[Secure-testing-commits] r43212 - in data: CVE DLA
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Jul 15 07:28:03 UTC 2016
Author: carnil
Date: 2016-07-15 07:28:03 +0000 (Fri, 15 Jul 2016)
New Revision: 43212
Modified:
data/CVE/list
data/DLA/list
Log:
Remove CVE-2015-0851 reference
opensaml2 is not affected by the CVE, but it needed a rebuild against a
fixed version of xmltooling. Thus keep the DLA entry but do not
reference the CVE as affecting the source package.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-15 07:10:16 UTC (rev 43211)
+++ data/CVE/list 2016-07-15 07:28:03 UTC (rev 43212)
@@ -42775,7 +42775,7 @@
NOTE: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginPCX.cpp?r1=1.17&r2=1.18&pathrev=MAIN
NOTE: http://freeimage.cvs.sourceforge.net/viewvc/freeimage/FreeImage/Source/FreeImage/PluginPCX.cpp?r1=1.18&r2=1.19&pathrev=MAIN
CVE-2015-0851 (XMLTooling-C before 1.5.5, as used in OpenSAML-C and Shibboleth ...)
- {DSA-3321-1 DLA-290-2 DLA-290-1}
+ {DSA-3321-1 DLA-290-1}
- xmltooling 1.5.6-1 (bug #793855)
NOTE: http://shibboleth.net/community/advisories/secadv_20150721.txt
NOTE: Patch: https://git.shibboleth.net/view/?p=cpp-xmltooling.git;a=commitdiff;h=2d795c731e6729309044607154978696a87fd900
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2016-07-15 07:10:16 UTC (rev 43211)
+++ data/DLA/list 2016-07-15 07:28:03 UTC (rev 43212)
@@ -775,7 +775,6 @@
[12 Aug 2015] DLA-291-1 libidn - security update
[squeeze] - libidn 1.15-2+deb6u2
[10 Aug 2015] DLA-290-2 opensaml2 - security update
- {CVE-2015-0851}
[squeeze] - opensaml2 2.3-2+squeeze2
[09 Aug 2015] DLA-290-1 xmltooling - security update
{CVE-2015-0851}
More information about the Secure-testing-commits
mailing list