[Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2020-1945/ant
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: c0caae25 by Salvatore Bonaccorso at 2020-05-18T07:43:26+02:00 Add fixed version for CVE-2020-1945/ant - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -29123,7 +29123,7 @@ CVE-2020-1947 (In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the Shar CVE-2020-1946 RESERVED CVE-2020-1945 (Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default tempora ...) - - ant (low; bug #960630) + - ant 1.10.8-1 (low; bug #960630) [buster] - ant (Minor issue) [stretch] - ant (Minor issue) NOTE: https://www.openwall.com/lists/oss-security/2020/05/13/1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c0caae254d2af3ced8d73077503d05518eef610f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c0caae254d2af3ced8d73077503d05518eef610f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] DLA: add note about xcftools
Anton Gladky pushed to branch master at Debian Security Tracker / security-tracker Commits: 37574891 by Anton Gladky at 2020-05-18T07:27:19+02:00 DLA: add note about xcftools - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -112,6 +112,7 @@ xcftools (Anton Gladky) NOTE: 20200111: wrote a patch + reproducer for CVE-2019-5086, waiting for upstream review (hle) NOTE: 20200414: Flurry of activity on/around 20200401 essentially rejecting original patch NOTE: 20200414: from 20200111 as incomplete, but with suggestion on improvement. (lamby) + NOTE: 20200517: work is ongoing. (gladk) -- xen NOTE: 20200414: debian-security-support has been updated with EOL status View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37574891e1cfb80c0c6f129b36143cf8087e0b6d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/37574891e1cfb80c0c6f129b36143cf8087e0b6d You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries which got an update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 3eaa9756 by Salvatore Bonaccorso at 2020-05-18T06:51:22+02:00 Remove no-dsa tagged entries which got an update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -83698,7 +83698,6 @@ CVE-2018-20031 (A Denial of Service vulnerability related to preemptive item del CVE-2018-20030 (An error when processing the EXIF_IFD_INTEROPERABILITY and EXIF_IFD_EX ...) - libexif 0.6.21-5.1 (bug #918730) [stretch] - libexif (Minor issue) - [jessie] - libexif (Minor issue) NOTE: https://secuniaresearch.flexerasoftware.com/secunia_research/2018-28/ NOTE: https://github.com/libexif/libexif/commit/6aa11df549114ebda520dde4cdaea2f9357b2c89 CVE-2018-20029 (The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6 ...) @@ -173985,7 +173984,6 @@ CVE-2017-7545 (It was discovered that the XmlUtils class in jbpmmigration 6.5 pe CVE-2017-7544 (libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulner ...) - libexif 0.6.21-2.1 (bug #876466) [stretch] - libexif (Minor issue) - [jessie] - libexif (Minor issue) [wheezy] - libexif (Minor issue) NOTE: https://sourceforge.net/p/libexif/bugs/130/ CVE-2017-7543 (A race-condition flaw was discovered in openstack-neutron before 7.2.0 ...) @@ -205514,7 +205512,6 @@ CVE-2016-6329 (OpenVPN, when using a 64-bit block cipher, makes it easier for re CVE-2016-6328 (A vulnerability was found in libexif. An integer overflow when parsing ...) - libexif 0.6.21-2.1 (bug #873022) [stretch] - libexif (Minor issue) - [jessie] - libexif (Minor issue) [wheezy] - libexif (Minor issue) NOTE: http://libexif.cvs.sourceforge.net/viewvc/libexif/libexif/libexif/pentax/mnote-pentax-entry.c?r1=1.26=1.27 CVE-2016-6327 (drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel before 4.5.1 ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3eaa97567ee6fefb76390888f1e9cf37a19ea407 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3eaa97567ee6fefb76390888f1e9cf37a19ea407 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Reserve DLA-2214-1 for libexif
Mike Gabriel pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
add1bfe7 by Mike Gabriel at 2020-05-18T06:32:47+02:00
Reserve DLA-2214-1 for libexif
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
=
data/DLA/list
=
@@ -1,3 +1,6 @@
+[18 May 2020] DLA-2214-1 libexif - security update
+ {CVE-2016-6328 CVE-2017-7544 CVE-2018-20030 CVE-2020-0093
CVE-2020-12767}
+ [jessie] - libexif 0.6.21-2+deb8u2
[16 May 2020] DLA-2213-1 exim4 - security update
{CVE-2020-12783}
[jessie] - exim4 4.84.2-2+deb8u7
=
data/dla-needed.txt
=
@@ -55,8 +55,6 @@ json-c (Mike Gabriel)
libdatetime-timezone-perl
NOTE: 20200514: LTS update must wait on oldstable update first to prevent
newer version in LTS (roberto)
--
-libexif (Mike Gabriel)
---
libmatio (Adrian Bunk)
NOTE: fairly high number of open issues. Not sure why we never had a look at
them.
