[Secure-testing-commits] r32555 - data/DLA

2015-02-28 Thread Thorsten Alteholz
Author: alteholz Date: 2015-02-28 19:15:10 + (Sat, 28 Feb 2015) New Revision: 32555 Modified: data/DLA/list Log: e2fsprogs done Modified: data/DLA/list === --- data/DLA/list 2015-02-28 19:08:48 UTC (rev 32554) +++ data/D

[Secure-testing-commits] r32561 - data/DLA

2015-03-01 Thread Thorsten Alteholz
Author: alteholz Date: 2015-03-01 16:38:42 + (Sun, 01 Mar 2015) New Revision: 32561 Modified: data/DLA/list Log: bind9 done Modified: data/DLA/list === --- data/DLA/list 2015-03-01 12:40:38 UTC (rev 32560) +++ data/DLA/l

[Secure-testing-commits] r32591 - data/CVE

2015-03-02 Thread Thorsten Alteholz
Author: alteholz Date: 2015-03-02 20:43:10 + (Mon, 02 Mar 2015) New Revision: 32591 Modified: data/CVE/list Log: add reference to patch for unace Modified: data/CVE/list === --- data/CVE/list 2015-03-02 20:33:20 UTC (rev

[Secure-testing-commits] r32621 - in data: . DLA

2015-03-03 Thread Thorsten Alteholz
Author: alteholz Date: 2015-03-03 18:42:38 + (Tue, 03 Mar 2015) New Revision: 32621 Modified: data/DLA/list data/dla-needed.txt Log: unace done Modified: data/DLA/list === --- data/DLA/list 2015-03-03 18:24:29 UTC (re

[Secure-testing-commits] r32683 - data

2015-03-07 Thread Thorsten Alteholz
) +++ data/dla-needed.txt 2015-03-07 13:28:56 UTC (rev 32683) @@ -55,7 +55,7 @@ libvncserver (Nguyen Cong) -- mod-gnutls (Thorsten Alteholz) +-- p7zip -- php5 (Thorsten Alteholz) ___ Secure-testing-commits mailing list Secure-testing-commits

[Secure-testing-commits] r32684 - in data: . DLA

2015-03-07 Thread Thorsten Alteholz
Author: alteholz Date: 2015-03-07 14:39:30 + (Sat, 07 Mar 2015) New Revision: 32684 Modified: data/DLA/list data/dla-needed.txt Log: libarchive done Modified: data/DLA/list === --- data/DLA/list 2015-03-07 13:28:56 UT

[Secure-testing-commits] r32691 - data/DLA

2015-03-07 Thread Thorsten Alteholz
Author: alteholz Date: 2015-03-07 16:37:05 + (Sat, 07 Mar 2015) New Revision: 32691 Modified: data/DLA/list Log: redcloth done Modified: data/DLA/list === --- data/DLA/list 2015-03-07 15:41:37 UTC (rev 32690) +++ data/DL

[Secure-testing-commits] r32692 - data/CVE

2015-03-07 Thread Thorsten Alteholz
Author: alteholz Date: 2015-03-07 18:10:31 + (Sat, 07 Mar 2015) New Revision: 32692 Modified: data/CVE/list Log: mark CVE-2011-1716 for xymon as no-dsa, follow the decision of the security team for Wheezy Modified: data/CVE/list

[Secure-testing-commits] r32693 - in data: . DLA

2015-03-07 Thread Thorsten Alteholz
Author: alteholz Date: 2015-03-07 18:47:43 + (Sat, 07 Mar 2015) New Revision: 32693 Modified: data/DLA/list data/dla-needed.txt Log: konversation done Modified: data/DLA/list === --- data/DLA/list 2015-03-07 18:10:31

[Secure-testing-commits] r32866 - in data: . DLA

2015-03-14 Thread Thorsten Alteholz
@@ -- linux-2.6 -- -mod-gnutls (Thorsten Alteholz) --- openssl Maintainer will take care of it: http://lists.debian.org/20150309171443.ga6...@roeckx.be -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http

[Secure-testing-commits] r32867 - data/DLA

2015-03-14 Thread Thorsten Alteholz
Author: alteholz Date: 2015-03-14 16:42:21 + (Sat, 14 Mar 2015) New Revision: 32867 Modified: data/DLA/list Log: libssh2 done Modified: data/DLA/list === --- data/DLA/list 2015-03-14 16:16:42 UTC (rev 32866) +++ data/DLA

[Secure-testing-commits] r32871 - in data: . DLA

2015-03-14 Thread Thorsten Alteholz
Author: alteholz Date: 2015-03-14 18:40:08 + (Sat, 14 Mar 2015) New Revision: 32871 Modified: data/DLA/list data/dla-needed.txt Log: libextlib-ruby done Modified: data/DLA/list === --- data/DLA/list 2015-03-14 18:21:0

