[Secure-testing-commits] r47536 - in data: . DLA
Balint Reczey
rbalint at moszumanska.debian.org
Thu Dec 29 01:43:44 UTC 2016
Author: rbalint
Date: 2016-12-29 01:43:44 +0000 (Thu, 29 Dec 2016)
New Revision: 47536
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Claim DLA-767-1 for curl (CVE-2016-9586)
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2016-12-28 22:27:12 UTC (rev 47535)
+++ data/DLA/list 2016-12-29 01:43:44 UTC (rev 47536)
@@ -1,3 +1,6 @@
+[29 Dec 2016] DLA-767-1 curl - security update
+ {CVE-2016-9586}
+ [wheezy] - curl 7.26.0-1+wheezy18
[27 Dec 2016] DLA-766-1 libcrypto++ - security update
{CVE-2016-9939}
[wheezy] - libcrypto++ 5.6.1-6+deb7u3
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-12-28 22:27:12 UTC (rev 47535)
+++ data/dla-needed.txt 2016-12-29 01:43:44 UTC (rev 47536)
@@ -21,8 +21,6 @@
botan1.10
NOTE: Jessie has almost identical code. Looks hard to exploit but worth fixing.
--
-curl (Balint Reczey)
---
graphicsmagick
NOTE: seems only a single memory/CPU DOS at this point, maybe wait for more issues?
NOTE: DLA-547-1 also did not fix CVE-2016-5240 so should be included in next upload.
More information about the Secure-testing-commits
mailing list