Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add JetBrains specific NFUs | Salvatore Bonaccorso | 2020-01-30 | 1 | -9/+9 |
| | |||||
* | Add CVE-2020-8492/python* | Salvatore Bonaccorso | 2020-01-30 | 1 | -1/+8 |
| | |||||
* | automatic update | security tracker role | 2020-01-30 | 1 | -54/+142 |
| | |||||
* | Update information on CVE-2020-0569 and CVE-2020-0570 | Salvatore Bonaccorso | 2020-01-30 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | For CVE-2020-0570 Lisandro asked back to upstream about confirmation on the affected ranges. Upstream confirmed that the issue is not present before 5.12: > The patch just make sure that we don't do wrong call when the search prefixes > contains '/' > But before 5.12 (commit 5219c37f7c98f37f078fee00fe8ca35d83ff4f5d), there were > no search prefixes with '/' in them. > So no need to apply the patch in earlier versions. Remove as well the now uneeded TODO item from CVE-2020-0569, as the issue does not apply to the old qt4-x11. | ||||
* | NFUs | Moritz Muehlenhoff | 2020-01-30 | 2 | -15/+18 |
| | | | | stb code copy bugs | ||||
* | Add fixed version for CVE-2020-193{0,1}/spamassassin | Salvatore Bonaccorso | 2020-01-30 | 1 | -2/+2 |
| | | | | 3.4.4~rc1-1 already contain the upstream fixes for those issues. | ||||
* | Add Debian bug reference for CVE-2020-193{0,1}/spamassassin | Salvatore Bonaccorso | 2020-01-30 | 1 | -2/+2 |
| | |||||
* | Mark CVE-2019-20387/libsolv as no-dsa for buster and stretch | Salvatore Bonaccorso | 2020-01-30 | 1 | -0/+2 |
| | |||||
* | Add fixed version for CVE-2019-20387/libsolv | Salvatore Bonaccorso | 2020-01-30 | 1 | -1/+1 |
| | |||||
* | data/dla-needed.txt: re-add openjpeg2 and claim it | Mike Gabriel | 2020-01-30 | 1 | -0/+4 |
| | |||||
* | Reserve DLA-2088-1 for libsolv | Mike Gabriel | 2020-01-30 | 2 | -3/+3 |
| | |||||
* | Revert "Add CVE-2020-0569/qt4-x11 as well" | Salvatore Bonaccorso | 2020-01-30 | 1 | -1/+1 |
| | | | | This reverts commit 5bd1b4fe297eec05696066f96ffbaf4d8c9633b6. | ||||
* | Add CVE-2020-0569/qt4-x11 as well | Salvatore Bonaccorso | 2020-01-30 | 1 | -1/+1 |
| | | | | Thanks: Lisandro Damián Nicanor Pérez Meyer | ||||
* | Remove qtbase-opensource-src-gles from affected versions, thanks to lisandro | Moritz Muehlenhoff | 2020-01-30 | 1 | -2/+0 |
| | |||||
* | Reserve DLA-2087-1 for suricata | Mike Gabriel | 2020-01-30 | 2 | -2/+3 |
| | |||||
* | qt update | Moritz Muehlenhoff | 2020-01-30 | 1 | -2/+4 |
| | |||||
* | LTS/claim libxmlrpc3-java in dla-needed.txt | Roberto C. Sánchez | 2020-01-30 | 1 | -1/+1 |
| | |||||
* | Update tracking for CVE-2017-14858/exiv2 | Salvatore Bonaccorso | 2020-01-30 | 1 | -4/+1 |
| | |||||
* | Update tracking for issues for exiv2 tracked in #868578 | Salvatore Bonaccorso | 2020-01-30 | 1 | -10/+5 |
| | |||||
* | Update tracking for CVE-2018-5772/exiv2 | Salvatore Bonaccorso | 2020-01-30 | 1 | -2/+1 |
| | |||||
* | Update tracking for CVE-2018-18915/exiv2 | Salvatore Bonaccorso | 2020-01-30 | 1 | -2/+1 |
| | |||||
* | Update tracking for CVE-2018-19607/exiv2 | Salvatore Bonaccorso | 2020-01-30 | 1 | -2/+1 |
| | |||||