NOTE: triage work needed, help security team for fixes if needed.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/add1bfe7a00c68c6c467cb9e63d633847d82a858
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/add1bfe7a00c68c6c467cb9e63d633847d82a858
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] dla-needed.txt: Ongoing work on squid3 to incorporate latest CVE.
Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 83eee3c6 by Markus Koschany at 2020-05-18T00:50:34+02:00 dla-needed.txt: Ongoing work on squid3 to incorporate latest CVE. - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -101,8 +101,8 @@ salt (Abhijith PA) NOTE: 20200501: Upstream fix for CVE-CVE-2020-11651 causes a regression. Should be fixed too. (Ola) -- squid3 (Markus Koschany) - NOTE: 20200427: Working on squid3 in Stretch which will be used for Jessie - NOTE: 20200427: and Stretch. It seems more useful for the future. + NOTE: 20200518: Ongoing work on squid3 in Stretch which will be used for Jessie + NOTE: 20200518: and Stretch. -- tomcat8 (Roberto C. Sánchez) In d8fb8968ba9d89b4fd62e6570ad78b2efa8b7635 the DLA was reserved but not uploaded. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83eee3c6151479dc99a18e84968b2c0b91a3b4e9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83eee3c6151479dc99a18e84968b2c0b91a3b4e9 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c63205e6 by Moritz Muehlenhoff at 2020-05-17T23:28:03+02:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -11,13 +11,13 @@ CVE-2020-13123 CVE-2020-13122 RESERVED CVE-2020-13121 (Submitty through 20.04.01 has an open redirect via authentication/logi ...) - TODO: check + NOT-FOR-US: Submitty CVE-2020-13120 RESERVED CVE-2020-13119 RESERVED CVE-2020-13118 (An issue was discovered in Mikrotik-Router-Monitoring-System through 2 ...) - TODO: check + NOT-FOR-US: Mikrotik-Router-Monitoring-System CVE-2020-13117 RESERVED CVE-2020-13116 @@ -31,11 +31,11 @@ CVE-2020-13113 CVE-2020-13112 RESERVED CVE-2020-13111 (NaviServer 4.99.4 to 4.99.19 allows denial of service due to the nsd/d ...) - TODO: check + NOT-FOR-US: NaviServer CVE-2020-13110 (The kerberos package before 1.0.0 for Node.js allows arbitrary code ex ...) TODO: check CVE-2020-13109 (Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remo ...) - TODO: check + NOT-FOR-US: Morita Shogi CVE-2020-13108 RESERVED CVE-2020-13107 @@ -1052,7 +1052,7 @@ CVE-2020-12652 (The __mptctl_ioctl function in drivers/message/fusion/mptctl.c i [buster] - linux 4.19.98-1 NOTE: https://git.kernel.org/linus/28d76df18f0ad5bcf5fa48510b225f0ed262a99b (5.5-rc7) CVE-2020-12651 (SecureCRT before 8.7.2 allows remote attackers to execute arbitrary co ...) - TODO: check + NOT-FOR-US: SecureCRT CVE-2020-12650 REJECTED CVE-2020-12649 (Gurbalib through 2020-04-30 allows lib/cmds/player/help.c directory tr ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c63205e642c205ed1ed0249a22b0fbab4c2c2ccd -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c63205e642c205ed1ed0249a22b0fbab4c2c2ccd You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] dla: work is ongoing
Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker Commits: 48a70e61 by Adrian Bunk at 2020-05-18T00:24:32+03:00 dla: work is ongoing - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -67,7 +67,7 @@ libmatio (Adrian Bunk) NOTE: 20190428: is likely vulnerable NOTE: 20190428: some CVE testcases still fail after applying the fix, NOTE: 20190428: older changes seem to also be required for them - NOTE: 20200503: work is ongoing (bunk) + NOTE: 20200518: work is ongoing (bunk) -- libsixel (Dylan Aïssi) NOTE: 20200416 minor issue(s), not patch(es), yet. View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48a70e61a245ba88aeed8a113f7fcd32d729042f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/48a70e61a245ba88aeed8a113f7fcd32d729042f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 9b3ab341 by security tracker role at 2020-05-17T20:10:30+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -22206,8 +22206,8 @@ CVE-2020-4347 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could be s NOT-FOR-US: IBM CVE-2020-4346 (IBM API Connect's V2018.4.1.0 through 2018.4.1.10 management server ha ...) NOT-FOR-US: IBM -CVE-2020-4345 - RESERVED +CVE-2020-4345 (IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a s ...) + TODO: check CVE-2020-4344 RESERVED CVE-2020-4343 (IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacke ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b3ab341d36ef51fab1ab8c53ff26040d1599988 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b3ab341d36ef51fab1ab8c53ff26040d1599988 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] LTS: claim bluez in dla-needed.txt
Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker Commits: 5a46b6fc by Roberto C. Sánchez at 2020-05-17T08:12:17-04:00 LTS: claim bluez in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -26,7 +26,7 @@ apache2 (Utkarsh Gupta) NOTE: 20200501: No CVE yet. (Ola) NOTE: 20200510: Asking upstream for CVE assignment. (utkarsh) -- -bluez +bluez (Roberto C. Sánchez) NOTE: 20200420: Many upstream refactorings make this hard to see where the NOTE: 20200420: check for bonded connections should go. (eg. 7d9718cfc, NOTE: 20200420: 718bad60d, etc.) (lamby) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a46b6fc6424929bb12b5a9c3edffdf954f5cc55 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a46b6fc6424929bb12b5a9c3edffdf954f5cc55 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Process two NFUs
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 1b5349be by Salvatore Bonaccorso at 2020-05-17T10:51:58+02:00 Process two NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -1,9 +1,9 @@ CVE-2020-13127 RESERVED CVE-2020-13126 (An issue was discovered in the Elementor Pro plugin before 2.9.4 for W ...) - TODO: check + NOT-FOR-US: Elementor Pro plugin for WordPress CVE-2020-13125 (An issue was discovered in the "Ultimate Addons for Elementor" plugin ...) - TODO: check + NOT-FOR-US: "Ultimate Addons for Elementor" plugin for WordPress CVE-2020-13124 RESERVED CVE-2020-13123 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b5349be1ea5c6d962baa162968b46b1e4377d60 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1b5349be1ea5c6d962baa162968b46b1e4377d60 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
21994aef by security tracker role at 2020-05-17T08:10:14+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
=
@@ -1,3 +1,23 @@
+CVE-2020-13127
+ RESERVED
+CVE-2020-13126 (An issue was discovered in the Elementor Pro plugin before
2.9.4 for W ...)
+ TODO: check
+CVE-2020-13125 (An issue was discovered in the "Ultimate Addons for Elementor"
plugin ...)
+ TODO: check
+CVE-2020-13124
+ RESERVED
+CVE-2020-13123
+ RESERVED
+CVE-2020-13122
+ RESERVED
+CVE-2020-13121 (Submitty through 20.04.01 has an open redirect via
authentication/logi ...)
+ TODO: check
+CVE-2020-13120
+ RESERVED
+CVE-2020-13119
+ RESERVED
+CVE-2020-13118 (An issue was discovered in Mikrotik-Router-Monitoring-System
through 2 ...)
+ TODO: check
CVE-2020-13117
RESERVED
CVE-2020-13116
@@ -703,7 +723,7 @@ CVE-2020-12774
CVE-2020-12773
RESERVED
CVE-2020-12783 (Exim through 4.93 has an out-of-bounds read in the SPA
authenticator t ...)
