[Secure-testing-commits] r37948 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Nov 27 15:45:12 UTC 2015
Author: carnil
Date: 2015-11-27 15:45:10 +0000 (Fri, 27 Nov 2015)
New Revision: 37948
Modified:
data/CVE/list
Log:
Remove workaround entry for CVE-2014-3660
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-11-27 15:21:19 UTC (rev 37947)
+++ data/CVE/list 2015-11-27 15:45:10 UTC (rev 37948)
@@ -39111,7 +39111,6 @@
- jenkins 1.565.3-1 (bug #763899)
CVE-2014-3660 (parser.c in libxml2 before 2.9.2 does not properly prevent entity ...)
{DSA-2978-2 DSA-3057-1 DLA-151-1 DLA-80-1}
- [stretch] - libxml2 2.9.1+dfsg1-5
[jessie] - libxml2 2.9.1+dfsg1-5
- libxml2 2.9.2+dfsg1-1 (bug #765722)
NOTE: https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html
@@ -39119,7 +39118,6 @@
NOTE: Beware the upstream patch relies on other commits not
NOTE: available in the squeeze/wheezy version (at least cff2546f that
NOTE: changes how the ent->checked variable is used and likely a3f1e3e5 too)
- NOTE: stretch tagged entry added as workaround until 2.9.2+dfsg1-1 migrates to testing
CVE-2014-3659
REJECTED
CVE-2014-3658
More information about the Secure-testing-commits
mailing list