[Git][security-tracker-team/security-tracker][master] Add CVE-2020-6923/hplip

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 1629346d by Salvatore Bonaccorso at 2024-12-24T07:29:47+01:00 Add CVE-2020-6923/hplip The issue has only very little information but the HP advisory claims its fixed in 3.20.9 upstream. A such

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 81c9aed1 by Salvatore Bonaccorso at 2024-12-24T07:24:08+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Associate CVE-2024-23945 with apache-spark, itp'ed

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: eae3cc31 by Salvatore Bonaccorso at 2024-12-24T07:19:20+01:00 Associate CVE-2024-23945 with apache-spark, itp'ed Actually the CVE covers Apache Spark and Apache Hive project. We have an ITP for

[Git][security-tracker-team/security-tracker][master] Track proposed update for pypy3 via bookworm-pu

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: faad3e27 by Salvatore Bonaccorso at 2024-12-24T07:06:42+01:00 Track proposed update for pypy3 via bookworm-pu Note for reviewers: We actually do not track all the mentioned CVEs for pypy3 as we

[Git][security-tracker-team/security-tracker][master] Track proposed update for opensc via bookworm-pu

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0bcbdc9d by Salvatore Bonaccorso at 2024-12-24T07:03:31+01:00 Track proposed update for opensc via bookworm-pu - - - - - 1 changed file: - data/next-point-update.txt Changes:

[Git][security-tracker-team/security-tracker][master] dla: retake

Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker Commits: ab556afb by Adrian Bunk at 2024-12-24T00:24:43+02:00 dla: retake - - - - - 1 changed file: - data/dla-needed.txt Changes: = data/dla-needed.txt

[Git][security-tracker-team/security-tracker][master] webkit2gtk / wpewebkit upstream advisory WSA-2024-0008

Alberto Garcia pushed to branch master at Debian Security Tracker / security-tracker Commits: 8ac7528e by Alberto Garcia at 2024-12-23T23:08:04+01:00 webkit2gtk / wpewebkit upstream advisory WSA-2024-0008 - - - - - 3 changed files: - data/CVE/list - data/DSA/list - data/dsa-needed.txt Ch

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: c9995263 by Salvatore Bonaccorso at 2024-12-23T22:39:37+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 5e131da5 by Salvatore Bonaccorso at 2024-12-23T22:38:16+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Add two new jinja2 issues

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 82d5281b by Salvatore Bonaccorso at 2024-12-23T21:51:51+01:00 Add two new jinja2 issues - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/l

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 652c502f by Salvatore Bonaccorso at 2024-12-23T21:51:19+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Update status for CVE-2024-40896/libxml2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 7fef7134 by Salvatore Bonaccorso at 2024-12-23T21:44:11+01:00 Update status for CVE-2024-40896/libxml2 - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Update references for CVE-2024-40896/libmxml2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: a3bb3c35 by Salvatore Bonaccorso at 2024-12-23T21:33:46+01:00 Update references for CVE-2024-40896/libmxml2 - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Add CVE-2024-40896/libxml2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 0156aa52 by Salvatore Bonaccorso at 2024-12-23T21:21:12+01:00 Add CVE-2024-40896/libxml2 - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 797b5cf7 by security tracker role at 2024-12-23T20:14:28+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for CVE-2024-56378/poppler

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: ff098c52 by Salvatore Bonaccorso at 2024-12-23T20:58:30+01:00 Add Debian bug reference for CVE-2024-56378/poppler - - - - - 1 changed file: - data/CVE/list Changes: ==

[Git][security-tracker-team/security-tracker][master] Add Debian bug references for logback issues

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b19ee921 by Salvatore Bonaccorso at 2024-12-23T20:54:27+01:00 Add Debian bug references for logback issues - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] remove TODO, nothing really actionable there

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 5debe959 by Moritz Muehlenhoff at 2024-12-23T20:52:54+01:00 remove TODO, nothing really actionable there - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Reference upstream commit for CVE-2024-12801/logback

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 54df7ada by Salvatore Bonaccorso at 2024-12-23T20:41:13+01:00 Reference upstream commit for CVE-2024-12801/logback - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] Reference fix for CVE-2024-12798 (removing the JaninoEventEvaluator completely)

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 67f8dfcf by Salvatore Bonaccorso at 2024-12-23T20:37:59+01:00 Reference fix for CVE-2024-12798 (removing the JaninoEventEvaluator completely) - - - - - 1 changed file: - data/CVE/list Chan

[Git][security-tracker-team/security-tracker][master] Update information for CVE-2024-11858/radare2

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 19cdcaa7 by Salvatore Bonaccorso at 2024-12-23T20:31:07+01:00 Update information for CVE-2024-11858/radare2 - - - - - 1 changed file: - data/CVE/list Changes:

[Git][security-tracker-team/security-tracker][master] Add upstream tag information for upstream commit in CVE-2016-10506

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: b1a395a9 by Salvatore Bonaccorso at 2024-12-23T20:29:49+01:00 Add upstream tag information for upstream commit in CVE-2016-10506 - - - - - 1 changed file: - data/CVE/list Changes: ===

[Git][security-tracker-team/security-tracker][master] don't mention CVE-2024-23984, as the main DLA was DLA-3964-1.

Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker Commits: e8450ed8 by Tobias Frost at 2024-12-23T20:25:54+01:00 don't mention CVE-2024-23984, as the main DLA was DLA-3964-1. - - - - - 1 changed file: - data/DLA/list Changes:

[Git][security-tracker-team/security-tracker][master] Add CVEs to DLA-4002-1

Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker Commits: fc930d49 by Tobias Frost at 2024-12-23T19:59:33+01:00 Add CVEs to DLA-4002-1 - - - - - 1 changed file: - data/DLA/list Changes: = data/DLA/list ===

[Git][security-tracker-team/security-tracker][master] 2 commits: Update mbedtls embeds

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: e2ce003d by Travis Wrightsman at 2024-12-23T19:42:08+01:00 Update mbedtls embeds - - - - - 8c7ff5d0 by Salvatore Bonaccorso at 2024-12-23T18:44:16+00:00 Merge branch 'master' into 'master' Upd

[Git][security-tracker-team/security-tracker][master] Reserve DLA-4002-1 for intel-microcode

Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker Commits: ff2b6a59 by Tobias Frost at 2024-12-23T19:40:34+01:00 Reserve DLA-4002-1 for intel-microcode - - - - - 2 changed files: - data/DLA/list - data/dla-needed.txt Changes:

[Git][security-tracker-team/security-tracker][master] LTS: claim intel-microcode in dla-needed.txt

Tobias Frost pushed to branch master at Debian Security Tracker / security-tracker Commits: 579ff2fa by Tobias Frost at 2024-12-23T16:53:20+01:00 LTS: claim intel-microcode in dla-needed.txt - - - - - 1 changed file: - data/dla-needed.txt Changes: = da

[Git][security-tracker-team/security-tracker][master] CVE-2016-10506 is fixed

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: ae766194 by Moritz Muehlenhoff at 2024-12-23T15:59:32+01:00 CVE-2016-10506 is fixed - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ==

[Git][security-tracker-team/security-tracker][master] new rust-kvm-ioctls issue

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 867a2a5a by Moritz Muehlenhoff at 2024-12-23T15:36:42+01:00 new rust-kvm-ioctls issue - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] new rust-glib issue

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: ae2b91e9 by Moritz Muehlenhoff at 2024-12-23T15:34:10+01:00 new rust-glib issue - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ==

[Git][security-tracker-team/security-tracker][master] semi-automatic unclaim after 2 weeks of inactivity

Roberto C. Sánchez pushed to branch master at Debian Security Tracker / security-tracker Commits: 2eec1b5d by Roberto C. Sánchez at 2024-12-23T09:03:24-05:00 semi-automatic unclaim after 2 weeks of inactivity Signed-off-by: Roberto C. Sánchez - - - - - 1 changed file:

[Git][security-tracker-team/security-tracker][master] bookworm triage

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 4c97f2d7 by Moritz Muehlenhoff at 2024-12-23T12:57:57+01:00 bookworm triage - - - - - 2 changed files: - data/CVE/list - data/dsa-needed.txt Changes: = d

[Git][security-tracker-team/security-tracker][master] xen fixed in sid

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 64e2ebf0 by Moritz Muehlenhoff at 2024-12-23T12:48:44+01:00 xen fixed in sid - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] Track fixes for opensc via unstable

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 78ecaa84 by Salvatore Bonaccorso at 2024-12-23T10:46:36+01:00 Track fixes for opensc via unstable - - - - - 1 changed file: - data/CVE/list Changes: =

[Git][security-tracker-team/security-tracker][master] FNM fixed in sid

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c955e6d7 by Moritz Muehlenhoff at 2024-12-23T10:39:25+01:00 FNM fixed in sid - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] new poppler issue

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 94aed0aa by Moritz Muehlenhoff at 2024-12-23T09:37:48+01:00 new poppler issue - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list

[Git][security-tracker-team/security-tracker][master] "new" radare2 issue

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: 6d7a5f7a by Moritz Muehlenhoff at 2024-12-23T09:29:10+01:00 "new" radare2 issue - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list ==

[Git][security-tracker-team/security-tracker][master] Add CVE-2024-56375/fort-validator

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: dcdf25ca by Salvatore Bonaccorso at 2024-12-23T09:22:14+01:00 Add CVE-2024-56375/fort-validator - - - - - 1 changed file: - data/CVE/list Changes: = da

[Git][security-tracker-team/security-tracker][master] new fort-validator issue

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: c32ced21 by Moritz Muehlenhoff at 2024-12-23T09:20:28+01:00 new fort-validator issue - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker Commits: d4a35668 by Moritz Muehlenhoff at 2024-12-23T09:16:50+01:00 NFUs - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list =

[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker Commits: 61681df9 by security tracker role at 2024-12-23T08:12:02+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: = data/CVE/list