date:20211016

[Git][security-tracker-team/security-tracker][master] LTS: take mosquitto

2021-10-16 Thread Anton Gladky (@gladk)



Anton Gladky pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
db683d1b by Anton Gladky at 2021-10-16T22:57:15+02:00
LTS: take mosquitto

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=
data/dla-needed.txt
=
@@ -54,7 +54,7 @@ linux (Ben Hutchings)
 --
 linux-4.19 (Ben Hutchings)
 --
-mosquitto
+mosquitto (Anton Gladky)
   NOTE: 20210805: coordinating upload to buster before DLA for Stretch 
(codehelp)
   NOTE: 20210806: CVE-2021-34432 ignored in buster and stretch. Vulnerable 
code not accessible. (codehelp)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db683d1b158b5e2c7c12634accaf9c7dfc983ad0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db683d1b158b5e2c7c12634accaf9c7dfc983ad0
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Reserve DLA-2786-1 for nghttp2

2021-10-16 Thread Anton Gladky (@gladk)



Anton Gladky pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1d96f326 by Anton Gladky at 2021-10-16T22:43:13+02:00
Reserve DLA-2786-1 for nghttp2

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=
data/DLA/list
=
@@ -1,3 +1,6 @@
+[16 Oct 2021] DLA-2786-1 nghttp2 - security update
+   {CVE-2018-1000168 CVE-2020-11080}
+   [stretch] - nghttp2 1.18.1-1+deb9u2
 [12 Oct 2021] DLA-2785-1 linux-4.19 - security update
{CVE-2020-3702 CVE-2020-16119 CVE-2021-3444 CVE-2021-3600 CVE-2021-3612 
CVE-2021-3653 CVE-2021-3655 CVE-2021-3656 CVE-2021-3679 CVE-2021-3732 
CVE-2021-3743 CVE-2021-3753 CVE-2021-22543 CVE-2021-33624 CVE-2021-34556 
CVE-2021-35039 CVE-2021-35477 CVE-2021-37159 CVE-2021-37576 CVE-2021-38160 
CVE-2021-38198 CVE-2021-38199 CVE-2021-38204 CVE-2021-38205 CVE-2021-40490 
CVE-2021-42008 CVE-2021-42252}
[stretch] - linux-4.19 4.19.208-1~deb9u1


=
data/dla-needed.txt
=
@@ -58,9 +58,6 @@ mosquitto
   NOTE: 20210805: coordinating upload to buster before DLA for Stretch 
(codehelp)
   NOTE: 20210806: CVE-2021-34432 ignored in buster and stretch. Vulnerable 
code not accessible. (codehelp)
 --
-nghttp2 (Anton Gladky)
-  NOTE: 20211010: WIP https://salsa.debian.org/lts-team/packages/nghttp2
---
 ntfs-3g (Anton Gladky)
 --
 nvidia-graphics-drivers



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d96f3263c3f4717bd365bd798a3622d98a11523

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1d96f3263c3f4717bd365bd798a3622d98a11523
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

2021-10-16 Thread Salvatore Bonaccorso (@carnil)



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
64d3827b by security tracker role at 2021-10-16T20:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -42606,6 +42606,7 @@ CVE-2021-25635
NOTE: Fixed by: 
https://github.com/LibreOffice/core/commit/edeb164c1d8ab64116afee4e2140403a362a1358
 (7-0)
NOTE: Fixed by: 
https://github.com/LibreOffice/core/commit/a5fe0bea138c5b32268a5cd0093908909d8bc013
 (7-1)
 CVE-2021-25634 (LibreOffice supports digital signatures of ODF documents and 
macros wi ...)
+   {DSA-4988-1}
- libreoffice 1:7.2.0-2
[buster] - libreoffice  (Risk doesn't warrant complex backport)
NOTE: 
https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634
@@ -42619,6 +42620,7 @@ CVE-2021-25634 (LibreOffice supports digital signatures 
of ODF documents and mac
NOTE: Fixed by: 
https://github.com/LibreOffice/core/commit/89befefb98487a27bff1003084e1200320828b3f
 (7-1)
NOTE: Fixed by: 
https://github.com/LibreOffice/core/commit/b776cf1281660cf495e12824872576bb8e99d569
 (7-1)
 CVE-2021-25633 (LibreOffice supports digital signatures of ODF documents and 
macros wi ...)
+   {DSA-4988-1}
- libreoffice 1:7.2.0-2
[buster] - libreoffice  (Risk doesn't warrant complex backport)
NOTE: 
https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64d3827b4764e83c5a4aa549c625b62681104316

