[Secure-testing-commits] r47423 - in data: . DLA
Andreas Metzler
ametzler at moszumanska.debian.org
Sun Dec 25 10:49:35 UTC 2016
Author: ametzler
Date: 2016-12-25 10:49:35 +0000 (Sun, 25 Dec 2016)
New Revision: 47423
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-762-1 for exim4
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2016-12-25 10:44:55 UTC (rev 47422)
+++ data/DLA/list 2016-12-25 10:49:35 UTC (rev 47423)
@@ -1,3 +1,6 @@
+[25 Dec 2016] DLA-762-1 exim4 - security update
+ {CVE-2016-9963}
+ [wheezy] - exim4 4.80-7+deb7u4
[24 Dec 2016] DLA-761-1 python-bottle - security update
{CVE-2016-9964}
[wheezy] - python-bottle 0.10.11-1+deb7u2
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-12-25 10:44:55 UTC (rev 47422)
+++ data/dla-needed.txt 2016-12-25 10:49:35 UTC (rev 47423)
@@ -20,10 +20,6 @@
botan1.10
NOTE: Jessie has almost identical code. Looks hard to exploit but worth fixing.
--
-exim4 (Andreas Metzler)
- NOTE: The information about CVE-2016-9963 is not public. However the
- NOTE: vulnerability is confirmed to exist in oldstable.
---
graphicsmagick
NOTE: seems only a single memory/CPU DOS at this point, maybe wait for more issues?
NOTE: DLA-547-1 also did not fix CVE-2016-5240 so should be included in next upload.
More information about the Secure-testing-commits
mailing list