[Git][security-tracker-team/security-tracker][master] Four curl issues fixed via unstable upload

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 10f29c72 by Salvatore Bonaccorso at 2018-11-01T06:39:24Z Four curl issues fixed via unstable upload - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] CVE-2018-18883/xen assigned for XSA-278

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 575c by Salvatore Bonaccorso at 2018-11-01T05:48:24Z CVE-2018-18883/xen assigned for XSA-278 - - - - - 1 changed file: - data/CVE/list Changes: = dat

[Git][security-tracker-team/security-tracker][master] LTS/claim mysql-5.5

= @@ -55,7 +55,7 @@ linux-4.9 (Ben Hutchings) mono (Markus Koschany) NOTE: 20181031: Waiting for upstream response for CVE-2018-1002208. (apo) -- -mysql-5.5 +mysql-5.5 (Roberto C. Sánchez) -- nsis (Thorsten Alteholz) NOTE: 20181007: Windows installer

[Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries which got an update in DLA-1562-1

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: bd4819f9 by Salvatore Bonaccorso at 2018-10-31T21:44:16Z Remove no-dsa tagged entries which got an update in DLA-1562-1 - - - - - 1 changed file: - data/CVE/list Changes: ==

[Git][security-tracker-team/security-tracker][master] Add tiff to dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 786a523d by Markus Koschany at 2018-10-31T21:37:37Z Add tiff to dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt

[Git][security-tracker-team/security-tracker][master] Reserve DLA-1562-1 for poppler

Mike Gabriel pushed to branch master at Debian Security Tracker / security-tracker Commits: d4526e6e by Mike Gabriel at 2018-10-31T21:22:22Z Reserve DLA-1562-1 for poppler - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes: = data/

[Git][security-tracker-team/security-tracker][master] Add CVE-2018-18873/jasper

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 58a6133e by Salvatore Bonaccorso at 2018-10-31T21:18:41Z Add CVE-2018-18873/jasper - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ===

[Git][security-tracker-team/security-tracker][master] Add CVE-2018-11759/libapache-mod-jk information disclosure issue

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d3c9fa98 by Salvatore Bonaccorso at 2018-10-31T20:28:19Z Add CVE-2018-11759/libapache-mod-jk information disclosure issue - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 25215c3f by Salvatore Bonaccorso at 2018-10-31T20:17:37Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] 2 commits: CVE/list: Link to upstream comment about CVE-2018-1002208

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 45becf37 by Markus Koschany at 2018-10-31T20:15:16Z CVE/list: Link to upstream comment about CVE-2018-1002208 - - - - - 708e6cda by Markus Koschany at 2018-10-31T20:16:17Z Merge branch 'master' of sa

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 2bf1a0cd by security tracker role at 2018-10-31T20:10:21Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ===

[Git][security-tracker-team/security-tracker][master] Remove no-dsa entry as it got an update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 2456b1a4 by Salvatore Bonaccorso at 2018-10-31T20:09:37Z Remove no-dsa entry as it got an update - - - - - 1 changed file: - data/CVE/list Changes: = dat

[Git][security-tracker-team/security-tracker][master] Small status adjustment for CVE-2018-12689

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 59b13540 by Salvatore Bonaccorso at 2018-10-31T20:08:10Z Small status adjustment for CVE-2018-12689 The issue raised to be not a security issue at all. Proper REJECT by MITRE requested/pending.

[Git][security-tracker-team/security-tracker][master] dla-needed.txt: Add NOTE for mono.

-needed.txt = @@ -53,6 +53,7 @@ linux (Ben Hutchings) linux-4.9 (Ben Hutchings) -- mono (Markus Koschany) + NOTE: 20181031: Waiting for upstream response for CVE-2018-1002208. (apo) -- mysql-5.5 -- View it on GitLab: https://salsa.debian.org/security

[Git][security-tracker-team/security-tracker][master] Claim glusterfs in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 417f4d3d by Markus Koschany at 2018-10-31T19:54:54Z Claim glusterfs in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-need

[Git][security-tracker-team/security-tracker][master] fix typo in CVE number

Antoine Beaupré pushed to branch master at Debian Security Tracker / security-tracker Commits: 3aee0253 by Antoine Beaupré at 2018-10-31T18:00:45Z fix typo in CVE number - - - - - 2 changed files: - data/CVE/list - data/DLA/list Changes: = data/CVE/list

Processing b6208717cc93b3ff09499954a6d76bbc0ecdcfb1 failed

The error message was: reference to unknown bug CVE-2016-11107 Makefile:34: recipe for target 'all' failed make: *** [all] Error 1 ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-li

[Git][security-tracker-team/security-tracker][master] Revert "mark CVE-2018-12689 as n/a as we cannot reproduce"

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: b6208717 by Moritz Muehlenhoff at 2018-10-31T17:45:26Z Revert "mark CVE-2018-12689 as n/a as we cannot reproduce" This reverts commit 1d7bfcfad4ff799354cd8dbaa9fb2d532c559422. Broken syntax. - - -

Processing e90fad61505c264a72e19b073f1519247e538120 failed

The error message was: reference to unknown bug CVE-2016-11107 Makefile:34: recipe for target 'all' failed make: *** [all] Error 1 ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-li