[Secure-testing-commits] r32873 - in data: CVE DLA

2015-03-14 Thread Thorsten Alteholz
Author: alteholz Date: 2015-03-14 21:58:32 + (Sat, 14 Mar 2015) New Revision: 32873 Modified: data/CVE/list data/DLA/list Log: maybe I mixed up the numbers here Modified: data/CVE/list === --- data/CVE/list 2015-03-14

[Secure-testing-commits] r44896 - in data: . DLA

2016-09-25 Thread Thorsten Alteholz
@@ -- linux (Ben Hutchings) -- -mactelnet (Thorsten Alteholz) --- mat (Jonas Meurer) NOTE: the fix for this issue: https://security-tracker.debian.org/tracker/TEMP-0826101-4D75EC is not available yet. It will be available in next upstream release (already

[Secure-testing-commits] r44927 - in data: . packages

2016-09-27 Thread Thorsten Alteholz
-09-27 17:24:53 UTC (rev 44926) +++ data/dla-needed.txt 2016-09-27 18:20:48 UTC (rev 44927) @@ -11,6 +11,8 @@ -- asterisk (Thorsten Alteholz) -- +bind9 (Thorsten Alteholz) +-- chicken (Balint Reczey) NOTE: See report 87twdrpcyx@prune.linuxpenguins.xyz NOTE: Wheezy probably vulnerable

[Secure-testing-commits] r44958 - data/CVE

2016-10-01 Thread Thorsten Alteholz
Author: alteholz Date: 2016-10-01 15:25:23 + (Sat, 01 Oct 2016) New Revision: 44958 Modified: data/CVE/list Log: patch for CVE-2016-2115 intentionally removed again Modified: data/CVE/list === --- data/CVE/list 2016-10-0

[Secure-testing-commits] r44959 - data

2016-10-01 Thread Thorsten Alteholz
Author: alteholz Date: 2016-10-01 15:42:25 + (Sat, 01 Oct 2016) New Revision: 44959 Modified: data/dla-needed.txt Log: add samba Modified: data/dla-needed.txt === --- data/dla-needed.txt 2016-10-01 15:25:23 UTC (rev 44958) +++

[Secure-testing-commits] r45075 - in data: . DLA

2016-10-05 Thread Thorsten Alteholz
(rev 45075) @@ -13,8 +13,6 @@ -- bash -- -bind9 (Thorsten Alteholz) --- c-ares (Markus Koschany) -- freeimage ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman

[Secure-testing-commits] r45096 - in data: . DLA

2016-10-05 Thread Thorsten Alteholz
45096) @@ -92,5 +92,3 @@ tiff3 NOTE: 20160912: Open reproducible issues. No patches available. -- -zendframework (Thorsten Alteholz) --- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http

[Secure-testing-commits] r45097 - data

2016-10-05 Thread Thorsten Alteholz
45096) +++ data/dla-needed.txt 2016-10-05 20:50:53 UTC (rev 45097) @@ -46,6 +46,8 @@ https://marc.info/?l=oss-security&m=146685931517961&w=2 claims that 0.47 & 1.0 are affected and wheezy has 0.48. -- +libxvmc (Thorsten Alteholz) +-- linux (Ben Hutchings) -- mat (Jonas Meurer) @@

[Secure-testing-commits] r45102 - data

2016-10-05 Thread Thorsten Alteholz
UTC (rev 45101) +++ data/dla-needed.txt 2016-10-06 06:41:18 UTC (rev 45102) @@ -82,7 +82,7 @@ NOTE: Potentially affected by all qemu CVE-s: NOTE: https://lists.debian.org/debian-lts/2016/09/msg00014.html -- -redis (Thorsten Alteholz) +redis (Chris Lamb) -- samba NOTE: patch for CVE-2016

[Secure-testing-commits] r45319 - data

2016-10-14 Thread Thorsten Alteholz
) +++ data/dla-needed.txt 2016-10-14 17:55:17 UTC (rev 45319) @@ -55,7 +55,7 @@ -- libxi (Emilio Pozuelo) -- -libxml2 +libxml2 (Thorsten Alteholz) -- libxrandr Hugo Lefeuvre) -- ___ Secure-testing-commits mailing list Secure-testing-commits

[Secure-testing-commits] r45320 - data

2016-10-14 Thread Thorsten Alteholz
17:55:17 UTC (rev 45319) +++ data/dla-needed.txt 2016-10-14 17:56:59 UTC (rev 45320) @@ -80,8 +80,6 @@ nss (Ola Lundqvist) NOTE: No need to contact maintainer, Mike already opted out with firefox-esr -- -pacemaker (Thorsten Alteholz) --- php5 (Thorsten Alteholz) -- phpmyadmin (Ola Lundqvist

[Secure-testing-commits] r45389 - data

2016-10-16 Thread Thorsten Alteholz
) +++ data/dla-needed.txt 2016-10-16 19:39:34 UTC (rev 45389) @@ -46,7 +46,7 @@ NOTE: Upstream will provide new point-releases fixing open security issues in the next months. NOTE: (See debian-lts ML) -- -libgd2 +libgd2 (Thorsten Alteholz) -- libical (Ola Lundqvist) NOTE: issues are