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64d3827b4764e83c5a4aa549c625b62681104316
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] libreoffice DSA

2021-10-16 Thread Moritz Muehlenhoff (@jmm)



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
4b349350 by Moritz Mühlenhoff at 2021-10-16T21:19:50+02:00
libreoffice DSA

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=
data/CVE/list
=
@@ -42607,6 +42607,7 @@ CVE-2021-25635
NOTE: Fixed by: 
https://github.com/LibreOffice/core/commit/a5fe0bea138c5b32268a5cd0093908909d8bc013
 (7-1)
 CVE-2021-25634 (LibreOffice supports digital signatures of ODF documents and 
macros wi ...)
- libreoffice 1:7.2.0-2
+   [buster] - libreoffice  (Risk doesn't warrant complex backport)
NOTE: 
https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25634
NOTE: https://www.openwall.com/lists/oss-security/2021/10/11/2
NOTE: XAdES/xades:SigningTime support introduced in 5.3, but 
pre-requisite for CVE-2021-25633/25634 also introduces it
@@ -42619,6 +42620,7 @@ CVE-2021-25634 (LibreOffice supports digital signatures 
of ODF documents and mac
NOTE: Fixed by: 
https://github.com/LibreOffice/core/commit/b776cf1281660cf495e12824872576bb8e99d569
 (7-1)
 CVE-2021-25633 (LibreOffice supports digital signatures of ODF documents and 
macros wi ...)
- libreoffice 1:7.2.0-2
+   [buster] - libreoffice  (Risk doesn't warrant complex backport)
NOTE: 
https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633
NOTE: https://www.openwall.com/lists/oss-security/2021/10/11/1
NOTE: Pre-requisites (replacement for XSecParser):


=
data/DSA/list
=
@@ -1,3 +1,6 @@
+[16 Oct 2021] DSA-4988-1 libreoffice - security update
+   {CVE-2021-25633 CVE-2021-25634}
+   [bullseye] - libreoffice 1:7.0.4-4+deb11u1
 [15 Oct 2021] DSA-4987-1 squashfs-tools - security update
{CVE-2021-41072}
[buster] - squashfs-tools 1:4.3-12+deb10u2


=
data/dsa-needed.txt
=
@@ -28,8 +28,6 @@ ffmpeg/oldstable (jmm)
 --
 icu
 --
-libreoffice (jmm)
---
 linux (carnil)
   Wait until more issues have piled up, though try to regulary rebase for point
   releases to more recent v4.19.y versions.



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b3493501fd99045fad4003291c4ad65e4e40218

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b3493501fd99045fad4003291c4ad65e4e40218
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Track experimental uploaded fixes for thunderbird (mfsa2021-47)

2021-10-16 Thread Salvatore Bonaccorso (@carnil)



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3a89fec3 by Salvatore Bonaccorso at 2021-10-16T21:12:15+02:00
Track experimental uploaded fixes for thunderbird (mfsa2021-47)

But only those which have an intersect with unstable beeing unfixed.
Some of the CVEs are known to be only affecting versions not released in
unstable.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -10605,6 +10605,7 @@ CVE-2021-38503
RESERVED
 CVE-2021-38502
RESERVED
+   [experimental] - thunderbird 1:91.2.0-1
- thunderbird 
NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2021-47/#CVE-2021-38502
TODO: double check, it was only referenced in mfsa2021-47 but not 
mfsa2021-46, but issue is about attack on SMTP STARTTLS connections
@@ -10621,6 +10622,7 @@ CVE-2021-38500
{DSA-4981-1 DLA-2782-1}
- firefox 93.0-1
- firefox-esr 91.2.0esr-1
+   [experimental] - thunderbird 1:91.2.0-1
- thunderbird 
NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38500
NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/#CVE-2021-38500
@@ -10652,6 +10654,7 @@ CVE-2021-38496
{DSA-4981-1 DLA-2782-1}
- firefox 93.0-1
- firefox-esr 91.2.0esr-1
+   [experimental] - thunderbird 1:91.2.0-1
- thunderbird 
NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38496
NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2021-44/#CVE-2021-38496



