[Secure-testing-commits] r35776 - in data: . CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Wed Jul 29 18:14:51 UTC 2015 

Author: jmm
Date: 2015-07-29 18:14:51 +0000 (Wed, 29 Jul 2015)
New Revision: 35776

Modified:
   data/CVE/list
   data/dsa-needed.txt
   data/next-oldstable-point-update.txt
   data/next-point-update.txt
Log:
groovy no-dsa, the rdepds in Debian make this rather harmless


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-07-29 16:37:44 UTC (rev 35775)
+++ data/CVE/list	2015-07-29 18:14:51 UTC (rev 35776)
@@ -6263,7 +6263,10 @@
 	RESERVED
 	{DLA-274-1}
 	- groovy <unfixed> (bug #793397)
+	[wheezy] - groovy <no-dsa> (Minor impact given the rdeps, will be fixed in a point update)
+	[jessie] - groovy <no-dsa> (Minor impact given the rdeps, will be fixed in a point update)
 	- groovy2 2.2.2+dfsg-5 (bug #793398)
+	[jessie] - groovy2 <no-dsa> (Minor impact given the rdeps, will be fixed in a point update)
 CVE-2015-3252
 	RESERVED
 CVE-2015-3251

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2015-07-29 16:37:44 UTC (rev 35775)
+++ data/dsa-needed.txt	2015-07-29 18:14:51 UTC (rev 35776)
@@ -29,11 +29,6 @@
 glibc (aurel32)
   some of the other no-dsa bugs could be fixed along
 --
-groovy
---
-groovy2
-  Maintainer proposed to to a jessie-pu upload instead due to low popcon, cf. #793688
---
 icedove
 --
 icu (ghedo)

Modified: data/next-oldstable-point-update.txt
===================================================================
--- data/next-oldstable-point-update.txt	2015-07-29 16:37:44 UTC (rev 35775)
+++ data/next-oldstable-point-update.txt	2015-07-29 18:14:51 UTC (rev 35776)
@@ -87,3 +87,5 @@
 CVE-2010-XXXX [mediatomb directory traversal]
 	[wheezy] - mediatomb 0.12.1-4+deb7u1
 	NOTE: fix for #580120
+CVE-2015-3253
+	[wheezy] - groovy 1.8.6-1+deb7u1

Modified: data/next-point-update.txt
===================================================================
--- data/next-point-update.txt	2015-07-29 16:37:44 UTC (rev 35775)
+++ data/next-point-update.txt	2015-07-29 18:14:51 UTC (rev 35776)
@@ -18,4 +18,6 @@
 CVE-2015-XXXX [ansible zone/chroot/jail escape]
 	[jessie] - ansible 1.7.2+dfsg-2+deb8u1
 CVE-2015-3908
-	[jessie] - ansible 1.7.2+dfsg-2+deb8u1
+	[jessie] - groovy 1.8.6-4+deb8u1
+	[jessie] - groovy2 2.2.2+dfsg-3+deb8u1
+

More information about the Secure-testing-commits mailing list