* | Add fixed version for CVE-2019-20421/exiv2 via unstable | Salvatore Bonaccorso | 2020-01-30 | 1 | -1/+1 |
| | |||||
* | Adjust tracking of CVE-2019-9143 and CVE-2019-9144 | Salvatore Bonaccorso | 2020-01-30 | 1 | -4/+8 |
| | | | | | | | The issues until some time ago only ever affected experimental, but then a 0.27.2 based version was uploaded to unstable moving the vulnerable state there. Adjust tracking and mark the fixed version first in unstable as 0.27.2-8. | ||||
* | Add initial tracking for CVE-2020-0570/qtbase-opensource-src | Salvatore Bonaccorso | 2020-01-30 | 1 | -0/+4 |
| | |||||
* | Add CVE-2020-0569 initial tracking (more work needed) | Salvatore Bonaccorso | 2020-01-30 | 1 | -0/+4 |
| | |||||
* | Add new ossec-hids issues | Salvatore Bonaccorso | 2020-01-30 | 1 | -7/+7 |
| | |||||
* | Add spamassassin to dsa-needed list | Salvatore Bonaccorso | 2020-01-30 | 1 | -0/+3 |
| | |||||
* | Add CVE-2019-2044{4,5}/netty | Salvatore Bonaccorso | 2020-01-30 | 1 | -2/+4 |
| | |||||
* | Process one NFU | Salvatore Bonaccorso | 2020-01-30 | 1 | -1/+1 |
| | |||||
* | Remove TODO item CVE-2020-1930 and CVE-2020-1931 (checked) | Salvatore Bonaccorso | 2020-01-30 | 1 | -2/+0 |
| | |||||
* | Remove CVE-2019-17026 listing for DLA-2061-1 | Salvatore Bonaccorso | 2020-01-30 | 2 | -2/+2 |
| | | | | | The issue only was fixed in upstream 68.4.1 ESR and the DLA-2061-1 upload was based on 68.4.0. | ||||
* | CVE-2020-1930/spamassassin, CVE-2020-1931/spamassassin | Henri Salo | 2020-01-30 | 1 | -0/+8 |
| | |||||
* | Process two NFUs | Salvatore Bonaccorso | 2020-01-30 | 1 | -2/+2 |
| | |||||
* | automatic update | security tracker role | 2020-01-30 | 1 | -16/+56 |
| | |||||
* | Add CVE-2020-7238/netty | Salvatore Bonaccorso | 2020-01-30 | 1 | -1/+4 |
| | |||||
* | Add Debian bug reference for opensmtpd issues | Salvatore Bonaccorso | 2020-01-29 | 1 | -2/+2 |
| | |||||
* | Add further note on CVE-2020-7247/opensmtpd | Salvatore Bonaccorso | 2020-01-29 | 1 | -0/+3 |
| | |||||
* | add stub entry for second opensmtpd issue | Moritz Muehlenhoff | 2020-01-29 | 1 | -0/+5 |
| | |||||
* | update stretch version for opensmtpd | Moritz Muehlenhoff | 2020-01-29 | 2 | -2/+4 |
| | | | | u-boot no-dsa | ||||
* | Reserve DLA-2086-1 for wget | Thorsten Alteholz | 2020-01-29 | 1 | -0/+3 |
| | |||||
* | Jessie only CVE has been fixed | Thorsten Alteholz | 2020-01-29 | 1 | -1/+0 |
| | |||||
* | Reserve DLA-2085-1 for zlib | Thorsten Alteholz | 2020-01-29 | 1 | -0/+3 |
| | |||||
* | Jessie only CVEs have been fixed | Thorsten Alteholz | 2020-01-29 | 1 | -4/+0 |
| | |||||
* | Reserve DLA-2084-1 for graphicsmagick | Thorsten Alteholz | 2020-01-29 | 2 | -3/+3 |
| | |||||
* | Add Debian bug reference for CVE-2020-8112/openjpeg2 | Salvatore Bonaccorso | 2020-01-29 | 1 | -1/+1 |
| | |||||
* | Add Debian bug reference for CVE-2019-20421/exiv2 | Salvatore Bonaccorso | 2020-01-29 | 1 | -1/+1 |
| | |||||
* | Mark CVE-2020-8122 as no-dsa for buster and stretch | Salvatore Bonaccorso | 2020-01-29 | 1 | -0/+2 |
| | |||||
* | Add CVE-2020-8112/openjpeg2 | Salvatore Bonaccorso | 2020-01-29 | 1 | -1/+2 |
| | |||||
* | Add CVE-2019-20421/exiv2 | Salvatore Bonaccorso | 2020-01-29 | 1 | -1/+3 |
| |