[Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-29573/glibc

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 469c4dda by Salvatore Bonaccorso at 2020-12-16T08:40:06+01:00 Update information for CVE-2020-29573/glibc Thanks to Florian Weimer for the analysis. - - - - - 1 changed file: - data/CVE/lis

[Git][security-tracker-team/security-tracker][master] Update information for CVE-2020-29562/glibc

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5a688c80 by Salvatore Bonaccorso at 2020-12-16T08:29:15+01:00 Update information for CVE-2020-29562/glibc - - - - - 1 changed file: - data/CVE/list Changes: ==

[Git][security-tracker-team/security-tracker][master] Investigation information for pluxml. Questioning that this is vulnerabilities to fix.

Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker Commits: 2ac1ebe5 by Ola Lundqvist at 2020-12-16T07:48:03+01:00 Investigation information for pluxml. Questioning that this is vulnerabilities to fix. - - - - - 2 changed files: - data/CVE/list - data/dla-

[Git][security-tracker-team/security-tracker][master] Add CVE-2020-27845/openjpeg2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8df8b9cd by Salvatore Bonaccorso at 2020-12-16T07:34:16+01:00 Add CVE-2020-27845/openjpeg2 - - - - - 1 changed file: - data/CVE/list Changes: = data/CV

[Git][security-tracker-team/security-tracker][master] Add CVE-2020-27843/openjpeg2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0848bfa3 by Salvatore Bonaccorso at 2020-12-16T07:32:57+01:00 Add CVE-2020-27843/openjpeg2 - - - - - 1 changed file: - data/CVE/list Changes: = data/CV

[Git][security-tracker-team/security-tracker][master] Add CVE-2020-27842/openjpeg2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 4865fc9b by Salvatore Bonaccorso at 2020-12-16T07:30:59+01:00 Add CVE-2020-27842/openjpeg2 - - - - - 1 changed file: - data/CVE/list Changes: = data/CV

[Git][security-tracker-team/security-tracker][master] Add CVE-2020-27841/openjpeg2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 391f2736 by Salvatore Bonaccorso at 2020-12-16T07:29:22+01:00 Add CVE-2020-27841/openjpeg2 - - - - - 1 changed file: - data/CVE/list Changes: = data/CV

[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2020-29663/icinga2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f7b025c5 by Salvatore Bonaccorso at 2020-12-16T06:58:08+01:00 Add CVE-2020-29663/icinga2 - - - - - 8123c07d by Salvatore Bonaccorso at 2020-12-16T07:00:46+01:00 Mark CVE-2020-29663 as no-dsa -

[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox-esr from issues in mfsa2020-55

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 9d0d85ea by Salvatore Bonaccorso at 2020-12-16T06:53:53+01:00 Track fixed version for firefox-esr from issues in mfsa2020-55 - - - - - 1 changed file: - data/CVE/list Changes: ===

[Git][security-tracker-team/security-tracker][master] Track fixed version for firefox for mfsa2020-54 issues

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: c1333f67 by Salvatore Bonaccorso at 2020-12-16T06:52:50+01:00 Track fixed version for firefox for mfsa2020-54 issues - - - - - 1 changed file: - data/CVE/list Changes: ===

[Git][security-tracker-team/security-tracker][master] Replace some old code hosting references to new location

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 84d2a655 by Salvatore Bonaccorso at 2020-12-16T06:29:59+01:00 Replace some old code hosting references to new location - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] dla: claim flac

= @@ -57,7 +57,7 @@ firefox-esr (Emilio) firmware-nonfree NOTE: 20201207: wait for the update in buster and backport that (Emilio) -- -flac +flac (Adrian Bunk) NOTE: 20201215: when preparing fix/advisory note that the same code change fixes both CVE-2020-0487 and

[Git][security-tracker-team/security-tracker][master] 5 commits: LTS: mark xen CVEs as EOL

it for the update in buster and backport that (Emilio) -- +flac + NOTE: 20201215: when preparing fix/advisory note that the same code change fixes both CVE-2020-0487 and CVE-2017-6888 (roberto) + NOTE: 20201215: stretch and buster versions are very close; perhaps consider coordinating with secur

[Git][security-tracker-team/security-tracker][master] Track proposed update for edk2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 3ff50092 by Salvatore Bonaccorso at 2020-12-15T22:56:33+01:00 Track proposed update for edk2 - - - - - 1 changed file: - data/next-point-update.txt Changes: ==

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 3ac58447 by Salvatore Bonaccorso at 2020-12-15T22:49:45+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Update information on CVE-2016-11086

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 674a8861 by Salvatore Bonaccorso at 2020-12-15T21:47:23+01:00 Update information on CVE-2016-11086 Mark it as unimportant as it does not affect the binary packages in Debian (by default, unless

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 16f5daa7 by Salvatore Bonaccorso at 2020-12-15T21:33:25+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] restore IBM NFUs

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 706096e3 by Moritz Muehlenhoff at 2020-12-15T21:29:03+01:00 restore IBM NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] pixel advisory, potential linux, aom issues

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: d6bb872c by Moritz Muehlenhoff at 2020-12-15T21:27:12+01:00 pixel advisory, potential linux, aom issues new flac issues NFUs - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add CVE-2020-35457/glib2.0

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 2c0f4982 by Salvatore Bonaccorso at 2020-12-15T21:23:56+01:00 Add CVE-2020-35457/glib2.0 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/