- {DSA-4687-1}
+ {DSA-4687-1 DLA-2213-1}
- exim4 4.93-16
NOTE: https://bugs.exim.org/show_bug.cgi?id=2571
NOTE:
https://git.exim.org/exim.git/commitdiff/57aa14b216432be381b6295c312065b2fd034f86
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21994aefd408494549fe66a8586cd84f8dc8c0da
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21994aefd408494549fe66a8586cd84f8dc8c0da
You're receiving this email because of your account on salsa.debian.org.
___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add tracking of fixed version for qemu and slirp4netns switching to use system libslirp library
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b03fc93d by Salvatore Bonaccorso at 2020-05-17T10:08:57+02:00 Add tracking of fixed version for qemu and slirp4netns switching to use system libslirp library - - - - - 1 changed file: - data/embedded-code-copies Changes: = data/embedded-code-copies = @@ -873,6 +873,10 @@ qemu - xen-unstable (embed; bug #560856) - slirp4netns (embed) +libslirp + - qemu 1:4.1-2 (embed) + - slirp4netns 1.0.1-1 (embed) + vgabios - kvm (embed; bug #489442) - qemu-kvm (embed) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b03fc93d74489d1918a75d8cdf75e16d65adbc7f -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b03fc93d74489d1918a75d8cdf75e16d65adbc7f You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Update information on CVE-2020-8608 and CVE-2020-1983
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 43ddf267 by Salvatore Bonaccorso at 2020-05-17T10:07:08+02:00 Update information on CVE-2020-8608 and CVE-2020-1983 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@ -12006,11 +12006,12 @@ CVE-2020-8608 (In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snpr [stretch] - qemu (Minor issue) - qemu-kvm - slirp - - slirp4netns + - slirp4netns 1.0.1-1 [buster] - slirp4netns (Minor issue) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/68ccb8021a838066f0951d4b2817eb6b6f10a843 NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/30648c03b27fb8d9611b723184216cd3174b6775 NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed. + NOTE: slirp4netns 1.0.1-1 switched to system libslirp, marking that version as fixed. CVE-2020-8607 RESERVED CVE-2020-8606 @@ -28740,10 +28741,11 @@ CVE-2020-1983 (A use after free vulnerability in ip_reass() in ip_input.c of lib - qemu 1:4.1-2 - qemu-kvm - libslirp 4.2.0-2 - - slirp4netns + - slirp4netns 1.0.1-1 [buster] - slirp4netns (Minor issue) NOTE: https://gitlab.freedesktop.org/slirp/libslirp/-/commit/9bd6c5913271eabcb7768a58197ed3301fe19f2d - NOTE: 1:4.1-2 switched to system libslirp, marking that version as fixed + NOTE: qemu 1:4.1-2 switched to system libslirp, marking that version as fixed + NOTE: slirp4netns 1.0.1-1 switched to system libslirp, marking that version as fixed. CVE-2020-1982 RESERVED CVE-2020-1981 (A predictable temporary filename vulnerability in PAN-OS allows local ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43ddf2675a11f8a83845bee9cf2f983f91c97326 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43ddf2675a11f8a83845bee9cf2f983f91c97326 You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
[Git][security-tracker-team/security-tracker][master] Add note on DLA reservation
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a4f82b03 by Salvatore Bonaccorso at 2020-05-17T08:39:14+02:00 Add note on DLA reservation - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt = @@ -105,6 +105,7 @@ squid3 (Markus Koschany) NOTE: 20200427: and Stretch. It seems more useful for the future. -- tomcat8 (Roberto C. Sánchez) + In d8fb8968ba9d89b4fd62e6570ad78b2efa8b7635 the DLA was reserved but not uploaded. -- tzdata NOTE: 20200514: LTS update must wait on oldstable update first to prevent newer version in LTS (roberto) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4f82b037811f65779579747db9122198e63bb7a -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a4f82b037811f65779579747db9122198e63bb7a You're receiving this email because of your account on salsa.debian.org. ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
