Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Use square bracketsupdate_CVE-2021-3426 | Anton Gladky | 2021-04-04 | 1 | -1/+1 |
| | |||||
* | Update information about CVE-2021-3426 | Anton Gladky | 2021-04-03 | 1 | -1/+2 |
| | |||||
* | automatic update | security tracker role | 2021-04-03 | 1 | -0/+13 |
| | |||||
* | Claim qemu in dla-needed.txt | Markus Koschany | 2021-04-03 | 1 | -1/+1 |
| | |||||
* | Mark open CVE of libxstream-java as fixed in unstable | Markus Koschany | 2021-04-03 | 1 | -11/+11 |
| | |||||
* | Reserve DLA-2616-1 for libxstream-java | Markus Koschany | 2021-04-03 | 2 | -2/+3 |
| | |||||
* | Track fixed version for CVE-2021-28834/ruby-kramdown via unstable | Salvatore Bonaccorso | 2021-04-03 | 1 | -1/+1 |
| | |||||
* | CVE-2021-21295,CVE-2021-21409,netty: Mark as ignored for Stretch | Markus Koschany | 2021-04-03 | 1 | -0/+2 |
| | | | | | | | | | The fix for both CVE requires a backport of the new HTTP2 API. There have been major changes between the current version in Stretch 4.1.7 and the most recent release 4.1.60. Since the logic changed and the API is marked as "unstable" in certain places, a backport poses a significant risk to break any project that still relies on the old logic. In contrast the security risk is low. Hence these issues are ignored in Stretch. | ||||
* | Remove netty from dla-needed.txt | Markus Koschany | 2021-04-03 | 1 | -2/+0 |
| | |||||
* | Claim libxstream-java in dla-needed.txt | Markus Koschany | 2021-04-03 | 1 | -1/+1 |
| | |||||
* | dla: claim php-pear | Sylvain Beucler | 2021-04-03 | 1 | -1/+1 |
| | |||||
* | CVE-2021-23980: reference directly commit instead of merge commit | Salvatore Bonaccorso | 2021-04-03 | 1 | -1/+1 |
| | |||||
* | dla: add ruby-nokogiri following conversation with initial triager | Sylvain Beucler | 2021-04-03 | 1 | -0/+4 |
| | |||||
* | Track fix via experimental for CVE-2021-3426/python3.9 | Salvatore Bonaccorso | 2021-04-03 | 1 | -0/+1 |
| | |||||
* | Add information for CVE-2020-24995/ffmpeg | Salvatore Bonaccorso | 2021-04-03 | 1 | -1/+8 |
| | |||||
* | automatic update | security tracker role | 2021-04-03 | 2 | -20/+24 |
| | |||||
* | Track fixed version for CVE-2021-20305/nettle | Salvatore Bonaccorso | 2021-04-03 | 1 | -1/+1 |
| | |||||
* | Add fixed version for CVE-2021-21772/lib3mf | Salvatore Bonaccorso | 2021-04-03 | 1 | -1/+1 |
| | |||||
* | Add CVE-2021-27973/piwigo | Salvatore Bonaccorso | 2021-04-03 | 1 | -1/+1 |
| | |||||
* | Process NFUs | Salvatore Bonaccorso | 2021-04-03 | 3 | -145/+145 |
| | |||||
* | Add CVE-2021-29939/rust-stackvector | Salvatore Bonaccorso | 2021-04-03 | 1 | -1/+2 |
| | |||||
* | Process some NFUs | Salvatore Bonaccorso | 2021-04-02 | 1 | -8/+8 |
| | |||||
* | automatic update | security tracker role | 2021-04-02 | 4 | -328/+553 |
| | |||||
* | Add CVE-2021-22696 as NFU | Salvatore Bonaccorso | 2021-04-02 | 1 | -0/+1 |
| | |||||
* | CVE-2020-4051/dojo: reference patch | Sylvain Beucler | 2021-04-02 | 1 | -0/+1 |
| | |||||
* | dla: golang-gogoprotobuf: reference mailing-list thread | Sylvain Beucler | 2021-04-02 | 1 | -0/+1 |
| | |||||
* | CVE-2020-26248/ruby-nokogiri: code is mostly present in stretch AFAICS | Sylvain Beucler | 2021-04-02 | 1 | -1/+0 |
| | |||||
* | CVE-2020-13757/python-rsa: fix reason | Sylvain Beucler | 2021-04-02 | 1 | -1/+1 |
| | | | | There actually is a rdep (awscli) | ||||
* | Add CVE-2021-3481/qtsvg | Salvatore Bonaccorso | 2021-04-02 | 1 | -2/+11 |
| | |||||
* | Add CVE-2021-29657/linux | Salvatore Bonaccorso | 2021-04-02 | 1 | -1/+5 |
| | |||||
* | Add reference for CVE-2021-3326/glibc | Salvatore Bonaccorso | 2021-04-02 | 1 | -0/+1 |
| | |||||
* | Add reference for CVE-2021-3345 | Salvatore Bonaccorso | 2021-04-02 | 1 | -0/+1 |
| | |||||
* | Add CVE-2021-29421/pikepdf bug reference | Salvatore Bonaccorso | 2021-04-02 | 1 | -1/+1 |
| | |||||
* | Add Debian bug reference for CVE-2021-28994/kopanocore | Salvatore Bonaccorso | 2021-04-02 | 1 | -1/+1 |
| | |||||
* | Add CVE-2021-28994/kopanocore | Salvatore Bonaccorso | 2021-04-02 | 1 | -1/+2 |
| | |||||
* | Add CVE-2021-29421/pikepdf | Salvatore Bonaccorso | 2021-04-02 | 1 | -1/+2 |
| | |||||
* | Process some NFUs | Salvatore Bonaccorso | 2021-04-02 | 2 | -11/+11 |
| | |||||
* | Add CVE-2021-30004/wpa | Salvatore Bonaccorso | 2021-04-02 | 1 | -1/+2 |
| | |||||
* | automatic update | security tracker role | 2021-04-02 | 2 | -29/+153 |
| | |||||
* | Add CVE-2021-30002/linux | Salvatore Bonaccorso | 2021-04-02 | 1 | -0/+4 |
| | |||||
* | Reserve DSA number for ldb update | Salvatore Bonaccorso | 2021-04-02 | 2 | -2/+3 |
| | |||||
* | Add Debian bug reference for CVE-2021-22890/curl | Salvatore Bonaccorso | 2021-04-02 | 1 | -1/+1 |
| | |||||
* | Add Debian bug reference for CVE-2021-22876/curl | Salvatore Bonaccorso | 2021-04-02 | 1 | -1/+1 |
| | |||||
* | Mark CVE-2021-29424/libnet-netmask-perl as no-dsa | Salvatore Bonaccorso | 2021-04-02 | 1 | -0/+1 |
| | |||||
* | Reserve DLA-2615-1 for spamassassin | Utkarsh Gupta | 2021-04-02 | 2 | -2/+3 |
| | |||||
* | Process several NFUs | Salvatore Bonaccorso | 2021-04-01 | 2 | -21/+21 |
| | |||||
* | automatic update | security tracker role | 2021-04-01 | 2 | -76/+75 |
| | |||||
* | fixup DSA entry | Moritz Mühlenhoff | 2021-04-01 | 1 | -0/+1 |
| | |||||
* | underscore, openjpeg2 DSAs | Moritz Mühlenhoff | 2021-04-01 | 2 | -4/+5 |
| | |||||
* | Sync CVE-2021-29648 with kernel-sec | Salvatore Bonaccorso | 2021-04-01 | 1 | -1/+1 |
| |