[Secure-testing-commits] r42308 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Jun 4 14:37:40 UTC 2016 

Author: carnil
Date: 2016-06-04 14:37:40 +0000 (Sat, 04 Jun 2016)
New Revision: 42308

Modified:
   data/CVE/list
Log:
Add fixes for final wheezy point release

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-06-04 14:34:02 UTC (rev 42307)
+++ data/CVE/list	2016-06-04 14:37:40 UTC (rev 42308)
@@ -3630,7 +3630,7 @@
 CVE-2016-XXXX [ZF2016-01: Potential Insufficient Entropy Vulnerability in ZF1]
 	- zendframework 1.12.18+dfsg-1
 	[jessie] - zendframework 1.12.9+dfsg-2+deb8u6
-	[wheezy] - zendframework <no-dsa> (Minor issue)
+	[wheezy] - zendframework 1.11.13-1.1+deb7u6
 	NOTE: http://framework.zend.com/security/advisory/ZF2016-01
 CVE-2016-4013
 	RESERVED
@@ -3792,7 +3792,7 @@
 	RESERVED
 	- libcrypto++ 5.6.3-6
 	[jessie] - libcrypto++ 5.6.1-6+deb8u2
-	[wheezy] - libcrypto++ <no-dsa> (Minor issue)
+	[wheezy] - libcrypto++ 5.6.1-6+deb7u2
 	NOTE: https://github.com/weidai11/cryptopp/issues/146
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/10/6
 	NOTE: Initial upload in 5.6.3-5 was incomplete
@@ -17370,7 +17370,7 @@
 	[jessie] - gtk+2.0 <no-dsa> (Minor issue; will be fixed via jessie-pu)
 	[wheezy] - gtk+2.0 <no-dsa> (Minor issue; can be fixed via wheezy-pu)
 	- gtk+3.0 3.10.7-1 (bug #818090)
-	[wheezy] - gtk+3.0 <no-dsa> (Minor issue; can be fixed via wheezy-pu)
+	[wheezy] - gtk+3.0 3.4.2-7+deb7u1
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=703220
 	NOTE: Fixed by: https://git.gnome.org/browse/gtk+/commit?id=894b1ae76a32720f4bb3d39cf460402e3ce331d6
 	TODO: check other source packages (eom, gnome-photos, eog, gambas3, thunar, pinpoint, gtk+2.0)
@@ -31318,7 +31318,7 @@
 	{DLA-274-1}
 	- groovy <unfixed> (bug #793397)
 	[jessie] - groovy 1.8.6-4+deb8u1
-	[wheezy] - groovy <no-dsa> (Minor impact given the rdeps, will be fixed in a point update)
+	[wheezy] - groovy 1.8.6-1+deb7u1
 	- groovy2 2.2.2+dfsg-5 (bug #793398)
 	[jessie] - groovy2 2.2.2+dfsg-3+deb8u1
 CVE-2015-3252 (Apache CloudStack before 4.5.2 does not properly preserve VNC ...)

More information about the Secure-testing-commits mailing list