[Secure-testing-commits] r43241 - in data: . CVE
Thorsten Alteholz
alteholz at moszumanska.debian.org
Sat Jul 16 18:02:44 UTC 2016
Author: alteholz
Date: 2016-07-16 18:02:44 +0000 (Sat, 16 Jul 2016)
New Revision: 43241
Modified:
data/CVE/list
data/dla-needed.txt
Log:
zone transfers should be done in trusted environments, so mark this as no-dsa like in Jessie
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-07-16 17:00:16 UTC (rev 43240)
+++ data/CVE/list 2016-07-16 18:02:44 UTC (rev 43241)
@@ -275,6 +275,7 @@
CVE-2016-6170 (ISC BIND through 9.9.9-P1, 9.10.x through 9.10.4-P1, and 9.11.x ...)
- bind9 <unfixed> (bug #830810)
[jessie] - bind9 <no-dsa> (Minor issue)
+ [wheezy] - bind9 <no-dsa> (Minor issue)
NOTE: Fixed by https://github.com/sischkg/xfer-limit/blob/master/bind-9.10.3-xfer-limit-0.0.1.patch
NOTE: Fixed by https://github.com/sischkg/xfer-limit/blob/master/bind-9.9.9-P1-xfer-limit-0.0.1.patch
CVE-2016-6163 [read out-of-bounds in librsvg2 (a dependency of gdk-pixbuf used to render svg images).]
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-07-16 17:00:16 UTC (rev 43240)
+++ data/dla-needed.txt 2016-07-16 18:02:44 UTC (rev 43241)
@@ -11,8 +11,6 @@
--
asterisk (Thorsten Alteholz)
--
-bind9
---
binutils (Brian May)
--
binutils-h8300-hms
More information about the Secure-testing-commits
mailing list