-needed.txt
=
@@ -101,7 +101,7 @@ milkytracker
--
mongodb (Abhijith PA)
--
-nghttp2
+nghttp2 (Abhijith PA)
--
pump (Chris Lamb)
NOTE: 20190830: See #933674 for a possible fix / patch. (sunweaver)
View it on GitLab:
https://salsa.debian.org/security-tracker-team
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
66f03364 by Thorsten Alteholz at 2019-08-30T21:13:12Z
claim cimg
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4e276d20 by Thorsten Alteholz at 2019-08-30T21:03:47Z
Reserve DLA-1904-1 for libextractor
- - - - -
2 changed files:
- data/DLA/list
- data/dla-needed.txt
Changes:
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
359d0c73 by Salvatore Bonaccorso at 2019-08-30T20:21:14Z
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9d0e50d8 by security tracker role at 2019-08-30T20:10:21Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
68300efb by Salvatore Bonaccorso at 2019-08-30T20:01:49Z
CVE-2019-10203/pdns fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d8cded30 by Salvatore Bonaccorso at 2019-08-30T19:57:13Z
Add CVE-2019-15043/grafana
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7b895dd3 by Salvatore Bonaccorso at 2019-08-30T19:52:53Z
Add rexical to CVE-2019-5477
The CVE was originally focused on Nokogiri itself and its use of the
generated code. But MITRE CNA
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ea0c5317 by Salvatore Bonaccorso at 2019-08-30T19:42:44Z
CVE-2019-13627/libgcrypt20 fixed in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3a615635 by Salvatore Bonaccorso at 2019-08-30T19:40:58Z
Add apache2 to dsa-needed for potential regression
- - - - -
1 changed file:
- data/dsa-needed.txt
Changes:
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
28594633 by Salvatore Bonaccorso at 2019-08-30T19:39:07Z
CVE-2018-10754 REJECTED by MITRE CNA
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
Roberto C. Sánchez pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e7ddc451 by Roberto C. Sánchez at 2019-08-30T17:18:38Z
Annotate CVE-2017-7481/ansible as not affecting jessie
- - - - -
1 changed file:
- data/CVE/list
Changes:
Mike Gabriel pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5f7180f0 by Mike Gabriel at 2019-08-30T14:42:23Z
CVE-2019-14466: syntax fix, make description temporary.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
Mike Gabriel pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7e01b387 by Mike Gabriel at 2019-08-30T14:08:21Z
data/CVE/list: add detailled information to CVE-2019-14466(/gosa)
See comment in another gosa-core security bug, unrelated to this:
Mike Gabriel pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
774017eb by Mike Gabriel at 2019-08-30T13:47:39Z
data/dla-needed.txt: re-claim libav
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
187f7774 by Mike Gabriel at 2019-08-30T10:40:46Z
bin/contact-maintainers: Provide mail template for LTS updates of minor issues.
As the LTS team also sometimes works on packages with only
Mike Gabriel pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e8b42ec2 by Mike Gabriel at 2019-08-30T13:16:17Z
data/CVE/list: Update gnutls28/CVE-2018-19869/jessie.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2197f0d9 by Salvatore Bonaccorso at 2019-08-30T13:15:08Z
Document no-dsa status for pump
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
87c73b8a by Salvatore Bonaccorso at 2019-08-30T13:13:49Z
Add Debian bug reference for CVE-2019-13627/libgcrypt20
- - - - -
1 changed file:
- data/CVE/list
Changes:
changed file:
- data/dla-needed.txt
Changes:
=
data/dla-needed.txt
=
@@ -65,7 +65,7 @@ libav
NOTE: 20190731: New CVEs occurred, need to be triaged.
--
libcommons-compress-java
- NOTE: 20190830: no patch reference found
=
@@ -99,6 +99,7 @@ linux (Ben Hutchings)
linux-4.9 (Ben Hutchings)
--
milkytracker
+ NOTE: 20190830: Several issues open for jessie.
--
mongodb (Abhijith PA)
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit
Mike Gabriel pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f5bd54d6 by Mike Gabriel at 2019-08-30T12:58:13Z
data/dla-needed.txt: add milkytracker.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
:
=
data/dla-needed.txt
=
@@ -104,6 +104,7 @@ nghttp2
--
pump
NOTE: 20190830: See #933674 for a possible fix / patch.
+ NOTE: 20190830: Former maintainer not informed, package removed from
unstable, dead upstream.
--
python2.7
:
=
data/dla-needed.txt
=
@@ -153,3 +153,11 @@ xen
xtrlock (Chris Lamb)
NOTE: 20190822: WIP on #830726 (lamby)
--
+yard
+ NOTE: 20190830: second reviewer / triager needed. The security announcement
states that the fix
+ NOTE: 20190830: was done between 0.9.19
Mike Gabriel pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a1814b34 by Mike Gabriel at 2019-08-30T11:48:36Z
data/CVE/list: Triage suricata/jessie.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
-needed.txt
=
@@ -126,6 +126,9 @@ radare2
ruby-mini-magick (Thorsten Alteholz)
NOTE: 20190818: backporting patch
--
+ruby-nokogiri
+ NOTE: 20190830: https://lists.debian.org/debian-lts/2019/08/msg00076.html
+--
ruby-openid
NOTE: 20190628: In discussion
:
=
data/dla-needed.txt
=
@@ -64,6 +64,9 @@ libav
NOTE: 20190529: out patches yourself.
NOTE: 20190731: New CVEs occurred, need to be triaged.
--
+libcommons-compress-java
+ NOTE: 20190830: no patch reference found
+--
libcrypto++
--
libextractor (Thorsten
=
@@ -99,6 +99,9 @@ mongodb (Abhijith PA)
--
nghttp2
--
+pump
+ NOTE: 20190830: See #933674 for a possible fix / patch.
+--
python2.7 (Thorsten Alteholz)
NOTE: 20190818: need to check fails with test suite unrelated to this patch;
building package takes
Mike Gabriel pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2afab427 by Mike Gabriel at 2019-08-30T11:00:32Z
data/dla-needed.txt: add libgcrypt20 and claim it.
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Mike Gabriel pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c1fe452f by Mike Gabriel at 2019-08-30T10:53:26Z
data/CVE/list: Triage CVE-2019-10222/ceph/jessie (not-affected).
- - - - -
1 changed file:
- data/CVE/list
Changes:
Mike Gabriel pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
03d7e457 by Mike Gabriel at 2019-08-30T10:43:47Z
data/dla-needed.txt: add ghostscript
- - - - -
e558dc56 by Mike Gabriel at 2019-08-30T10:44:17Z
data/dla-needed.txt: add irssi.
- - - - -
da2286f9 by
Mike Gabriel pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
72b94db8 by Mike Gabriel at 2019-08-30T08:39:40Z
data/dla-needed.txt: add imagemagick
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=
Mike Gabriel pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9b948cfb by Mike Gabriel at 2019-08-30T08:16:53Z
data/CVE/list: Switch CVE-2019-13038 from no-dsa to ignored
(see reason already given).
- - - - -
1 changed file:
- data/CVE/list
Changes:
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dfbf6c28 by security tracker role at 2019-08-30T08:10:42Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a6087921 by Salvatore Bonaccorso at 2019-08-30T06:30:23Z
Add CVE-2019-15785/fontforge
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a6f9eb2d by Salvatore Bonaccorso at 2019-08-30T06:27:38Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b3636d61 by Salvatore Bonaccorso at 2019-08-30T06:15:56Z
Track stretch-pu update including CVE-2019-15538
- - - - -
1 changed file:
- data/next-oldstable-point-update.txt
Changes:
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ca04890e by Salvatore Bonaccorso at 2019-08-30T06:12:00Z
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=
data/CVE/list
38 matches
Mail list logo