[Secure-testing-commits] r39096 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Jan 23 06:01:20 UTC 2016
Author: carnil
Date: 2016-01-23 06:01:20 +0000 (Sat, 23 Jan 2016)
New Revision: 39096
Modified:
data/CVE/list
Log:
Mark CVE-2015-4737/mariadb-10.0 as not-affected
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-01-23 05:34:04 UTC (rev 39095)
+++ data/CVE/list 2016-01-23 06:01:20 UTC (rev 39096)
@@ -16138,12 +16138,13 @@
{DSA-3308-1 DLA-359-1}
- mysql-5.6 5.6.25-2
- mysql-5.5 <unfixed> (bug #792445)
- - mariadb-10.0 <unfixed>
- [jessie] - mariadb-10.0 <no-dsa> (Can be fixed along in a future mariadb DSA)
+ - mariadb-10.0 <not-affected>
NOTE: Possibly related to https://github.com/mysql/mysql-server/commit/c655515d
NOTE: http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html#AppendixMSQL
NOTE: https://lists.launchpad.net/maria-developers/msg08985.html
NOTE: https://mariadb.atlassian.net/browse/MDEV-8269
+ NOTE: Marked as not-affected for MariaDB since Oracle has given no evidence of
+ NOTE: affecting MariaDB to their developers.
CVE-2015-4736 (Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows ...)
- openjdk-7 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
More information about the Secure-testing-commits
mailing list