[Secure-testing-commits] r45436 - in data: . DLA

2016-10-18 Thread Thorsten Alteholz
45436) @@ -44,8 +44,6 @@ NOTE: Upstream will provide new point-releases fixing open security issues in the next months. NOTE: (See debian-lts ML) -- -libgd2 (Thorsten Alteholz) --- libical (Ola Lundqvist) NOTE: issues are currently not public, but https://marc.info/?l=oss-security&a

[Secure-testing-commits] r45465 - in data: . DLA

2016-10-19 Thread Thorsten Alteholz
+54,6 @@ -- libxtst (Emilio Pozuelo) -- -libxvmc (Thorsten Alteholz) --- mingw32 (Stephen Kitt) -- nspr (Ola Lundqvist) ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin

[Secure-testing-commits] r45466 - data

2016-10-19 Thread Thorsten Alteholz
) +++ data/dla-needed.txt 2016-10-19 20:28:00 UTC (rev 45466) @@ -27,7 +27,7 @@ irssi NOTE: rhonda@d.o is preparing an upload. -- -jasper +jasper (Thorsten Alteholz) -- kde-runtime NOTE: We may not need to update, but I'm leaning toward fixing CVE-2016-7787, see #8

[Secure-testing-commits] r45477 - data

2016-10-20 Thread Thorsten Alteholz
Author: alteholz Date: 2016-10-20 14:14:32 + (Thu, 20 Oct 2016) New Revision: 45477 Modified: data/embedded-code-copies Log: vlc uses embedded copy of ffmpeg Modified: data/embedded-code-copies === --- data/embedded-code-copie

[Secure-testing-commits] r45478 - data/CVE

2016-10-20 Thread Thorsten Alteholz
Author: alteholz Date: 2016-10-20 17:43:21 + (Thu, 20 Oct 2016) New Revision: 45478 Modified: data/CVE/list Log: add infos about CVE-2016-2848 for bind9 Modified: data/CVE/list === --- data/CVE/list 2016-10-20 14:14:32 U

[Secure-testing-commits] r45479 - data/DLA

2016-10-20 Thread Thorsten Alteholz
Author: alteholz Date: 2016-10-20 17:51:10 + (Thu, 20 Oct 2016) New Revision: 45479 Modified: data/DLA/list Log: Reserve DLA-672-1 for bind9 Modified: data/DLA/list === --- data/DLA/list 2016-10-20 17:43:21 UTC (rev 4547

[Secure-testing-commits] r45659 - data

2016-10-27 Thread Thorsten Alteholz
45658) +++ data/dla-needed.txt 2016-10-27 10:26:42 UTC (rev 45659) @@ -9,7 +9,7 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues -- -asterisk (Thorsten Alteholz) +asterisk -- dwarfutils NOTE: New round of CVEs not seemingly covered by DLA 669-1

[Secure-testing-commits] r45804 - in data: . DLA

2016-10-31 Thread Thorsten Alteholz
@@ libwmf (Balint Reczey) NOTE: Patch is available in bug #842090, probably needs NMU in unstable -- -libxml2 (Thorsten Alteholz) --- linux -- mysql-5.5 ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http

[Secure-testing-commits] r45867 - data

2016-11-02 Thread Thorsten Alteholz
-02 06:32:32 UTC (rev 45866) +++ data/dla-needed.txt 2016-11-02 07:23:11 UTC (rev 45867) @@ -13,6 +13,8 @@ -- bsdiff -- +curl (Thorsten Alteholz) +-- dwarfutils NOTE: New round of CVEs not seemingly covered by DLA 669-1. -- ___ Secure-testing

[Secure-testing-commits] r45882 - data

2016-11-02 Thread Thorsten Alteholz
) +++ data/dla-needed.txt 2016-11-02 10:21:07 UTC (rev 45882) @@ -11,7 +11,7 @@ -- asterisk -- -bind9 +bind9 (Thorsten Alteholz) -- bsdiff (Chris Lamb) NOTE: Maintainer prepared a patch https://anonscm.debian.org/git/collab-maint/bsdiff.git/log

[Secure-testing-commits] r45893 - data

2016-11-02 Thread Thorsten Alteholz
45892) +++ data/dla-needed.txt 2016-11-02 19:13:06 UTC (rev 45893) @@ -18,6 +18,7 @@ NOTE: Jessie has the same upstream version -- curl (Thorsten Alteholz) + NOTE: not all patches seem to be in the final state -- dwarfutils NOTE: New round of CVEs not seemingly covered by DLA 669-1

