[Secure-testing-commits] r47262 - in data: . DLA
Balint Reczey
rbalint at moszumanska.debian.org
Tue Dec 20 23:01:36 UTC 2016
Author: rbalint
Date: 2016-12-20 23:01:35 +0000 (Tue, 20 Dec 2016)
New Revision: 47262
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Claim DLA-755-1 for dcmtk (CVE-2015-8979)
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2016-12-20 22:32:05 UTC (rev 47261)
+++ data/DLA/list 2016-12-20 23:01:35 UTC (rev 47262)
@@ -1,3 +1,6 @@
+[21 Dec 2016] DLA-755-1 dcmtk - security update
+ {CVE-2015-8979}
+ [wheezy] - dcmtk 3.6.0-12+deb7u1
[20 Dec 2016] DLA-754-1 tor - security update
{CVE-2016-1254}
[wheezy] - tor 0.2.4.27-3
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-12-20 22:32:05 UTC (rev 47261)
+++ data/dla-needed.txt 2016-12-20 23:01:35 UTC (rev 47262)
@@ -15,10 +15,6 @@
botan1.10
NOTE: Jessie has almost identical code. Looks hard to exploit but worth fixing.
--
-dcmtk (Balint Reczey)
- NOTE: Gert Wollny is interested in fixing it but not before the beginning of 2017.
- NOTE: https://lists.debian.org/debian-lts/2016/12/msg00105.html
---
graphicsmagick
NOTE: seems only a single memory/CPU DOS at this point, maybe wait for more issues?
NOTE: DLA-547-1 also did not fix CVE-2016-5240 so should be included in next upload.
More information about the Secure-testing-commits
mailing list