Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Process some NFUs | Salvatore Bonaccorso | 2021-11-29 | 1 | -3/+3 |
| | |||||
* | automatic update | security tracker role | 2021-11-29 | 1 | -10/+13 |
| | |||||
* | mark CVE-2021-42717 as postponed | Thorsten Alteholz | 2021-11-29 | 1 | -0/+1 |
| | |||||
* | mark CVE-2021-44143 as postponed | Thorsten Alteholz | 2021-11-29 | 1 | -0/+1 |
| | |||||
* | mark CVE-2021-3903 as no-dsa for Stretch | Thorsten Alteholz | 2021-11-29 | 1 | -0/+1 |
| | |||||
* | mark CVE-2021-3927 as no-dsa for Stretch | Thorsten Alteholz | 2021-11-29 | 1 | -0/+1 |
| | |||||
* | mark CVE-2021-3928 as no-dsa for Stretch | Thorsten Alteholz | 2021-11-28 | 1 | -0/+1 |
| | |||||
* | mark CVE-2021-3968 as not-affected for Stretch | Thorsten Alteholz | 2021-11-28 | 1 | -0/+1 |
| | |||||
* | mark CVE-2021-41165 and CVE-2021-41164 as no-dsa for Stretch | Thorsten Alteholz | 2021-11-28 | 1 | -0/+2 |
| | |||||
* | mark CVE-2020-23904 and CVE-2020-23903 as no-dsa for Stretch | Thorsten Alteholz | 2021-11-28 | 1 | -0/+2 |
| | |||||
* | mark CVE-2021-44225 as no-dsa for Jessie | Thorsten Alteholz | 2021-11-28 | 1 | -0/+1 |
| | |||||
* | quagga removed | Moritz Muehlenhoff | 2021-11-28 | 3 | -3/+3 |
| | |||||
* | automatic update | security tracker role | 2021-11-28 | 4 | -5/+7 |
| | |||||
* | Track CVE-2021-33560 and CVE-2021-40528 | Salvatore Bonaccorso | 2021-11-28 | 1 | -2/+2 |
| | | | | | | | | | | | This got complex as the initial CVE assignment got swapped later. Following other distributions we now recitify the old tracking. This now was really a unnecessary burden, in particular because the upstream repository commit reference will not swap the CVE in the commit message, which I would expect can cause some further confusions. Thus keep as well the notes about the swapping. | ||||
* | Reserve DLA-2831-1 for libntlm | Adrian Bunk | 2021-11-28 | 1 | -1/+0 |
| | |||||
* | stretch is not affected by CVE-2019-20792 | Adrian Bunk | 2021-11-28 | 1 | -1/+1 |
| | |||||
* | Reserve DLA-2830-1 for tar | Adrian Bunk | 2021-11-28 | 1 | -1/+0 |
| | |||||
* | automatic update | security tracker role | 2021-11-28 | 1 | -1/+1 |
| | |||||
* | Reserve DLA-2829-1 for libvpx | Adrian Bunk | 2021-11-27 | 1 | -1/+0 |
| | |||||
* | Add CVE-2021-4020/janus | Salvatore Bonaccorso | 2021-11-27 | 1 | -1/+4 |
| | |||||
* | automatic update | security tracker role | 2021-11-27 | 4 | -5/+10 |
| | |||||
* | Reserve DLA-2828-1 for libvorbis | Adrian Bunk | 2021-11-27 | 2 | -3/+0 |
| | |||||
* | Associate CVE-2020-26261 with jupyterhub-systemdspawner which is different ↵ | Salvatore Bonaccorso | 2021-11-27 | 1 | -1/+1 |
| | | | | from JupyterHub itself | ||||
* | jupyterhub entered the archive | Salvatore Bonaccorso | 2021-11-27 | 3 | -2/+6 |
| | |||||
* | Reserve DLA-2827-1 for bluez | Sylvain Beucler | 2021-11-27 | 1 | -1/+0 |
| | |||||
* | Track fixed version for CVE-2021-24119/mbedtls via unstable | Salvatore Bonaccorso | 2021-11-27 | 1 | -1/+1 |
| | |||||
* | automatic update | security tracker role | 2021-11-27 | 1 | -2/+12 |
| | |||||
* | CVE-2020-11987/batik fixed via unstable | Salvatore Bonaccorso | 2021-11-27 | 1 | -1/+1 |
| | |||||
* | Add CVE-2021-21707/php* | Salvatore Bonaccorso | 2021-11-27 | 1 | -1/+9 |
| | |||||
* | Add CVE-2021-4024/libpod | Salvatore Bonaccorso | 2021-11-27 | 1 | -1/+4 |
| | |||||
* | Mark CVE-2021-3935/pgbouncer as no-dsa | Salvatore Bonaccorso | 2021-11-27 | 1 | -0/+2 |
| | |||||
* | Mark CVE-2021-42343 as no-dsa | Salvatore Bonaccorso | 2021-11-27 | 1 | -0/+2 |
| | |||||
* | mark CVE-2021-3941 as no-dsa | Thorsten Alteholz | 2021-11-27 | 1 | -0/+1 |
| | |||||
* | mark CVE-2021-41136 as no-dsa for Stretch | Thorsten Alteholz | 2021-11-27 | 1 | -0/+1 |
| | |||||
* | mark CVE-2020-27511 as no-dsa for Stretch | Thorsten Alteholz | 2021-11-27 | 1 | -0/+1 |
| | |||||
* | mark CVE-2020-23884 as no-dsa for Stretch | Thorsten Alteholz | 2021-11-27 | 1 | -0/+1 |
| | |||||
* | mark several CVEs of jqueryui as no-dsa | Thorsten Alteholz | 2021-11-27 | 1 | -0/+3 |
| | |||||
* | mark CVE-2021-23445 as no-dsa for Stretch | Thorsten Alteholz | 2021-11-27 | 1 | -0/+1 |
| | |||||
* | Track fixed version for CVE-2021-3935/pgbouncer | Salvatore Bonaccorso | 2021-11-26 | 1 | -1/+1 |
| | | | | | This is for the similar issue as for CVE-2021-23214 for PostgreSQL, but has a different CVE. | ||||
* | Remove one TODO item | Salvatore Bonaccorso | 2021-11-26 | 1 | -1/+0 |
| | |||||
* | Process several NFUs | Salvatore Bonaccorso | 2021-11-26 | 2 | -15/+15 |
| | |||||
* | Cleanup notes from CVE-2015-5202 | Salvatore Bonaccorso | 2021-11-26 | 1 | -1/+0 |
| | | | | This CVE was a duplicate of CVE-2015-5233. | ||||
* | automatic update | security tracker role | 2021-11-26 | 4 | -33/+142 |
| | |||||
* | Update information for CVE-2021-3736/linux | Salvatore Bonaccorso | 2021-11-26 | 1 | -1/+4 |
| | |||||
* | Track fixed version for CVE-2021-28703/xen | Salvatore Bonaccorso | 2021-11-26 | 1 | -1/+5 |
| | | | | | | | | Fixed by code cleanup in Xen 4.14, and backported to security-supported Xen branches as a prerequisite of the fix for XSA-378. 4.14.0-1~exp1 was the first version in Debian including the fix. Link: https://xenbits.xen.org/xsa/advisory-387.html | ||||
* | CVE-2021-43400/bluez: stretch ignored | Sylvain Beucler | 2021-11-26 | 1 | -0/+1 |
| | |||||
* | Add blog post reference for CVE-2021-42717 | Salvatore Bonaccorso | 2021-11-26 | 1 | -0/+1 |
| | |||||
* | automatic update | security tracker role | 2021-11-26 | 1 | -1/+9 |
| | |||||
* | Track fixed version for CVE-2021-21240 via unstable | Salvatore Bonaccorso | 2021-11-26 | 1 | -1/+1 |
| | |||||
* | Track fixes for linux via unstable upload of 5.15.5-1 | Salvatore Bonaccorso | 2021-11-26 | 2 | -3/+3 |
| |