[Secure-testing-commits] r45910 - in data: . DLA

2016-11-02 Thread Thorsten Alteholz
:19 UTC (rev 45910) @@ -11,8 +11,6 @@ -- asterisk -- -bind9 (Thorsten Alteholz) --- bsdiff (Chris Lamb) NOTE: Maintainer prepared a patch https://anonscm.debian.org/git/collab-maint/bsdiff.git/log/ NOTE: Jessie has the same upstream version

[Secure-testing-commits] r46293 - in data: . DLA

2016-11-17 Thread Thorsten Alteholz
2016-11-17 21:24:33 UTC (rev 46292) +++ data/dla-needed.txt 2016-11-17 21:39:20 UTC (rev 46293) @@ -11,9 +11,6 @@ -- asterisk -- -curl (Thorsten Alteholz) - NOTE: not all patches seem to be in the final state --- dokuwiki NOTE: upstream marked CVE-2016-7965 as WONTFIX

[Secure-testing-commits] r46294 - data/CVE

2016-11-17 Thread Thorsten Alteholz
Author: alteholz Date: 2016-11-17 21:42:00 + (Thu, 17 Nov 2016) New Revision: 46294 Modified: data/CVE/list Log: mark CVE-2016-8625 as no-dsa like in Jessie (the fix is too invasive) Modified: data/CVE/list === --- data/CVE/li

[Secure-testing-commits] r46586 - data/CVE

2016-11-26 Thread Thorsten Alteholz
Author: alteholz Date: 2016-11-26 21:47:15 + (Sat, 26 Nov 2016) New Revision: 46586 Modified: data/CVE/list Log: take care of some jasper issues Modified: data/CVE/list === --- data/CVE/list 2016-11-26 20:02:32 UTC (rev

[Secure-testing-commits] r46660 - data

2016-11-30 Thread Thorsten Alteholz
) +++ data/dla-needed.txt 2016-11-30 14:52:22 UTC (rev 46660) @@ -19,7 +19,7 @@ -- gst-plugins-good0.10 (Emilio Pozuelo) -- -hdf5 +hdf5 (Thorsten Alteholz) -- icedove (Guido Günther) -- ___ Secure-testing-commits mailing list Secure-testing-commits

[Secure-testing-commits] r46721 - org

2016-12-02 Thread Thorsten Alteholz
+ + * Making sure that queries on debian-...@lists.debian.org get an answer. + +Who is in charge ? +-- + +From 02-01 to 08-01: +From 09-01 to 15-01:Thorsten Alteholz +From 16-01 to 22-01: +From 23-01 to 29-01: +From 30-01 to 05-02: +From 06-02 to 12-02: +From 13-02 to 19-02: +From 20

[Secure-testing-commits] r46955 - in data: . DLA

2016-12-10 Thread Thorsten Alteholz
/dla-needed.txt 2016-12-10 17:13:13 UTC (rev 46955) @@ -30,8 +30,6 @@ -- imagemagick -- -jasper (Thorsten Alteholz) --- libav (Hugo Lefeuvre) NOTE: Upstream should provide new point-releases fixing open security issues in the next months. NOTE: Lots of CVEs are open, this is going to take

[Secure-testing-commits] r46959 - data/CVE

2016-12-10 Thread Thorsten Alteholz
Author: alteholz Date: 2016-12-10 22:04:01 + (Sat, 10 Dec 2016) New Revision: 46959 Modified: data/CVE/list Log: marked as no-dsa Modified: data/CVE/list === --- data/CVE/list 2016-12-10 21:10:13 UTC (rev 46958) +++ data

[Secure-testing-commits] r46960 - data/CVE

2016-12-10 Thread Thorsten Alteholz
Author: alteholz Date: 2016-12-10 22:07:41 + (Sat, 10 Dec 2016) New Revision: 46960 Modified: data/CVE/list Log: workaround for jasper temporary entry Modified: data/CVE/list === --- data/CVE/list 2016-12-10 22:04:01 UTC

[Secure-testing-commits] r46961 - data

2016-12-10 Thread Thorsten Alteholz
Author: alteholz Date: 2016-12-10 22:08:16 + (Sat, 10 Dec 2016) New Revision: 46961 Modified: data/dla-needed.txt Log: there was a jasper upload some minutes ago Modified: data/dla-needed.txt === --- data/dla-needed.txt 2016-1

[Secure-testing-commits] r47150 - in data: . DLA

2016-12-16 Thread Thorsten Alteholz
=== --- data/dla-needed.txt 2016-12-16 21:17:39 UTC (rev 47149) +++ data/dla-needed.txt 2016-12-16 21:44:47 UTC (rev 47150) @@ -88,8 +88,6 @@ -- otrs2 -- -php5 (Thorsten Alteholz) --- phpmyadmin (Brian May) -- potrace

[Secure-testing-commits] r47151 - data

2016-12-16 Thread Thorsten Alteholz
Author: alteholz Date: 2016-12-16 21:45:17 + (Fri, 16 Dec 2016) New Revision: 47151 Modified: data/dla-needed.txt Log: there is more todo Modified: data/dla-needed.txt === --- data/dla-needed.txt 2016-12-16 21:44:47 UTC (rev 4

