[Secure-testing-commits] r43393 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2016-07-23 08:22:51 +0000 (Sat, 23 Jul 2016)
New Revision: 43393

Modified:
   data/CVE/list
Log:
Mark dietlibc as no-dsa

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-07-23 08:02:51 UTC (rev 43392)
+++ data/CVE/list	2016-07-23 08:22:51 UTC (rev 43393)
@@ -273,8 +273,11 @@
 	NOTE: Furthermore pidgin in Debian is not compiled to use GnuTLS (--enable-gnutls=no)
 CVE-2016-XXXX [insecure default PATH]
 	- dietlibc 0.34~cvs20160606-2
+	[jessie] - dietlibc <no-dsa> (Can be scheduled through jessie point release)
 	[wheezy] - dietlibc 0.33~cvs20120325-4+deb7u1
 	NOTE: Workaround entry for DLA-557-1 until CVE is assigned
+	NOTE: Following reverse dependencies need to be recompiled: minit (wheezy, jessie),
+	NOTE: util-vserver (jessie, sid), mksh (wheezy, jessie, sid, experimental)
 	NOTE: http://news.gmane.org/find-root.php?message_id=alpine.DEB.2.20.1607181048300.24083%40tglase.lan.tarent.de
 CVE-2016-6250 [Integer overflow when verifying filename size]
 	RESERVED