Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Process some NFUs | Salvatore Bonaccorso | 2021-03-05 | 1 | -1/+1 |
| | |||||
* | automatic update | security tracker role | 2021-03-05 | 1 | -0/+1 |
| | |||||
* | qemu triage | Moritz Muehlenhoff | 2021-03-05 | 1 | -0/+1 |
| | |||||
* | automatic update | security tracker role | 2021-03-05 | 1 | -4/+6 |
| | |||||
* | Process NFUs | Salvatore Bonaccorso | 2021-03-04 | 1 | -2/+2 |
| | |||||
* | automatic update | security tracker role | 2021-03-04 | 1 | -4/+4 |
| | |||||
* | CVE-2021-2403{1,2}/libzstd assigned | Salvatore Bonaccorso | 2021-03-02 | 1 | -5/+0 |
| | |||||
* | Process some NFUs | Salvatore Bonaccorso | 2021-03-01 | 1 | -1/+1 |
| | |||||
* | Update information on CVE-2019-0222 and associate mqtt-client | Salvatore Bonaccorso | 2021-03-01 | 1 | -3/+5 |
| | | | | | | | | | | | | | activemq upstream included the mqtt-client library in the lib/extra directory but in Debian we use the external src:mqtt-client accordngly. The history is a bit involving at at first activemq disabled MQTT support, later on enabled it and depending on the mqtt-client provided packages. Associate now the CVE with mqtt-client where the issue got fixed. Thanks: Abhijith PA for spotting the issue. | ||||
* | Mark CVE-2019-508{6,7}/xcftools as no-dsa | Salvatore Bonaccorso | 2021-02-28 | 1 | -0/+2 |
| | |||||
* | Process some NFUs | Salvatore Bonaccorso | 2021-02-27 | 1 | -5/+5 |
| | |||||
* | automatic update | security tracker role | 2021-02-27 | 1 | -8/+10 |
| | |||||
* | Remove NFU from ITPed intellij-idea of CVE-2019-10103 | Laszlo Boszormenyi (GCS) | 2021-02-26 | 1 | -1/+0 |
| | |||||
* | bullseye triage | Moritz Mühlenhoff | 2021-02-26 | 1 | -8/+0 |
| | | | | | remove undetermined entries for intellij-community-idea, the issues are for the fullblown IDE, which is ITPd, while this just provides some general classes | ||||
* | automatic update | security tracker role | 2021-02-26 | 1 | -2/+2 |
| | |||||
* | Process some NFUs | Salvatore Bonaccorso | 2021-02-26 | 1 | -6/+6 |
| | |||||
* | automatic update | security tracker role | 2021-02-26 | 1 | -12/+12 |
| | |||||
* | Replace some jenkins specific NFUs to the source package | Salvatore Bonaccorso | 2021-02-25 | 1 | -20/+20 |
| | |||||
* | Track fixed version for xcftools via unstable | Salvatore Bonaccorso | 2021-02-25 | 1 | -2/+2 |
| | |||||
* | NFUs | Moritz Muehlenhoff | 2021-02-23 | 1 | -1/+1 |
| | |||||
* | Track fixes for python2.7 via unstable | Salvatore Bonaccorso | 2021-02-20 | 1 | -2/+1 |
| | |||||
* | Add workaround entry for libzstd for stretch | Utkarsh Gupta | 2021-02-20 | 1 | -0/+1 |
| | |||||
* | Process some NFUs | Salvatore Bonaccorso | 2021-02-20 | 1 | -2/+2 |
| | |||||
* | Process some NFUs | Salvatore Bonaccorso | 2021-02-19 | 1 | -1/+1 |
| | |||||
* | automatic update | security tracker role | 2021-02-19 | 1 | -0/+11 |
| | |||||
* | CVE-2019-20367 has a NVD score of 9.1 and has been fixed | Thorsten Alteholz | 2021-02-18 | 1 | -1/+0 |
| | |||||
* | mujs entered the archive, recheck some older CVEs | Salvatore Bonaccorso | 2021-02-18 | 1 | -4/+11 |
| | |||||
* | automatic update | security tracker role | 2021-02-18 | 1 | -4/+4 |
| | |||||
* | Add CVE-2019-17582/libzip | Salvatore Bonaccorso | 2021-02-18 | 1 | -1/+5 |
| | | | | | | | Note that the reporter states "This use-after-free is triggered prior to the double free reported in CVE-2017-12858." and a second CVE assigned. Please double-check correctness of CVE-2019-17582 tracking. | ||||
* | automatic update | security tracker role | 2021-02-17 | 1 | -1/+1 |
| | |||||
* | Remove postponed tagged entry for CVE-2019-1551/openssl | Salvatore Bonaccorso | 2021-02-17 | 1 | -1/+0 |
| | |||||
* | Add CVE-2019-25019/limesurvey | Salvatore Bonaccorso | 2021-02-14 | 1 | -1/+1 |
| | |||||
* | automatic update | security tracker role | 2021-02-14 | 1 | -0/+2 |
| | |||||
* | Update status for CVE-2019-1209{4,5} | Salvatore Bonaccorso | 2021-02-13 | 1 | -8/+5 |
| | | | | | | For the remaining unfixed part the issues where minor and to be ignored. Upstreams shows no interest that they further get adressed. Mark those as unimportant given the negligible impact. | ||||
* | mysql-5.7 removed from unstable | Salvatore Bonaccorso | 2021-02-13 | 1 | -27/+27 |
| | |||||
* | mark all other otrs2 CVEs as ignored for Stretch as non-free is not supported | Thorsten Alteholz | 2021-02-12 | 1 | -12/+12 |
| | |||||
* | Add CVE-2019-1900{4,5}/autotrace | Salvatore Bonaccorso | 2021-02-12 | 1 | -2/+4 |
| | |||||
* | automatic update | security tracker role | 2021-02-12 | 1 | -4/+4 |
| | |||||
* | automatic update | security tracker role | 2021-02-10 | 1 | -0/+2 |
| | |||||
* | Adjust libzstd version in buster | Salvatore Bonaccorso | 2021-02-10 | 1 | -1/+1 |
| | |||||
* | libzstd's #981404 is fixed in buster in 1.3.8+dfsg-3+deb10u | Sébastien Delafond | 2021-02-10 | 1 | -0/+1 |
| | |||||
* | automatic update | security tracker role | 2021-02-09 | 1 | -4/+4 |
| | |||||
* | Update information for CVE-2019-10069/godot | Salvatore Bonaccorso | 2021-02-08 | 1 | -1/+4 |
| | |||||
* | Add temporary entry for libzstd issue | Salvatore Bonaccorso | 2021-02-08 | 1 | -0/+3 |
| | |||||
* | Track fixed version for CVE-2019-13952/gdnsd via unstable | Salvatore Bonaccorso | 2021-02-07 | 1 | -1/+1 |
| | |||||
* | automatic update | security tracker role | 2021-02-07 | 1 | -1/+4 |
| | |||||
* | Remove entries covered by the DLA | Salvatore Bonaccorso | 2021-02-06 | 1 | -3/+0 |
| | |||||
* | Reserve DLA-2547-1 for wireshark | Adrian Bunk | 2021-02-06 | 1 | -3/+3 |
| | |||||
* | Merge updates acked and included in the Debian buster 10.8 point release | Salvatore Bonaccorso | 2021-02-06 | 1 | -5/+5 |
| | | | | | | | For the first time with the help of 'merge-cve-files' as implemented by Emilio Pozuelo Monfort. next-point-update.txt: Cleanup list from merged entries | ||||
* | Update information for CVE-2019-25016/doas | Salvatore Bonaccorso | 2021-02-05 | 1 | -2/+3 |
| |