Processing e90fad61505c264a72e19b073f1519247e538120 failed

The error message was: reference to unknown bug CVE-2016-11107 Makefile:34: recipe for target 'all' failed make: *** [all] Error 1 ___ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-li

[Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2018-12689 as n/a as we cannot reproduce

Antoine Beaupré pushed to branch master at Debian Security Tracker / security-tracker Commits: 1d7bfcfa by Antoine Beaupré at 2018-10-31T17:27:53Z mark CVE-2018-12689 as n/a as we cannot reproduce - - - - - e90fad61 by Antoine Beaupré at 2018-10-31T17:33:15Z Reserve DLA-1561-1 for phpldapadmin

[Git][security-tracker-team/security-tracker][master] Add new glusterfs issues

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5da734dd by Salvatore Bonaccorso at 2018-10-31T16:45:56Z Add new glusterfs issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] mark CVE-2018-11039 as no-dsa in jessie

Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 93a6bed3 by Abhijith PA at 2018-10-31T16:41:00Z mark CVE-2018-11039 as no-dsa in jessie - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ===

[Git][security-tracker-team/security-tracker][master] Make clear flif in experimental is unfixed as for now

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 4dab84c0 by Salvatore Bonaccorso at 2018-10-31T16:32:51Z Make clear flif in experimental is unfixed as for now The package is more ore less dead upstream, and arguably it should be removed from D

[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt:claim openjdk-7

Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 38097df2 by Abhijith PA at 2018-10-31T15:48:17Z data/dla-needed.txt:claim openjdk-7 - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt

[Git][security-tracker-team/security-tracker][master] Mark CVE-2018-18662 as not-affected in jessie

Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: d643bdaa by Abhijith PA at 2018-10-31T15:45:43Z Mark CVE-2018-18662 as not-affected in jessie - - - - - 2 changed files: - data/CVE/list - data/dla-needed.txt Changes: ==

[Git][security-tracker-team/security-tracker][master] claim phpldapadmin, after talks with sunweaver

Antoine Beaupré pushed to branch master at Debian Security Tracker / security-tracker Commits: 56205af1 by Antoine Beaupré at 2018-10-31T15:03:12Z claim phpldapadmin, after talks with sunweaver - - - - - 1 changed file: - data/dla-needed.txt Changes: =

[Git][security-tracker-team/security-tracker][master] shellinabox no-dsa

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: a8074b6a by Moritz Muehlenhoff at 2018-10-31T14:53:59Z shellinabox no-dsa - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ==

[Git][security-tracker-team/security-tracker][master] flif removed

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: e167cf2f by Moritz Muehlenhoff at 2018-10-31T14:47:01Z flif removed - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] 2 commits: Claim libdatetime-timezone-perl and tzdata in dla-needed.txt

Santiago R.R. pushed to branch master at Debian Security Tracker / security-tracker Commits: dcf1955f by Santiago Ruano Rincón at 2018-10-31T12:54:34Z Claim libdatetime-timezone-perl and tzdata in dla-needed.txt Signed-off-by: Santiago Ruano Rincón - - - - - 75dc2b70 by

[Git][security-tracker-team/security-tracker][master] Unlock the packages claimed by Emilio as discussed on our team mailing list.

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 11e9b10a by Markus Koschany at 2018-10-31T12:53:28Z Unlock the packages claimed by Emilio as discussed on our team mailing list. - - - - - 1 changed file: - data/dla-needed.txt Changes:

[Git][security-tracker-team/security-tracker][master] Update status for stretch for CVE-2018-16840/curl

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 139d2fe3 by Salvatore Bonaccorso at 2018-10-31T11:29:25Z Update status for stretch for CVE-2018-16840/curl - - - - - 1 changed file: - data/CVE/list Changes: ===

[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2018-16839/curl

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 65cb1250 by Salvatore Bonaccorso at 2018-10-31T09:50:27Z Add CVE-2018-16839/curl - - - - - cac5b859 by Salvatore Bonaccorso at 2018-10-31T09:50:53Z Add fixed by string for consistency with other

[Git][security-tracker-team/security-tracker][master] Add CVE-2018-16840/curl

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 48ccd277 by Salvatore Bonaccorso at 2018-10-31T09:48:39Z Add CVE-2018-16840/curl - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] Add CVE-2018-16842/curl

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8df33941 by Salvatore Bonaccorso at 2018-10-31T09:40:45Z Add CVE-2018-16842/curl - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] Track some nextcloud issues

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0c0b7c6a by Salvatore Bonaccorso at 2018-10-31T09:39:08Z Track some nextcloud issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 2a6cd741 by Salvatore Bonaccorso at 2018-10-31T08:50:54Z Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ===

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ef01e8af by security tracker role at 2018-10-31T08:10:15Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ===

[Git][security-tracker-team/security-tracker][master] Add CVE-2018-15688/network-manager proposed update via stretch-pu

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d3842daf by Salvatore Bonaccorso at 2018-10-31T07:35:01Z Add CVE-2018-15688/network-manager proposed update via stretch-pu - - - - - 1 changed file: - data/next-point-update.txt Changes: ==

[Git][security-tracker-team/security-tracker][master] Add proposed gthumb via stretch-pu

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 76714e98 by Salvatore Bonaccorso at 2018-10-31T07:32:53Z Add proposed gthumb via stretch-pu - - - - - 1 changed file: - data/next-point-update.txt Changes: =