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a89fec34ed7d47ebadf281cc804548e16efc3ba

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a89fec34ed7d47ebadf281cc804548e16efc3ba
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] node-getobject spu/ospu

2021-10-16 Thread Moritz Muehlenhoff (@jmm)



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
20a650f6 by Moritz Mühlenhoff at 2021-10-16T21:06:39+02:00
node-getobject spu/ospu

- - - - -


2 changed files:

- data/next-oldstable-point-update.txt
- data/next-point-update.txt


Changes:

=
data/next-oldstable-point-update.txt
=
@@ -76,3 +76,5 @@ CVE-2020-28600
[buster] - openscad 2019.01~RC2-2+deb10u1
 CVE-2020-28599
[buster] - openscad 2019.01~RC2-2+deb10u1
+CVE-2020-28282
+   [buster] - node-getobject 0.1.0-2+deb10u1


=
data/next-point-update.txt
=
@@ -16,3 +16,5 @@ CVE-2021-3778
[bullseye] - vim 2:8.2.2434-3+deb11u1
 CVE-2021-3796
[bullseye] - vim 2:8.2.2434-3+deb11u1
+CVE-2020-28282
+   [bullseye] - node-getobject 0.1.0-2+deb11u1



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20a650f6e7a7e93a985690ae12b967e2c1dda644

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/20a650f6e7a7e93a985690ae12b967e2c1dda644
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] openrc n/a

2021-10-16 Thread Moritz Muehlenhoff (@jmm)



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9713767d by Moritz Mühlenhoff at 2021-10-16T21:04:47+02:00
openrc n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1453,7 +1453,7 @@ CVE-2021-42343
 CVE-2021-42342 (An issue was discovered in GoAhead 4.x and 5.x before 5.1.5. 
In the fi ...)
NOT-FOR-US: Embedthis GoAhead
 CVE-2021-42341 (checkpath in OpenRC before 0.44.7 uses the direct output of 
strlen() t ...)
-   - openrc 
+   - openrc  (Introduced in 0.44)
NOTE: https://github.com/OpenRC/openrc/issues/459
NOTE: https://github.com/OpenRC/openrc/pull/462
NOTE: 
https://github.com/OpenRC/openrc/commit/bb8334104baf4d5a4a442a8647fb9204738f2204



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9713767dceb792e0eaf22ec679fb8258d8d527ba

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9713767dceb792e0eaf22ec679fb8258d8d527ba
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-37146/ros-ros-comm via unstable

2021-10-16 Thread Salvatore Bonaccorso (@carnil)



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9ef811a8 by Salvatore Bonaccorso at 2021-10-16T21:00:29+02:00
Track fixed version for CVE-2021-37146/ros-ros-comm via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -13884,7 +13884,7 @@ CVE-2021-37147
RESERVED
 CVE-2021-37146 (An infinite loop in Open Robotics ros_comm XMLRPC server in 
ROS Melodi ...)
[experimental] - ros-ros-comm 1.15.13+ds1-1
-   - ros-ros-comm 
+   - ros-ros-comm 1.15.13+ds1-2
[bullseye] - ros-ros-comm  (Minor issue)
[buster] - ros-ros-comm  (Minor issue)
[stretch] - ros-ros-comm  (Minor issue)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ef811a8991e897e0eeb2b7cd275f26e18b11fa1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ef811a8991e897e0eeb2b7cd275f26e18b11fa1
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] CVE-2021-42326/redmine: reference patch

2021-10-16 Thread Sylvain Beucler (@beuc)



Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e4a7e423 by Sylvain Beucler at 2021-10-16T18:59:21+02:00
CVE-2021-42326/redmine: reference patch

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -1715,6 +1715,7 @@ CVE-2021-42326 (Redmine before 4.1.5 and 4.2.x before 
4.2.3 may disclose the nam
NOTE: https://www.redmine.org/news/133
NOTE: 
https://www.redmine.org/projects/redmine/wiki/Changelog_4_1#415-2021-10-10
NOTE: 
https://www.redmine.org/projects/redmine/wiki/Changelog_4_2#423-2021-10-10
+   NOTE: 
https://www.redmine.org/projects/redmine/repository/revisions/21209
 CVE-2021-42325 (Froxlor through 0.10.29.1 allows SQL injection in 
Database/Manager/DbM ...)
NOT-FOR-US: Froxlor
 CVE-2021-42324



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4a7e42383383a4d4adc5299cacb3635db6ff639

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4a7e42383383a4d4adc5299cacb3635db6ff639
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] dla: claim redmine

2021-10-16 Thread Sylvain Beucler (@beuc)



Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5f502b24 by Sylvain Beucler at 2021-10-16T18:44:06+02:00
dla: claim redmine

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=
data/dla-needed.txt
=
@@ -88,7 +88,7 @@ redis (Chris Lamb)
   NOTE: 20211004: Fixed in sid and experimental. (lamby)
   NOTE: 20211006: buster-pu filed in #995825. (lamby)
 --
-redmine
+redmine (Sylvain Beucler)
   NOTE: 20211013: Issue appears to be private, so may require comparison of 
release
   NOTE: 20211013: tarballs to find upstream changeset. (lamby)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f502b244cfd0afdff0cf524ed26c72cae2e298a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5f502b244cfd0afdff0cf524ed26c72cae2e298a
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add two NFUs

2021-10-16 Thread Salvatore Bonaccorso (@carnil)



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9b617c59 by Salvatore Bonaccorso at 2021-10-16T18:09:39+02:00
Add two NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -2537,6 +2537,7 @@ CVE-2021-41972
RESERVED
 CVE-2021-41971
RESERVED
+   NOT-FOR-US: Apache Superset
 CVE-2021-3856
RESERVED
NOT-FOR-US: Keycloak
@@ -24688,6 +24689,7 @@ CVE-2021-32610 (In Archive_Tar before 1.4.14, symlinks 
can refer to targets outs
NOTE: 
https://github.com/pear/Archive_Tar/commit/b5832439b1f37331fb4f87e67fe4f61ca26bf7d4
 (1.4.14)
 CVE-2021-32609
RESERVED
+   NOT-FOR-US: Apache Superset
 CVE-2021-32608 (An issue was discovered in Smartstore (aka SmartStoreNET) 
through 4.1. ...)
NOT-FOR-US: Smartstore
 CVE-2021-32607 (An issue was discovered in Smartstore (aka SmartStoreNET) 
through 4.1. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b617c59eba1512ee7a8a5cc2149bdf43c5e261a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9b617c59eba1512ee7a8a5cc2149bdf43c5e261a
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add CVE-2021-34866/linux

2021-10-16 Thread Salvatore Bonaccorso (@carnil)



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
db9e1c2a by Salvatore Bonaccorso at 2021-10-16T09:02:25+02:00
Add CVE-2021-34866/linux

- - - - -


1 changed file:

- data/CVE/list


Changes:

=
data/CVE/list
=
@@ -19187,6 +19187,11 @@ CVE-2021-34867
RESERVED
 CVE-2021-34866
RESERVED
+   - linux 5.14.6-1
+   [bullseye] - linux 5.10.70-1
+   [buster] - linux  (Vulnerable code introduced later)
+   [stretch] - linux  (Vulnerable code introduced later)
+   NOTE: Fixed by: 
https://git.kernel.org/linus/5b029a32cfe4600f5e10e36b41778506b90fd4de (5.14)
 CVE-2021-34865
RESERVED
 CVE-2021-34864



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db9e1c2a79ed70ab5cf509a81f228bc12e384cc9

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/db9e1c2a79ed70ab5cf509a81f228bc12e384cc9
You're receiving this email because of your account on salsa.debian.org.


___
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] LTS: take mosquitto

[Git][security-tracker-team/security-tracker][master] Reserve DLA-2786-1 for nghttp2

[Git][security-tracker-team/security-tracker][master] automatic update

[Git][security-tracker-team/security-tracker][master] libreoffice DSA

[Git][security-tracker-team/security-tracker][master] Track experimental uploaded fixes for thunderbird (mfsa2021-47)

[Git][security-tracker-team/security-tracker][master] node-getobject spu/ospu

[Git][security-tracker-team/security-tracker][master] openrc n/a

[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2021-37146/ros-ros-comm via unstable

[Git][security-tracker-team/security-tracker][master] CVE-2021-42326/redmine: reference patch

[Git][security-tracker-team/security-tracker][master] dla: claim redmine

[Git][security-tracker-team/security-tracker][master] Add two NFUs

[Git][security-tracker-team/security-tracker][master] Add CVE-2021-34866/linux

12 matches

Site Navigation

Mail list logo

Footer information