge.net/p/libexif/bugs/130/ CVE-2017-7543 (A race-condition flaw was discovered in openstack-neutron before 7.2.0 ...) @@ -205514,7 +205512,6 @@ CVE-2016-6329 (OpenVPN, when using a 64-bit block cipher, makes it easier for re CVE-2016-6328 (A vulnerability was found in libexif. An integer overflow when parsing ...) - libexif 0.6.21-2.1 (bug #873022) [stretch] - libexif (Minor issue) - [jessie] - libexif (Minor issue) [wheezy] - libexif (Minor issue) NOTE: http://libexif.cvs.sourceforge.net/viewvc/libexif/libexif/libexif/pentax/mnote-pentax-entry.c?r1=1.26=1.27 CVE-2016-6327 (drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3eaa97567ee6fefb76390888f1e9cf37a19ea407 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3eaa97567ee6fefb76390888f1e9cf37a19ea407 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Reserve DLA-2214-1 for libexif
Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker Commits: add1bfe7 by Mike Gabriel at 2020-05-18T06:32:47+02:00 Reserve DLA-2214-1 for libexif - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes: = data/DLA/list = @@ -1,3 +1,6 @@ +[18 May 2020] DLA-2214-1 libexif - security update + {CVE-2016-6328 CVE-2017-7544 CVE-2018-20030 CVE-2020-0093 CVE-2020-12767} + [jessie] - libexif 0.6.21-2+deb8u2 [16 May 2020] DLA-2213-1 exim4 - security update {CVE-2020-12783} [jessie] - exim4 4.84.2-2+deb8u7 = data/dla-needed.txt = @@ -55,8 +55,6 @@ json-c (Mike Gabriel) libdatetime-timezone-perl NOTE: 20200514: LTS update must wait on oldstable update first to prevent newer version in LTS (roberto) -- -libexif (Mike Gabriel) --- libmatio (Adrian Bunk) NOTE: fairly high number of open issues. Not sure why we never had a look at them. NOTE: triage work needed, help security team for fixes if needed. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/add1bfe7a00c68c6c467cb9e63d633847d82a858 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/add1bfe7a00c68c6c467cb9e63d633847d82a858 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] dla-needed.txt: Ongoing work on squid3 to incorporate latest CVE.
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 83eee3c6 by Markus Koschany at 2020-05-18T00:50:34+02:00 dla-needed.txt: Ongoing work on squid3 to incorporate latest CVE. - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -101,8 +101,8 @@ salt (Abhijith PA) NOTE: 20200501: Upstream fix for CVE-CVE-2020-11651 causes a regression. Should be fixed too. (Ola) -- squid3 (Markus Koschany) - NOTE: 20200427: Working on squid3 in Stretch which will be used for Jessie - NOTE: 20200427: and Stretch. It seems more useful for the future. + NOTE: 20200518: Ongoing work on squid3 in Stretch which will be used for Jessie + NOTE: 20200518: and Stretch. -- tomcat8 (Roberto C. Sánchez) In d8fb8968ba9d89b4fd62e6570ad78b2efa8b7635 the DLA was reserved but not uploaded. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83eee3c6151479dc99a18e84968b2c0b91a3b4e9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83eee3c6151479dc99a18e84968b2c0b91a3b4e9 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c63205e6 by Moritz Muehlenhoff at 2020-05-17T23:28:03+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -11,13 +11,13 @@ CVE-2020-13123 CVE-2020-13122 RESERVED CVE-2020-13121 (Submitty through 20.04.01 has an open redirect via authentication/logi ...) - TODO: check + NOT-FOR-US: Submitty CVE-2020-13120 RESERVED CVE-2020-13119 RESERVED CVE-2020-13118 (An issue was discovered in Mikrotik-Router-Monitoring-System through 2 ...) - TODO: check + NOT-FOR-US: Mikrotik-Router-Monitoring-System CVE-2020-13117 RESERVED CVE-2020-13116 @@ -31,11 +31,11 @@ CVE-2020-13113 CVE-2020-13112 RESERVED CVE-2020-13111 (NaviServer 4.99.4 to 4.99.19 allows denial of service due to the nsd/d ...) - TODO: check + NOT-FOR-US: NaviServer CVE-2020-13110 (The kerberos package before 1.0.0 for Node.js allows arbitrary code ex ...) TODO: check CVE-2020-13109 (Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remo ...) - TODO: check + NOT-FOR-US: Morita Shogi CVE-2020-13108 RESERVED CVE-2020-13107 @@ -1052,7 +1052,7 @@ CVE-2020-12652 (The __mptctl_ioctl function in drivers/message/fusion/mptctl.c i [buster] - linux 4.19.98-1 NOTE: https://git.kernel.org/linus/28d76df18f0ad5bcf5fa48510b225f0ed262a99b (5.5-rc7) CVE-2020-12651 (SecureCRT before 8.7.2 allows remote attackers to execute arbitrary co ...) - TODO: check + NOT-FOR-US: SecureCRT CVE-2020-12650 REJECTED CVE-2020-12649 (Gurbalib through 2020-04-30 allows lib/cmds/player/help.c directory tr ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c63205e642c205ed1ed0249a22b0fbab4c2c2ccd -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c63205e642c205ed1ed0249a22b0fbab4c2c2ccd You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] dla: work is ongoing
Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker Commits: 48a70e61 by Adrian Bunk at 2020-05-18T00:24:32+03:00 dla: work is ongoing - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -67,7 +67,7 @@ libmatio (Adrian Bunk) NOTE: 20190428: is likely vulnerable NOTE: 20190428: some CVE testcases still fail after applying the fix, NOTE: 20190428: older changes seem to also be required for them - NOTE: 20200503: work is ongoing (bunk) + NOTE: 20200518: work is ongoing (bunk) -- libsixel (Dylan Aïssi) NOTE: 20200416 minor issue(s), not patch(es), yet. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48a70e61a245ba88aeed8a113f7fcd32d729042f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48a70e61a245ba88aeed8a113f7fcd32d729042f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 9b3ab341 by security tracker role at 2020-05-17T20:10:30+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -22206,8 +22206,8 @@ CVE-2020-4347 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could be s NOT-FOR-US: IBM CVE-2020-4346 (IBM API Connect's V2018.4.1.0 through 2018.4.1.10 management server ha ...) NOT-FOR-US: IBM -CVE-2020-4345 - RESERVED +CVE-2020-4345 (IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a s ...) + TODO: check CVE-2020-4344 RESERVED CVE-2020-4343 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacke ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b3ab341d36ef51fab1ab8c53ff26040d1599988 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b3ab341d36ef51fab1ab8c53ff26040d1599988 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] LTS: claim bluez in dla-needed.txt
Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker Commits: 5a46b6fc by Roberto C. Sánchez at 2020-05-17T08:12:17-04:00 LTS: claim bluez in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -26,7 +26,7 @@ apache2 (Utkarsh Gupta) NOTE: 20200501: No CVE yet. (Ola) NOTE: 20200510: Asking upstream for CVE assignment. (utkarsh) -- -bluez +bluez (Roberto C. Sánchez) NOTE: 20200420: Many upstream refactorings make this hard to see where the NOTE: 20200420: check for bonded connections should go. (eg. 7d9718cfc, NOTE: 20200420: 718bad60d, etc.) (lamby) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a46b6fc6424929bb12b5a9c3edffdf954f5cc55 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a46b6fc6424929bb12b5a9c3edffdf954f5cc55 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 1b5349be by Salvatore Bonaccorso at 2020-05-17T10:51:58+02:00 Process two NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,9 +1,9 @@ CVE-2020-13127 RESERVED CVE-2020-13126 (An issue was discovered in the Elementor Pro plugin before 2.9.4 for W ...) - TODO: check + NOT-FOR-US: Elementor Pro plugin for WordPress CVE-2020-13125 (An issue was discovered in the "Ultimate Addons for Elementor" plugin ...) - TODO: check + NOT-FOR-US: "Ultimate Addons for Elementor" plugin for WordPress CVE-2020-13124 RESERVED CVE-2020-13123 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b5349be1ea5c6d962baa162968b46b1e4377d60 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b5349be1ea5c6d962baa162968b46b1e4377d60 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 21994aef by security tracker role at 2020-05-17T08:10:14+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,3 +1,23 @@ +CVE-2020-13127 + RESERVED +CVE-2020-13126 (An issue was discovered in the Elementor Pro plugin before 2.9.4 for W ...) + TODO: check +CVE-2020-13125 (An issue was discovered in the "Ultimate Addons for Elementor" plugin ...) + TODO: check +CVE-2020-13124 + RESERVED +CVE-2020-13123 + RESERVED +CVE-2020-13122 + RESERVED +CVE-2020-13121 (Submitty