[Git][security-tracker-team/security-tracker][master] Add related commits for exiv2 for upstream issues #590

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 9734a84f by Salvatore Bonaccorso at 2019-01-24T06:42:27Z Add related commits for exiv2 for upstream issues #590 The issues need to be further investigated as there are two related CVEs in TODO:

[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-6486/golang*

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 61552232 by Salvatore Bonaccorso at 2019-01-24T06:15:48Z Add CVE-2019-6486/golang* - - - - - 4bc6bfe2 by Salvatore Bonaccorso at 2019-01-24T06:15:48Z Add Debian bug reference for

[Git][security-tracker-team/security-tracker][master] Add src:lua5.3 for CVE-2019-6706

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 98a91d75 by Salvatore Bonaccorso at 2019-01-24T06:00:22Z Add src:lua5.3 for CVE-2019-6706 It is possible that only the 5.3.x series is affected by the use-after-free vulnerability itself thus

[Git][security-tracker-team/security-tracker][master] boost1.67 embeds unicode-data

Paul Wise pushed to branch master at Debian Security Tracker / security-tracker Commits: 701600da by Paul Wise at 2019-01-24T06:06:19Z boost1.67 embeds unicode-data - - - - - 1 changed file: - data/embedded-code-copies Changes: =

[Git][security-tracker-team/security-tracker][master] CVE-2018-20098/exiv2

Henri Salo pushed to branch master at Debian Security Tracker / security-tracker Commits: 23759667 by Henri Salo at 2019-01-23T22:46:40Z CVE-2018-20098/exiv2 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] CVE-2019-6706 lua

Henri Salo pushed to branch master at Debian Security Tracker / security-tracker Commits: 7b98528a by Henri Salo at 2019-01-23T22:43:10Z CVE-2019-6706 lua - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Add CVE-2018-20669/linux

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 57d52939 by Salvatore Bonaccorso at 2019-01-23T21:13:50Z Add CVE-2018-20669/linux - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] 2 commits: Add Debian bug reference for CVE-2018-17199/apache2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 4bb89b27 by Salvatore Bonaccorso at 2019-01-23T20:38:55Z Add Debian bug reference for CVE-2018-17199/apache2 - - - - - 60fde9eb by Salvatore Bonaccorso at 2019-01-23T20:39:49Z Add Debian bug

[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b6a01eb4 by Salvatore Bonaccorso at 2019-01-23T20:24:38Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Process two NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b13e6844 by Salvatore Bonaccorso at 2019-01-23T20:15:59Z Process two NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5d759325 by security tracker role at 2019-01-23T20:10:26Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Reference patch for CVE-2019-6109/openssh

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 316424a4 by Salvatore Bonaccorso at 2019-01-23T20:02:51Z Reference patch for CVE-2019-6109/openssh - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2019-6109/openssh

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0a058ce3 by Salvatore Bonaccorso at 2019-01-23T20:00:41Z Add Debian bug reference for CVE-2019-6109/openssh - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] nasm no-dsa

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f6503e79 by Moritz Muehlenhoff at 2019-01-23T19:16:55Z nasm no-dsa - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] NFU

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 9f8b09ab by Moritz Muehlenhoff at 2019-01-23T17:24:12Z NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 58ba935c by Moritz Muehlenhoff at 2019-01-23T17:20:37Z NFUs opensc unimportant - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Add ghostscript to dsa-needed list

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ff24fe26 by Salvatore Bonaccorso at 2019-01-23T15:28:56Z Add ghostscript to dsa-needed list - - - - - 1 changed file: - data/dsa-needed.txt Changes: =

[Git][security-tracker-team/security-tracker][master] Add CVE-2019-6116/ghostscript

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b43bfd1d by Salvatore Bonaccorso at 2019-01-23T15:26:46Z Add CVE-2019-6116/ghostscript - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add ceph-deploy to list of removed packages (from all suites)

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7a2a1a5f by Salvatore Bonaccorso at 2019-01-23T14:39:24Z Add ceph-deploy to list of removed packages (from all suites) ceph-deploy only ever lived in unstable and was recently then removed from

[Git][security-tracker-team/security-tracker][master] Mark CVE-2018-11803/subversion as not affected for stretch and earlier

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 400f0da1 by Salvatore Bonaccorso at 2019-01-23T14:30:02Z Mark CVE-2018-11803/subversion as not affected for stretch and earlier Vulnerable code (server-side support for recursive directory

[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: e3a1c40e by Moritz Muehlenhoff at 2019-01-23T13:51:10Z NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] ntopng fixed

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f1a5f2b6 by Moritz Muehlenhoff at 2019-01-23T13:48:03Z ntopng fixed - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Update entry for CVE-2018-11803/subversion

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: bb189047 by Salvatore Bonaccorso at 2019-01-23T10:16:55Z Update entry for CVE-2018-11803/subversion - - - - - 1 changed file: - data/CVE/list Changes: =

Processing 3fabf69a918378bd2f3e2465e9977b3635120e52 failed

The error message was: data/CVE/list:36982: invalid special version '- subversion ' in package entry Makefile:34: recipe for target 'all' failed make: *** [all] Error 1 ___ debian-security-tracker-commits mailing list

[Git][security-tracker-team/security-tracker][master] CVE-2018-11803/subversion

Henri Salo pushed to branch master at Debian Security Tracker / security-tracker Commits: 3fabf69a by Henri Salo at 2019-01-23T09:53:11Z CVE-2018-11803/subversion - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Fix invalid non-printable character

Henri Salo pushed to branch master at Debian Security Tracker / security-tracker Commits: 72e62ff4 by Henri Salo at 2019-01-23T09:51:45Z Fix invalid non-printable character - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

Processing c1803380e71bae515164afcfe0e26c93ae13bb59 failed

The error message was: data/CVE/list:18387: invalid non-printable character '\xa4' Makefile:34: recipe for target 'all' failed make: *** [all] Error 1 ___ debian-security-tracker-commits mailing list

[Git][security-tracker-team/security-tracker][master] NFU

Henri Salo pushed to branch master at Debian Security Tracker / security-tracker Commits: c1803380 by Henri Salo at 2019-01-23T09:48:53Z NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@

Processing ad3156ea2bf0f96e6cd21339121b8c83401bbe8a failed

The error message was: data/CVE/list:18387: invalid non-printable character '\xa4' Makefile:34: recipe for target 'all' failed make: *** [all] Error 1 ___ debian-security-tracker-commits mailing list

[Git][security-tracker-team/security-tracker][master] NFU

Henri Salo pushed to branch master at Debian Security Tracker / security-tracker Commits: ad3156ea by Henri Salo at 2019-01-23T09:47:08Z NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list = @@

[Git][security-tracker-team/security-tracker][master] dla-needed: update tmpreaper entry

Hugo Lefeuvre pushed to branch master at Debian Security Tracker / security-tracker Commits: 9f1a21cd by Hugo Lefeuvre at 2019-01-23T08:42:35Z dla-needed: update tmpreaper entry - - - - - 1 changed file: - data/dla-needed.txt Changes: =

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: fd7b119a by security tracker role at 2019-01-23T08:10:15Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list