[Secure-testing-commits] r47621 - in data: . DLA

2016-12-31 Thread Thorsten Alteholz
47621) @@ -29,8 +29,6 @@ NOTE: Incomplete/Incorrect fix as per https://lists.debian.org/debian-lts/2016/12/msg00077.html NOTE: Subject of announce mail also contained typo (DLA-574-1 vs. DLA-547-1) -- -hdf5 (Thorsten Alteholz) --- ikiwiki NOTE: The maintainer (Simon) think we shall de

[Secure-testing-commits] r47622 - data

2016-12-31 Thread Thorsten Alteholz
) +++ data/dla-needed.txt 2016-12-31 16:42:34 UTC (rev 47622) @@ -36,6 +36,8 @@ -- imagemagick (Emilio Pozuelo) -- + jasper (Thorsten Alteholz) +-- libav (Hugo Lefeuvre) NOTE: Upstream should provide new point-releases fixing open security issues in the next months. NOTE: Lots of CVEs are

[Secure-testing-commits] r47623 - data

2016-12-31 Thread Thorsten Alteholz
) +++ data/dla-needed.txt 2016-12-31 16:42:52 UTC (rev 47623) @@ -36,7 +36,7 @@ -- imagemagick (Emilio Pozuelo) -- - jasper (Thorsten Alteholz) +jasper (Thorsten Alteholz) -- libav (Hugo Lefeuvre) NOTE: Upstream should provide new point-releases fixing open security issues in the next

[Secure-testing-commits] r48068 - data

2017-01-14 Thread Thorsten Alteholz
2017-01-14 22:19:49 UTC (rev 48067) +++ data/dla-needed.txt 2017-01-14 22:31:19 UTC (rev 48068) @@ -18,6 +18,8 @@ NOTE: This change is invasive and need extra testing. We should NOTE: wait until it has been fixed in one of stable and sid. -- +bind (Thorsten Alteholz) +-- botan1.10 (Hugo

[Secure-testing-commits] r48069 - data

2017-01-14 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-14 22:31:49 + (Sat, 14 Jan 2017) New Revision: 48069 Modified: data/dla-needed.txt Log: add xen Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-14 22:31:19 UTC (rev 48068) +++ d

[Secure-testing-commits] r48070 - data

2017-01-14 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-14 22:35:29 + (Sat, 14 Jan 2017) New Revision: 48070 Modified: data/dla-needed.txt Log: add wordpress Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-14 22:31:49 UTC (rev 48069)

[Secure-testing-commits] r48077 - data

2017-01-15 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-15 12:16:53 + (Sun, 15 Jan 2017) New Revision: 48077 Modified: data/dla-needed.txt Log: chicken Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-15 12:15:58 UTC (rev 48076) +++ d

[Secure-testing-commits] r48078 - data/CVE

2017-01-15 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-15 12:22:10 + (Sun, 15 Jan 2017) New Revision: 48078 Modified: data/CVE/list Log: mark CVE-2017-5356 as no-dsa like in jessie Modified: data/CVE/list === --- data/CVE/list 2017-01-15 12:16:

[Secure-testing-commits] r48081 - data

2017-01-15 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-15 12:30:36 + (Sun, 15 Jan 2017) New Revision: 48081 Modified: data/dla-needed.txt Log: add libplist Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-15 12:29:25 UTC (rev 48080)

[Secure-testing-commits] r48082 - data

2017-01-15 Thread Thorsten Alteholz
UTC (rev 48081) +++ data/dla-needed.txt 2017-01-15 12:47:40 UTC (rev 48082) @@ -18,7 +18,7 @@ NOTE: This change is invasive and need extra testing. We should NOTE: wait until it has been fixed in one of stable and sid. -- -bind (Thorsten Alteholz) +bind9 (Thorsten Alteholz) -- botan1.10

[Secure-testing-commits] r48085 - data/CVE

2017-01-15 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-15 16:03:27 + (Sun, 15 Jan 2017) New Revision: 48085 Modified: data/CVE/list Log: mark lxc CVE as no-dsa like in jessie Modified: data/CVE/list === --- data/CVE/list 2017-01-15 15:57:07 UTC

[Secure-testing-commits] r48086 - data/CVE

2017-01-15 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-15 16:07:52 + (Sun, 15 Jan 2017) New Revision: 48086 Modified: data/CVE/list Log: mark qt4-x11 CVE as no-dsa like in jessie Modified: data/CVE/list === --- data/CVE/list 2017-01-15 16:03:27

[Secure-testing-commits] r48375 - data

2017-01-25 Thread Thorsten Alteholz
48374) +++ data/dla-needed.txt 2017-01-25 14:51:02 UTC (rev 48375) @@ -120,5 +120,5 @@ NOTE: Dominik George (maintainer) will take care of the issue: NOTE: https://lists.debian.org/debian-lts/2016/12/msg00135.html -- -zoneminder +zoneminder (Thorsten Alteholz

[Secure-testing-commits] r48376 - data

2017-01-25 Thread Thorsten Alteholz
48375) +++ data/dla-needed.txt 2017-01-25 14:52:01 UTC (rev 48376) @@ -40,6 +40,7 @@ imagemagick (Guido Günther) -- jasper (Thorsten Alteholz) + NOTE: not really clear what CVEs need to be fixed -- jbig2dec (Raphaël Hertzog) NOTE: No known solution as of 2017-01-20

[Secure-testing-commits] r48518 - in data: . DLA

2017-01-29 Thread Thorsten Alteholz
2017-01-29 11:13:51 UTC (rev 48518) @@ -14,8 +14,6 @@ NOTE: update needs testing in https://lists.debian.org/87fukh7hcq@curie.anarc.at NOTE: ready to upload after smoke tests, read the above thread. -- -bind9 (Thorsten Alteholz) --- cgiemail -- calibre

[Secure-testing-commits] r48519 - in data: . DLA

2017-01-29 Thread Thorsten Alteholz
(rev 48519) @@ -113,5 +113,3 @@ NOTE: Dominik George (maintainer) will take care of the issue: NOTE: https://lists.debian.org/debian-lts/2016/12/msg00135.html -- -zoneminder (Thorsten Alteholz) --- ___ Secure-testing-commits mailing list Secure

[Secure-testing-commits] r48525 - data

2017-01-29 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-29 15:18:37 + (Sun, 29 Jan 2017) New Revision: 48525 Modified: data/dla-needed.txt Log: add note to slurm-llnl Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-29 13:22:47 UTC (r

[Secure-testing-commits] r48552 - data

2017-01-30 Thread Thorsten Alteholz
) +++ data/dla-needed.txt 2017-01-30 10:43:45 UTC (rev 48552) @@ -39,7 +39,7 @@ NOTE: https://lists.debian.org/debian-lts/2017/01/msg00059.html -- jasper (Thorsten Alteholz) - NOTE: not really clear what CVEs need to be fixed + NOTE: no upstream fixes yet -- jbig2dec (Raphaël Hertzog

[Secure-testing-commits] r48566 - data/CVE

2017-01-30 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-30 19:05:33 + (Mon, 30 Jan 2017) New Revision: 48566 Modified: data/CVE/list Log: add bug number Modified: data/CVE/list === --- data/CVE/list 2017-01-30 18:57:10 UTC (rev 48565) +++ data/C

[Secure-testing-commits] r48578 - data/CVE

2017-01-30 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-30 21:22:09 + (Mon, 30 Jan 2017) New Revision: 48578 Modified: data/CVE/list Log: according to https://lists.apple.com/archives/security-announce/2016/Mar/msg5.html this belongs to Safari Modified: data/CVE/list =

[Secure-testing-commits] r48601 - data/CVE

2017-01-31 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-31 10:48:12 + (Tue, 31 Jan 2017) New Revision: 48601 Modified: data/CVE/list Log: change check to NOFU Modified: data/CVE/list === --- data/CVE/list 2017-01-31 10:11:31 UTC (rev 48600) +++

[Secure-testing-commits] r48602 - data/CVE

2017-01-31 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-31 10:49:50 + (Tue, 31 Jan 2017) New Revision: 48602 Modified: data/CVE/list Log: change check to NOFU Modified: data/CVE/list === --- data/CVE/list 2017-01-31 10:48:12 UTC (rev 48601) +++

[Secure-testing-commits] r48603 - data/CVE

2017-01-31 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-31 11:24:18 + (Tue, 31 Jan 2017) New Revision: 48603 Modified: data/CVE/list Log: TODO for CVE-2011-4076 done Modified: data/CVE/list === --- data/CVE/list 2017-01-31 10:49:50 UTC (rev 4860

[Secure-testing-commits] r48605 - data/CVE

2017-01-31 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-31 11:42:16 + (Tue, 31 Jan 2017) New Revision: 48605 Modified: data/CVE/list Log: first version in unstable containing the fix Modified: data/CVE/list === --- data/CVE/list 2017-01-31 11:40

[Secure-testing-commits] r48625 - data/CVE

2017-01-31 Thread Thorsten Alteholz
Author: alteholz Date: 2017-01-31 18:37:33 + (Tue, 31 Jan 2017) New Revision: 48625 Modified: data/CVE/list Log: mark some Microsoft issues as NOT-FOR-US: Modified: data/CVE/list === --- data/CVE/list 2017-01-31 18:14:40

[Secure-testing-commits] r48634 - data

2017-01-31 Thread Thorsten Alteholz
) +++ data/dla-needed.txt 2017-01-31 21:13:45 UTC (rev 48634) @@ -14,7 +14,7 @@ NOTE: update needs testing in https://lists.debian.org/87fukh7hcq@curie.anarc.at NOTE: ready to upload after smoke tests, read the above thread. -- -bitlbee +bitlbee (Thorsten Alteholz) -- calibre NOTE