through 20.04.01 has an open redirect via authentication/logi ...) + TODO: check +CVE-2020-13120 + RESERVED +CVE-2020-13119 + RESERVED +CVE-2020-13118 (An issue was discovered in Mikrotik-Router-Monitoring-System through 2 ...) + TODO: check CVE-2020-13117 RESERVED CVE-2020-13116 @@ -703,7 +723,7 @@ CVE-2020-12774 CVE-2020-12773 RESERVED CVE-2020-12783 (Exim through 4.93 has an out-of-bounds read in the SPA authenticator t ...) - {DSA-4687-1} + {DSA-4687-1 DLA-2213-1} - exim4 4.93-16 NOTE: https://bugs.exim.org/show_bug.cgi?id=2571 NOTE: https://git.exim.org/exim.git/commitdiff/57aa14b216432be381b6295c312065b2fd034f86 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21994aefd408494549fe66a8586cd84f8dc8c0da -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21994aefd408494549fe66a8586cd84f8dc8c0da You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add tracking of fixed version for qemu and slirp4netns switching to use system libslirp library
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b03fc93d by Salvatore Bonaccorso at 2020-05-17T10:08:57+02:00 Add tracking of fixed version for qemu and slirp4netns switching to use system libslirp library - - - - - 1 changed file: - data/embedded-code-copies Changes: = data/embedded-code-copies = @@ -873,6 +873,10 @@ qemu - xen-unstable (embed; bug #560856) - slirp4netns (embed) +libslirp + - qemu 1:4.1-2 (embed) + - slirp4netns 1.0.1-1 (embed) + vgabios - kvm (embed; bug #489442) - qemu-kvm (embed) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b03fc93d74489d1918a75d8cdf75e16d65adbc7f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b03fc93d74489d1918a75d8cdf75e16d65adbc7f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-8608 and CVE-2020-1983
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 43ddf267 by Salvatore Bonaccorso at 2020-05-17T10:07:08+02:00 Update information on CVE-2020-8608 and CVE-2020-1983 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -12006,11 +12006,12 @@ CVE-2020-8608 (In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snpr [stretch] - qemu (Minor issue) - qemu-kvm - slirp - - slirp4netns + - slirp4netns 1.0.1-1 [buster] - slirp4netns (Minor issue) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843 NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/30648c03b27fb8d9611b723184216cd3174b6775 NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed. + NOTE: slirp4netns 1.0.1-1 switched to system libslirp, marking that version as fixed. CVE-2020-8607 RESERVED CVE-2020-8606 @@ -28740,10 +28741,11 @@ CVE-2020-1983 (A use after free vulnerability in ip_reass() in ip_input.c of lib - qemu 1:4.1-2 - qemu-kvm - libslirp 4.2.0-2 - - slirp4netns + - slirp4netns 1.0.1-1 [buster] - slirp4netns (Minor issue) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/9bd6c5913271eabcb7768a58197ed3301fe19f2d - NOTE: 1:4.1-2 switched to system libslirp, marking that version as fixed + NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed + NOTE: slirp4netns 1.0.1-1 switched to system libslirp, marking that version as fixed. CVE-2020-1982 RESERVED CVE-2020-1981 (A predictable temporary filename vulnerability in PAN-OS allows local ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43ddf2675a11f8a83845bee9cf2f983f91c97326 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43ddf2675a11f8a83845bee9cf2f983f91c97326 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add note on DLA reservation
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a4f82b03 by Salvatore Bonaccorso at 2020-05-17T08:39:14+02:00 Add note on DLA reservation - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -105,6 +105,7 @@ squid3 (Markus Koschany) NOTE: 20200427: and Stretch. It seems more useful for the future. -- tomcat8 (Roberto C. Sánchez) + In d8fb8968ba9d89b4fd62e6570ad78b2efa8b7635 the DLA was reserved but not uploaded. -- tzdata NOTE: 20200514: LTS update must wait on oldstable update first to prevent newer version in LTS (roberto) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4f82b037811f65779579747db9122198e63bb7a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4f82b037811f65779579747db9122198e63bb7a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits