[Git][security-tracker-team/security-tracker][master] Add fixed version for CVE-2018-10289/mupdf

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 2010460a by Salvatore Bonaccorso at 2018-09-03T04:54:41Z Add fixed version for CVE-2018-10289/mupdf - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Claim polarssl.

= @@ -92,7 +92,7 @@ openssh (Santiago) phpldapadmin (Mike Gabriel) NOTE: 20180731: See https://lists.debian.org/debian-lts/2018/07/msg00123.html for research already done -- -polarssl +polarssl (Mike Gabriel) NOTE: 20180902: The no-dsa/postponed issues could be fixed

[Git][security-tracker-team/security-tracker][master] Add polarssl to dla-needed.txt

-needed.txt = @@ -92,6 +92,9 @@ openssh (Santiago) phpldapadmin (Mike Gabriel) NOTE: 20180731: See https://lists.debian.org/debian-lts/2018/07/msg00123.html for research already done -- +polarssl + NOTE: 20180902: The no-dsa/postponed issues could be fixed

[Git][security-tracker-team/security-tracker][master] mark libesedb as undetermined

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f7bced70 by Moritz Muehlenhoff at 2018-09-02T21:06:01Z mark libesedb as undetermined - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Reserve DLA-1491-1 for tomcat8

Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker Commits: cfb194a9 by Roberto C. Sánchez at 2018-09-02T20:22:29Z Reserve DLA-1491-1 for tomcat8 - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes:

[Git][security-tracker-team/security-tracker][master] Process several CVEs as NFU

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b9d33afc by Salvatore Bonaccorso at 2018-09-02T20:16:02Z Process several CVEs as NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: aa04531f by security tracker role at 2018-09-02T20:10:27Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Claim discount in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 69191d45 by Markus Koschany at 2018-09-02T19:55:30Z Claim discount in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: =

[Git][security-tracker-team/security-tracker][master] discount: Add link to fixing commit

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: b0f40ae2 by Markus Koschany at 2018-09-02T19:54:21Z discount: Add link to fixing commit - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Add libxml2, but not for direct DSA, rather first re-evaluation

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0f3b8c2f by Salvatore Bonaccorso at 2018-09-02T19:46:55Z Add libxml2, but not for direct DSA, rather first re-evaluation - - - - - 1 changed file: - data/dsa-needed.txt Changes:

[Git][security-tracker-team/security-tracker][master] CVE-2018-16328,imagemagick: Jessie is not-affected

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 3a18f3f0 by Markus Koschany at 2018-09-02T19:32:11Z CVE-2018-16328,imagemagick: Jessie is not-affected - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] CVE-2018-16335,tiff: postponed for Jessie

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: f60f5c51 by Markus Koschany at 2018-09-02T19:26:45Z CVE-2018-16335,tiff: postponed for Jessie Can be fixed in a future DLA when upstream clarifies impact and solution. - - - - - 1 changed file: -

[Git][security-tracker-team/security-tracker][master] 2 commits: Revert "Let's try this syntax instead."

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 096ad330 by Markus Koschany at 2018-09-02T19:24:03Z Revert Lets try this syntax instead. This reverts commit e80ddceb278cbbc06a8bd97f23f8ad062b5ec681. - - - - - 996f06e9 by Markus Koschany at

Processing f214a693db7aa287e6e4e588fa3ee88f3b0e8e91 failed

The error message was: data/CVE/list:69007: no-dsa note needs release specification Makefile:34: recipe for target 'all' failed make: *** [all] Error 1 ___ debian-security-tracker-commits mailing list

[Git][security-tracker-team/security-tracker][master] 2 commits: Let's try this syntax instead.

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: e80ddceb by Markus Koschany at 2018-09-02T19:19:43Z Lets try this syntax instead. - - - - - f214a693 by Markus Koschany at 2018-09-02T19:20:25Z Merge branch master of

[Git][security-tracker-team/security-tracker][master] Add more references for CVE-2011-2767/libapache2-mod-perl2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 19d66e69 by Salvatore Bonaccorso at 2018-09-02T19:18:17Z Add more references for CVE-2011-2767/libapache2-mod-perl2 - - - - - 1 changed file: - data/CVE/list Changes:

Processing 19d66e6986d123047168d1b89a051b276f02d9f8 failed

The error message was: data/CVE/list:68996: expected CVE annotation, got: 'php5 (Not reproducible, vulnerable code not present.)' Makefile:34: recipe for target 'all' failed make: *** [all] Error 1 ___ debian-security-tracker-commits mailing list

[Git][security-tracker-team/security-tracker][master] Mark some php5 issues as affecting/not affecting all suites as

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 1dcb4542 by Markus Koschany at 2018-09-02T19:14:34Z Mark some php5 issues as affecting/not affecting all suites as recommended by jmm. Technically src:php5 only exists in Jessie, so the specific

[Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-16329

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 226e4d82 by Salvatore Bonaccorso at 2018-09-02T14:55:48Z Update information for CVE-2018-16329 The broken assert is only introduced in 7.0.1. But before that there was apparently event no check

[Git][security-tracker-team/security-tracker][master] Update information on CVE-2018-16328 for stretch

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f68116a1 by Salvatore Bonaccorso at 2018-09-02T14:39:40Z Update information on CVE-2018-16328 for stretch - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Mark CVE-2018-16335 as postponed

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ca7c730a by Salvatore Bonaccorso at 2018-09-02T09:39:20Z Mark CVE-2018-16335 as postponed - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add two imagemagick issues, but need first further check

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 136bc101 by Salvatore Bonaccorso at 2018-09-02T09:28:41Z Add two imagemagick issues, but need first further check - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 14cf625e by Salvatore Bonaccorso at 2018-09-02T09:22:29Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Add bug reference for CVE-2018-16335

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 4075707f by Salvatore Bonaccorso at 2018-09-02T09:15:03Z Add bug reference for CVE-2018-16335 - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2018-16335/tiff

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e9fbe1ad by Salvatore Bonaccorso at 2018-09-02T08:57:22Z Add CVE-2018-16335/tiff - - - - - 405a3ae3 by Salvatore Bonaccorso at 2018-09-02T08:57:47Z Add note for CVE-2018-15209 - - - - - 1

[Git][security-tracker-team/security-tracker][master] Add CVE-2018-16336/exiv2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: fadff972 by Salvatore Bonaccorso at 2018-09-02T08:36:58Z Add CVE-2018-16336/exiv2 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f53dac45 by security tracker role at 2018-09-02T08:10:22Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entry which got an update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 6cab204c by Salvatore Bonaccorso at 2018-09-02T07:27:57Z Remove no-dsa tagged entry which got an update - - - - - 1 changed file: - data/CVE/list Changes: