[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: claim ruby2.1

Abhijith PA pushed to branch master at Debian Security Tracker / security-tracker Commits: 850d3e06 by Abhijith PA at 2019-03-28T04:24:02Z data/dla-needed.txt: claim ruby2.1 - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.tx

[Git][security-tracker-team/security-tracker][master] Add CVE-2018-20815/qemu

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b2e677ba by Salvatore Bonaccorso at 2019-03-27T22:33:14Z Add CVE-2018-20815/qemu - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ===

[Git][security-tracker-team/security-tracker][master] Add CVE-2019-38{29,36}/gnutls28

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 784fad09 by Salvatore Bonaccorso at 2019-03-27T22:24:38Z Add CVE-2019-38{29,36}/gnutls28 Explicitly track only the src:gnutl28 source package as the issue affects only GnuTLS versions later tha

[Git][security-tracker-team/security-tracker][master] 2 commits: Process NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 4a7bc341 by Salvatore Bonaccorso at 2019-03-27T20:34:39Z Process NFUs - - - - - 7aab800a by Salvatore Bonaccorso at 2019-03-27T20:34:40Z Add CVE-2019-1023{1,2,3}/glpi - - - - - 1 changed fil

[Git][security-tracker-team/security-tracker][master] CVE-2019-7637: add link to committed fix

Felix Geyer pushed to branch master at Debian Security Tracker / security-tracker Commits: 16ed31f7 by Felix Geyer at 2019-03-27T20:24:30Z CVE-2019-7637: add link to committed fix - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Remove information on CVE-2018-14038

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 30c3c18f by Salvatore Bonaccorso at 2019-03-27T20:12:40Z Remove information on CVE-2018-14038 The CVE was a reserveation duplicate of CVE-2018-7642. - - - - - 1 changed file: - data/CVE/lis

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5af40f2a by security tracker role at 2019-03-27T20:10:18Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] Claim wpa in dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: ae77aa44 by Markus Koschany at 2019-03-27T17:29:01Z Claim wpa in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.t

[Git][security-tracker-team/security-tracker][master] CVE-2019-9917,znc: Jessie is not affected.

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: 97273b5d by Markus Koschany at 2019-03-27T17:15:43Z CVE-2019-9917,znc: Jessie is not affected. It is not possible for a user to change or set the encoding. The vulnerable code is not present. - - -

[Git][security-tracker-team/security-tracker][master] Add ruby2.1 to dla-needed.txt

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: bed446dd by Markus Koschany at 2019-03-27T17:05:20Z Add ruby2.1 to dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed

[Git][security-tracker-team/security-tracker][master] CVE-2019-9942,twig: Mark as no-dsa for Jessie.

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: c88e6d45 by Markus Koschany at 2019-03-27T16:35:11Z CVE-2019-9942,twig: Mark as no-dsa for Jessie. The sandbox is not enabled by default. Workaround is to blacklist __toString(). We could upgrade to

[Git][security-tracker-team/security-tracker][master] link upstream fix

Mattia Rizzolo pushed to branch master at Debian Security Tracker / security-tracker Commits: 60fd816c by Mattia Rizzolo at 2019-03-27T15:00:08Z link upstream fix Signed-off-by: Mattia Rizzolo - - - - - 1 changed file: - data/CVE/list Changes: ==

[Git][security-tracker-team/security-tracker][master] dla: ghostscript: document current pending status

: = data/dla-needed.txt = @@ -26,7 +26,9 @@ faad2 (Hugo Lefeuvre) firmware-nonfree (Emilio) NOTE: 20190304: https://lists.debian.org/debian-lts/2019/03/msg0.html -- -ghostscript (Sylvain Beucler) +ghostscript + NOTE: 20190327: need to backport 9.26b

[Git][security-tracker-team/security-tracker][master] Reserve DLA-1732-1 for openjdk-7

Emilio Pozuelo Monfort pushed to branch master at Debian Security Tracker / security-tracker Commits: 36b7c854 by Emilio Pozuelo Monfort at 2019-03-27T09:39:23Z Reserve DLA-1732-1 for openjdk-7 - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes: ===

[Git][security-tracker-team/security-tracker][master] Track proposed update for flatpak via stretch-pu

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 94f5aa0b by Salvatore Bonaccorso at 2019-03-27T08:55:38Z Track proposed update for flatpak via stretch-pu - - - - - 1 changed file: - data/next-point-update.txt Changes: =

[Git][security-tracker-team/security-tracker][master] Track proposed update for firmware-nonfree via stretch-pu

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5e4bd0da by Salvatore Bonaccorso at 2019-03-27T08:53:57Z Track proposed update for firmware-nonfree via stretch-pu - - - - - 1 changed file: - data/next-point-update.txt Changes:

[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 89ce1edc by Salvatore Bonaccorso at 2019-03-27T08:48:25Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ==

[Git][security-tracker-team/security-tracker][master] Add CVE-2019-10124/linux

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ba0e413b by Salvatore Bonaccorso at 2019-03-27T08:37:03Z Add CVE-2019-10124/linux - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ==

[Git][security-tracker-team/security-tracker][master] Add CVE-2019-10125/linux

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 1d80ead9 by Salvatore Bonaccorso at 2019-03-27T08:36:07Z Add CVE-2019-10125/linux - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ==

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ad49533f by security tracker role at 2019-03-27T08:10:19Z automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] Add twig (CVE-2019-9942) to dsa-needed, and take it

Sebastien Delafond pushed to branch master at Debian Security Tracker / security-tracker Commits: 7b8ac734 by Sébastien Delafond at 2019-03-27T07:28:46Z Add twig (CVE-2019-9942) to dsa-needed, and take it - - - - - 1 changed file: - data/dsa-needed.txt Changes: =

[Git][security-tracker-team/security-tracker][master] Add CVE-2019-3869 as NFU

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ff43eecd by Salvatore Bonaccorso at 2019-03-27T07:00:50Z Add CVE-2019-3869 as NFU - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ==