[Git][security-tracker-team/security-tracker][master] Remove sox from dsa-needed list, no update required

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a4d4a7d2 by Salvatore Bonaccorso at 2023-08-15T07:32:10+02:00 Remove sox from dsa-needed list, no update required The only DSA worthy CVE was CVE-2023-34432 which was already fixed. - - - - -

[Git][security-tracker-team/security-tracker][master] 2 commits: Reference proposed patch for CVE-2023-32627/sox

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 71933bc7 by Salvatore Bonaccorso at 2023-08-15T07:29:56+02:00 Reference proposed patch for CVE-2023-32627/sox - - - - - 9467f2d4 by Salvatore Bonaccorso at 2023-08-15T07:30:43+02:00 Mark CVE-20

[Git][security-tracker-team/security-tracker][master] Mark netatalk as no-dsa and remove from dsa-needed list

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 47e10f5e by Salvatore Bonaccorso at 2023-08-15T07:25:55+02:00 Mark netatalk as no-dsa and remove from dsa-needed list The update was proposed to go trough the upcoming bullseye point release. M

[Git][security-tracker-team/security-tracker][master] netatalk proposed to be fixed trough upcoming bullseye point release

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0c226df6 by Salvatore Bonaccorso at 2023-08-15T07:22:26+02:00 netatalk proposed to be fixed trough upcoming bullseye point release - - - - - 1 changed file: - data/next-oldstable-point-updat

[Git][security-tracker-team/security-tracker][master] Track fixed version for libstb issues via unstable

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7805fb01 by Salvatore Bonaccorso at 2023-08-15T07:18:42+02:00 Track fixed version for libstb issues via unstable - - - - - 1 changed file: - data/CVE/list Changes: ===

[Git][security-tracker-team/security-tracker][master] Track proposed krb5 update for bullseye-pu

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 47719975 by Salvatore Bonaccorso at 2023-08-14T22:55:39+02:00 Track proposed krb5 update for bullseye-pu - - - - - 1 changed file: - data/next-oldstable-point-update.txt Changes:

[Git][security-tracker-team/security-tracker][master] Track proposed krb5 update via bookworm-pu

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 892da885 by Salvatore Bonaccorso at 2023-08-14T22:49:11+02:00 Track proposed krb5 update via bookworm-pu - - - - - 1 changed file: - data/next-point-update.txt Changes: ==

[Git][security-tracker-team/security-tracker][master] Track fixed version for CVE-2023-36054/krb5

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 24e1df94 by Salvatore Bonaccorso at 2023-08-14T22:48:13+02:00 Track fixed version for CVE-2023-36054/krb5 - - - - - 1 changed file: - data/CVE/list Changes: ==

[Git][security-tracker-team/security-tracker][master] Mark CVE-2023-39950 as no-dsa

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: d7d07edf by Salvatore Bonaccorso at 2023-08-14T22:46:32+02:00 Mark CVE-2023-39950 as no-dsa - - - - - 1 changed file: - data/CVE/list Changes: = data/C

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-40359/xterm

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a6dac681 by Salvatore Bonaccorso at 2023-08-14T22:32:06+02:00 Add CVE-2023-40359/xterm - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/li

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 3be41217 by Salvatore Bonaccorso at 2023-08-14T22:31:36+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-40360/qemu

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 8f679666 by Salvatore Bonaccorso at 2023-08-14T22:30:47+02:00 Add CVE-2023-40360/qemu - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/lis

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-4322/radare2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e24ba8b5 by Salvatore Bonaccorso at 2023-08-14T22:30:12+02:00 Add CVE-2023-4322/radare2 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/l

[Git][security-tracker-team/security-tracker][master] Process two NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e3159204 by Salvatore Bonaccorso at 2023-08-14T22:23:17+02:00 Process two NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] Remove notes from CVE-2017-14250 (withdrawn by its CNA)

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a0194f50 by Salvatore Bonaccorso at 2023-08-14T22:21:22+02:00 Remove notes from CVE-2017-14250 (withdrawn by its CNA) - - - - - 1 changed file: - data/CVE/list Changes: ==

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 4b5c8e75 by security tracker role at 2023-08-14T20:13:02+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Annoate note for CVE-2023-34872

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 849dc031 by Salvatore Bonaccorso at 2023-08-14T22:07:48+02:00 Annoate note for CVE-2023-34872 - - - - - 1 changed file: - data/CVE/list Changes: = data

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: bc8c5434 by Salvatore Bonaccorso at 2023-08-14T21:35:11+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-39950/efibootguard

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 188f1e3d by Salvatore Bonaccorso at 2023-08-14T21:15:20+02:00 Add CVE-2023-39950/efibootguard - - - - - 1 changed file: - data/CVE/list Changes: = data

[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40305/indent

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7078e0f9 by Salvatore Bonaccorso at 2023-08-14T20:57:41+02:00 Add Debian bug reference for CVE-2023-40305/indent - - - - - 1 changed file: - data/CVE/list Changes: ===

[Git][security-tracker-team/security-tracker][master] Mark CVE-2023-40305/indent

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 4395c208 by Salvatore Bonaccorso at 2023-08-14T20:51:04+02:00 Mark CVE-2023-40305/indent - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/

[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2023-40303/inetutils

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ccc0d953 by Salvatore Bonaccorso at 2023-08-14T20:48:29+02:00 Add Debian bug reference for CVE-2023-40303/inetutils - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] samba DSA

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c0f00027 by Moritz Mühlenhoff at 2023-08-14T20:19:59+02:00 samba DSA - - - - - 3 changed files: - data/CVE/list - data/DSA/list - data/dsa-needed.txt Changes: ==

[Git][security-tracker-team/security-tracker][master] add openssh

= @@ -138,6 +138,9 @@ openjdk-11 (Emilio) NOTE: 20230802: update prepared for new CPU, waiting for DSA and checking NOTE: 20230802: whether to change jtreg version (pochu) -- +openssh + NOTE: 20230814: Added by Front-Desk (ta) +-- openssl (gladk) NOTE

[Git][security-tracker-team/security-tracker][master] LTS: Remove nodejs from dla-needed.txt.

Guilhem Moulin pushed to branch master at Debian Security Tracker / security-tracker Commits: 39e441c6 by Guilhem Moulin at 2023-08-14T20:13:18+02:00 LTS: Remove nodejs from dla-needed.txt. All CVEs have been postponed or marked as non-affecting buster. New CVEs will be filed for http_parser

[Git][security-tracker-team/security-tracker][master] LTS: take openssl again, it will be uploaded today

Front-Desk (apo) + NOTE: 20230814: ready to be uploaded -- orthanc (gladk) NOTE: 20230812: Added by Front-Desk (Beuc) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c0675d07f033f09cfc930e286b19407ba71a8f7f -- View it on GitLab: https

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-40274/zola, itp'ed

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0bc4a0ea by Salvatore Bonaccorso at 2023-08-14T19:28:06+02:00 Add CVE-2023-40274/zola, itp'ed - - - - - 1 changed file: - data/CVE/list Changes: = data

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: fd37ad0c by Salvatore Bonaccorso at 2023-08-14T19:27:31+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity

Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker Commits: e7cec407 by Roberto C. Sánchez at 2023-08-14T13:14:53-04:00 semi-automatic unclaim after 2 weeks of inactivity Signed-off-by: Roberto C. Sánchez - - - - - 1 changed file

[Git][security-tracker-team/security-tracker][master] CVE-2022-48579,unrar-non-free: Bookworm is not-affected

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker Commits: ea7d3752 by Markus Koschany at 2023-08-14T18:13:53+02:00 CVE-2022-48579,unrar-non-free: Bookworm is not-affected This issue is fixed in 6.2.3. Bookworm has 6.2.6. - - - - - 1 changed file: - dat

[Git][security-tracker-team/security-tracker][master] Add NOTE with patch upstream about CVE-2022-47952/lxc in data/CVE/list

Santiago R.R. pushed to branch master at Debian Security Tracker / security-tracker Commits: 4b195688 by Santiago Ruano Rincón at 2023-08-14T11:20:26-03:00 Add NOTE with patch upstream about CVE-2022-47952/lxc in data/CVE/list - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Reserve DLA-3528-1 for poppler

Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker Commits: a63538a8 by Adrian Bunk at 2023-08-14T15:21:19+03:00 Reserve DLA-3528-1 for poppler - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes: =

[Git][security-tracker-team/security-tracker][master] CVE-2023-34872/poppler does not affect buster or bullseye

Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker Commits: abc23003 by Adrian Bunk at 2023-08-14T14:51:25+03:00 CVE-2023-34872/poppler does not affect buster or bullseye - - - - - 1 changed file: - data/CVE/list Changes: ==

[Git][security-tracker-team/security-tracker][master] data/dla-needed.txt: Claim opendmarc.

Chris Lamb pushed to branch master at Debian Security Tracker / security-tracker Commits: fe2345cc by Chris Lamb at 2023-08-14T11:30:59+01:00 data/dla-needed.txt: Claim opendmarc. - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-need

[Git][security-tracker-team/security-tracker][master] dla: claim w3m

Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker Commits: e93a97df by Sylvain Beucler at 2023-08-14T12:04:24+02:00 dla: claim w3m - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt =

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e6af1116 by Salvatore Bonaccorso at 2023-08-14T10:27:50+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-40283/linux

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e4531066 by Salvatore Bonaccorso at 2023-08-14T10:35:45+02:00 Add CVE-2023-40283/linux - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/li

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-40303/inetutils

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 86e2e2af by Salvatore Bonaccorso at 2023-08-14T10:20:23+02:00 Add CVE-2023-40303/inetutils - - - - - 1 changed file: - data/CVE/list Changes: = data/CV

[Git][security-tracker-team/security-tracker][master] Add CVE-2023-40305/indent

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 499396d9 by Salvatore Bonaccorso at 2023-08-14T10:18:49+02:00 Add CVE-2023-40305/indent - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/l

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: f4b6d1d3 by security tracker role at 2023-08-14T08:12:18+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list