[Secure-testing-commits] r43212 - in data: CVE DLA

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Jul 15 07:28:03 UTC 2016


Author: carnil
Date: 2016-07-15 07:28:03 +0000 (Fri, 15 Jul 2016)
New Revision: 43212

Modified:
   data/CVE/list
   data/DLA/list
Log:
Remove CVE-2015-0851 reference

opensaml2 is not affected by the CVE, but it needed a rebuild against a
fixed version of xmltooling. Thus keep the DLA entry but do not
reference the CVE as affecting the source package.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-07-15 07:10:16 UTC (rev 43211)
+++ data/CVE/list	2016-07-15 07:28:03 UTC (rev 43212)
@@ -42775,7 +42775,7 @@
 	NOTE: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginPCX.cpp?r1=1.17&r2=1.18&pathrev=MAIN
 	NOTE: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginPCX.cpp?r1=1.18&r2=1.19&pathrev=MAIN
 CVE-2015-0851 (XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth ...)
-	{DSA-3321-1 DLA-290-2 DLA-290-1}
+	{DSA-3321-1 DLA-290-1}
 	- xmltooling 1.5.6-1 (bug #793855)
 	NOTE: http://shibboleth.net/community/advisories/secadv_20150721.txt
 	NOTE: Patch: https://git.shibboleth.net/view/?p=cpp-xmltooling.git;a=commitdiff;h=2d795c731e6729309044607154978696a87fd900

Modified: data/DLA/list
===================================================================
--- data/DLA/list	2016-07-15 07:10:16 UTC (rev 43211)
+++ data/DLA/list	2016-07-15 07:28:03 UTC (rev 43212)
@@ -775,7 +775,6 @@
 [12 Aug 2015] DLA-291-1 libidn - security update
 	[squeeze] - libidn 1.15-2+deb6u2
 [10 Aug 2015] DLA-290-2 opensaml2 - security update
-	{CVE-2015-0851}
 	[squeeze] - opensaml2 2.3-2+squeeze2
 [09 Aug 2015] DLA-290-1 xmltooling - security update
 	{CVE-2015-0851}




More information about the Secure-testing-commits mailing list