[Secure-testing-commits] r38372 - in data: . CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Wed Dec 16 22:08:49 UTC 2015
Author: hertzog
Date: 2015-12-16 22:08:49 +0000 (Wed, 16 Dec 2015)
New Revision: 38372
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Reclassify CVE-2015-8538/squeeze as not-affected
See https://lists.debian.org/20151215191827.GB13041@taz.looney
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-12-16 21:47:24 UTC (rev 38371)
+++ data/CVE/list 2015-12-16 22:08:49 UTC (rev 38372)
@@ -1162,6 +1162,7 @@
- dwarfutils <unfixed> (bug #807817)
[jessie] - dwarfutils <no-dsa> (Minor issue)
[wheezy] - dwarfutils <no-dsa> (Minor issue)
+ [squeeze] - dwarfutils <not-affected> (No segfault with provided test case)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1289385
NOTE: http://www.openwall.com/lists/oss-security/2015/12/09/2
NOTE: http://sourceforge.net/p/libdwarf/code/ci/da724a0bc5eec8e9ec0b0cb0c238a80e34466459/
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2015-12-16 21:47:24 UTC (rev 38371)
+++ data/dla-needed.txt 2015-12-16 22:08:49 UTC (rev 38372)
@@ -18,9 +18,6 @@
dbconfig-common
NOTE: maintainer should take care of this, cf https://lists.debian.org/565626BF.2010307@debian.org
--
-dwarfutils (Troy Heber)
- NOTE: exploit does not crash dwarfutils but _dwarf_get_abbrev_for_code lacks the check
---
foomatic-filters
--
libpng (Thorsten Alteholz)
More information about the Secure-testing-commits
mailing list