[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 045ee44f by Salvatore Bonaccorso at 2020-12-15T21:20:10+01:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 74e1238b by security tracker role at 2020-12-15T20:10:28+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] android NFUs

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 862b7fab by Moritz Muehlenhoff at 2020-12-15T20:58:30+01:00 android NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] node-ua-parser-js fixed in sid

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 38ff4d39 by Moritz Muehlenhoff at 2020-12-15T19:17:59+01:00 node-ua-parser-js fixed in sid - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/

[Git][security-tracker-team/security-tracker][master] new gitlab issues

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 8c939238 by Moritz Muehlenhoff at 2020-12-15T19:17:13+01:00 new gitlab issues NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ===

[Git][security-tracker-team/security-tracker][master] thunderbird fixed in sid

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: f9931b86 by Moritz Muehlenhoff at 2020-12-15T19:11:22+01:00 thunderbird fixed in sid - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] Add thunderbird to dsa-needed list

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d893851b by Salvatore Bonaccorso at 2020-12-15T17:00:39+01:00 Add thunderbird to dsa-needed list - - - - - 1 changed file: - data/dsa-needed.txt Changes: =

[Git][security-tracker-team/security-tracker][master] Add thunderbird issues from mfsa2020-56

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e3260ab0 by Salvatore Bonaccorso at 2020-12-15T16:59:17+01:00 Add thunderbird issues from mfsa2020-56 - - - - - 1 changed file: - data/CVE/list Changes: ==

[Git][security-tracker-team/security-tracker][master] Add firefox issues from mfsa2020-54

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8d57b5ca by Salvatore Bonaccorso at 2020-12-15T16:55:51+01:00 Add firefox issues from mfsa2020-54 - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Add firefox-esr to dsa-needed list

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5ada2de6 by Salvatore Bonaccorso at 2020-12-15T16:50:20+01:00 Add firefox-esr to dsa-needed list - - - - - 1 changed file: - data/dsa-needed.txt Changes: =

[Git][security-tracker-team/security-tracker][master] Add firefox-esr issues from mfsa2020-55

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f7ff74a9 by Salvatore Bonaccorso at 2020-12-15T16:49:51+01:00 Add firefox-esr issues from mfsa2020-55 - - - - - 1 changed file: - data/CVE/list Changes: ==

[Git][security-tracker-team/security-tracker][master] claim influxdb

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker Commits: 359e5b41 by Thorsten Alteholz at 2020-12-15T16:40:13+01:00 claim influxdb - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt =

[Git][security-tracker-team/security-tracker][master] reclaim slirp

Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker Commits: 0e84977b by Thorsten Alteholz at 2020-12-15T16:35:46+01:00 reclaim slirp - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt ==

[Git][security-tracker-team/security-tracker][master] Track fixed version for xen via unstable

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 27cb55aa by Salvatore Bonaccorso at 2020-12-15T16:03:13+01:00 Track fixed version for xen via unstable - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] reclaim spice-vdagent

= @@ -166,8 +166,9 @@ snapd NOTE: Needs rebuild for CVE-2019-11840 in golang-go.crypto. NOTE: Problems with upload. -- -spice-vdagent +spice-vdagent (Abhijith PA) NOTE: code base seems largely changed. Pinged upstream for help (abhijith) + NOTE: 20201215

[Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity

Holger Levsen pushed to branch master at Debian Security Tracker / security-tracker Commits: 9f7a0531 by Holger Levsen at 2020-12-15T15:22:45+01:00 semi-automatic unclaim after 2 weeks of inactivity Signed-off-by: Holger Levsen - - - - - 1 changed file: - data/dla-

[Git][security-tracker-team/security-tracker][master] lts: take openjdk-8

/dla-needed.txt = @@ -103,6 +103,9 @@ open-build-service opendmarc NOTE: 20200719: no patches for remaining CVEs available, everything else is already done in Stretch (thorsten) -- +openjdk-8 (Emilio) + NOTE: 20201215: regression update (Emilio

[Git][security-tracker-team/security-tracker][master] log4net, http-parser bugs

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 7477a163 by Moritz Mühlenhoff at 2020-12-15T13:53:54+01:00 log4net, http-parser bugs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] xen DSA

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: b97c505b by Moritz Mühlenhoff at 2020-12-15T13:48:09+01:00 xen DSA - - - - - 1 changed file: - data/DSA/list Changes: = data/DSA/list ===

[Git][security-tracker-team/security-tracker][master] new xen issues

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 38149f2a by Moritz Muehlenhoff at 2020-12-15T13:46:00+01:00 new xen issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ===

[Git][security-tracker-team/security-tracker][master] libxstream-java DSA

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 21dcc678 by Moritz Mühlenhoff at 2020-12-15T13:01:50+01:00 libxstream-java DSA - - - - - 2 changed files: - data/DSA/list - data/dsa-needed.txt Changes:

[Git][security-tracker-team/security-tracker][master] Add sympa for re-evaluation

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 15a5 by Salvatore Bonaccorso at 2020-12-15T09:37:31+01:00 Add sympa for re-evaluation - - - - - 1 changed file: - data/dsa-needed.txt Changes: = da

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a3e9b8ae by Salvatore Bonaccorso at 2020-12-15T09:19:08+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 50f3f863 by security tracker role at 2020-12-15T08:10:25+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list