[Secure-testing-commits] r48712 - data/CVE

2017-02-04 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-04 18:15:07 + (Sat, 04 Feb 2017) New Revision: 48712 Modified: data/CVE/list Log: Microsoft CLFS is NOFU Modified: data/CVE/list === --- data/CVE/list 2017-02-04 17:45:19 UTC (rev 48711) ++

[Secure-testing-commits] r48713 - data/CVE

2017-02-04 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-04 18:43:06 + (Sat, 04 Feb 2017) New Revision: 48713 Modified: data/CVE/list Log: Microsoft OWA is NOFU Modified: data/CVE/list === --- data/CVE/list 2017-02-04 18:15:07 UTC (rev 48712) +++

[Secure-testing-commits] r48714 - data/CVE

2017-02-04 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-04 18:45:49 + (Sat, 04 Feb 2017) New Revision: 48714 Modified: data/CVE/list Log: Microsoft Excel is NOFU Modified: data/CVE/list === --- data/CVE/list 2017-02-04 18:43:06 UTC (rev 48713) +

[Secure-testing-commits] r48715 - data/CVE

2017-02-04 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-04 18:51:33 + (Sat, 04 Feb 2017) New Revision: 48715 Modified: data/CVE/list Log: Microsoft NFUs Modified: data/CVE/list === --- data/CVE/list 2017-02-04 18:45:49 UTC (rev 48714) +++ data/C

[Secure-testing-commits] r48838 - data

2017-02-10 Thread Thorsten Alteholz
) +++ data/dla-needed.txt 2017-02-10 18:52:03 UTC (rev 48838) @@ -14,7 +14,7 @@ NOTE: update needs testing in https://lists.debian.org/87fukh7hcq@curie.anarc.at NOTE: ready to upload after smoke tests, read the above thread. -- -bind9 +bind9 (Thorsten Alteholz) -- bitlbee (Thorsten

[Secure-testing-commits] r49073 - in data: . DLA

2017-02-20 Thread Thorsten Alteholz
49073) @@ -16,8 +16,6 @@ -- bind9 (Thorsten Alteholz) -- -bitlbee (Thorsten Alteholz) --- calibre NOTE: We will need to investigate the issue much further. NOTE: In particular, it seems likely that there are more undocumented but ___ Secure

[Secure-testing-commits] r49075 - data/CVE

2017-02-20 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-20 19:04:47 + (Mon, 20 Feb 2017) New Revision: 49075 Modified: data/CVE/list Log: mark CVE-2017-5969 as no-dsa like in Jessie and fix typo Modified: data/CVE/list === --- data/CVE/list 2017

[Secure-testing-commits] r49082 - data

2017-02-20 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-20 21:05:54 + (Mon, 20 Feb 2017) New Revision: 49082 Modified: data/dla-needed.txt Log: libxml2 is no longer needed Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-02-20 20:33:22 U

[Secure-testing-commits] r49092 - data/packages

2017-02-20 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-21 07:11:57 + (Tue, 21 Feb 2017) New Revision: 49092 Modified: data/packages/lts-do-not-call Log: no need to ask maintainer for php5 Modified: data/packages/lts-do-not-call === --- data/packages/

[Secure-testing-commits] r49142 - data

2017-02-23 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-23 11:31:43 + (Thu, 23 Feb 2017) New Revision: 49142 Modified: data/dla-needed.txt Log: add munin Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-02-23 11:24:25 UTC (rev 49141) +++

[Secure-testing-commits] r49171 - data

2017-02-24 Thread Thorsten Alteholz
49170) +++ data/dla-needed.txt 2017-02-24 10:06:21 UTC (rev 49171) @@ -78,7 +78,7 @@ NOTE: 2016-12-13: Upstream ping here: https://rt.cpan.org/Public/Bug/Display.html?id=118097#txn-1690223 NOTE: 2017-01-20: Ping upstream by private email -- Raphael Hertzog -- -libytnef +libytnef (Thorsten

[Secure-testing-commits] r49176 - data

2017-02-24 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-24 11:19:24 + (Fri, 24 Feb 2017) New Revision: 49176 Modified: data/dla-needed.txt Log: add xbmc under reserve Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-02-24 11:18:19 UTC (r

[Secure-testing-commits] r49180 - data/CVE

2017-02-24 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-24 11:28:57 + (Fri, 24 Feb 2017) New Revision: 49180 Modified: data/CVE/list Log: add note for libytnef fix Modified: data/CVE/list === --- data/CVE/list 2017-02-24 11:26:48 UTC (rev 49179)

[Secure-testing-commits] r49194 - data

2017-02-24 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-24 22:21:06 + (Fri, 24 Feb 2017) New Revision: 49194 Modified: data/dla-needed.txt Log: add radare2 Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-02-24 21:10:12 UTC (rev 49193) +

[Secure-testing-commits] r49206 - data/packages

2017-02-25 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-25 12:08:46 + (Sat, 25 Feb 2017) New Revision: 49206 Modified: data/packages/lts-do-not-call Log: maintainer of radare2 opted out Modified: data/packages/lts-do-not-call === --- data/packages/lts

[Secure-testing-commits] r49207 - data

2017-02-25 Thread Thorsten Alteholz
(rev 49206) +++ data/dla-needed.txt 2017-02-25 12:11:54 UTC (rev 49207) @@ -108,7 +108,7 @@ qemu-kvm (Guido Günther) -- radare2 (Thorsten Alteholz) - NOTE: according to maintainer, nothing needs to be done, recheck + NOTE: the vulnerability still exists, but is just in a different function

[Secure-testing-commits] r49208 - data

2017-02-25 Thread Thorsten Alteholz
49207) +++ data/dla-needed.txt 2017-02-25 12:48:20 UTC (rev 49208) @@ -117,6 +117,8 @@ NOTE: from my point of view backporting the introduction of these new members to this old NOTE: version is way to invasive and such this should be marked as -- +tnef (Thorsten Alteholz) +-- xbmc NOTE

[Secure-testing-commits] r49213 - data

2017-02-25 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-25 15:07:29 + (Sat, 25 Feb 2017) New Revision: 49213 Modified: data/dla-needed.txt Log: add mupdf Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-02-25 15:00:22 UTC (rev 49212) +++

[Secure-testing-commits] r49214 - data

2017-02-25 Thread Thorsten Alteholz
(rev 49213) +++ data/dla-needed.txt 2017-02-25 15:08:09 UTC (rev 49214) @@ -15,6 +15,7 @@ NOTE: ready to upload after smoke tests, read the above thread. -- bind9 (Thorsten Alteholz) + NOTE: test package at https://people.debian.org/~alteholz/packages/wheezy-lts/bind9/amd64/ -- calibre

[Secure-testing-commits] r49215 - data/CVE

2017-02-25 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-25 15:21:30 + (Sat, 25 Feb 2017) New Revision: 49215 Modified: data/CVE/list Log: add bug number Modified: data/CVE/list === --- data/CVE/list 2017-02-25 15:08:09 UTC (rev 49214) +++ data/C

[Secure-testing-commits] r49217 - data

2017-02-25 Thread Thorsten Alteholz
to respond +-- jasper (Thorsten Alteholz) NOTE: no upstream fixes yet -- ___ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r49218 - data

2017-02-25 Thread Thorsten Alteholz
Author: alteholz Date: 2017-02-25 15:43:59 + (Sat, 25 Feb 2017) New Revision: 49218 Modified: data/dla-needed.txt Log: add zziplib Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-02-25 15:38:11 UTC (rev 49217) +

[Secure-testing-commits] r49247 - in data: . DLA

2017-02-26 Thread Thorsten Alteholz
) -- -radare2 (Thorsten Alteholz) - NOTE: the vulnerability still exists, but is just in a different function --- sane-backends (Jörg Frings-Fürst) -- shadow (Balint Reczey) ___ Secure-testing-commits mailing list Secure-testing-commits

[Secure-testing-commits] r49278 - in data: . DLA

2017-02-27 Thread Thorsten Alteholz
) @@ -121,8 +121,6 @@ NOTE: from my point of view backporting the introduction of these new members to this old NOTE: version is way to invasive and such this should be marked as -- -tnef (Thorsten Alteholz) --- web2py NOTE: added 2017-02-25, please give maintainer some time to respond

[Secure-testing-commits] r49315 - in data: . DLA

2017-02-28 Thread Thorsten Alteholz
:45 UTC (rev 49315) @@ -10,9 +10,6 @@ https://wiki.debian.org/LTS/Development#Triage_new_security_issues -- -bind9 (Thorsten Alteholz) - NOTE: test package at https://people.debian.org/~alteholz/packages/wheezy-lts/bind9/amd64/ --- calibre NOTE: We will need to investigate the issue much

[Secure-testing-commits] r49424 - data

2017-03-05 Thread Thorsten Alteholz
49423) +++ data/dla-needed.txt 2017-03-05 22:00:46 UTC (rev 49424) @@ -96,6 +96,8 @@ -- qemu-kvm (Guido Günther) -- +radare2 (Thorsten Alteholz) +-- sane-backends (Jörg Frings-Fürst) -- slurm-llnl ___ Secure-testing-commits mailing list Secure

[Secure-testing-commits] r49703 - data/CVE

2017-03-15 Thread Thorsten Alteholz
Author: alteholz Date: 2017-03-15 14:36:16 + (Wed, 15 Mar 2017) New Revision: 49703 Modified: data/CVE/list Log: according to Ubuntu php5 is affected as well Modified: data/CVE/list === --- data/CVE/list 2017-03-15 12:17

<    1   2   3   4   5   6   7   8   9   >