[Secure-testing-commits] r42924 - in data: . CVE
Markus Koschany
apo at moszumanska.debian.org
Thu Jun 30 18:33:36 UTC 2016
Author: apo
Date: 2016-06-30 18:33:36 +0000 (Thu, 30 Jun 2016)
New Revision: 42924
Modified:
data/CVE/list
data/dla-needed.txt
Log:
CVE-2015-5211: Mark as no-dsa for Wheezy
and remove libspring-java and libjackson-json-java from dla-needed.txt
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-06-30 18:19:28 UTC (rev 42923)
+++ data/CVE/list 2016-06-30 18:33:36 UTC (rev 42924)
@@ -28070,8 +28070,10 @@
RESERVED
- libspring-java <unfixed>
[jessie] - libspring-java <no-dsa> (Minor issue)
+ [wheezy] - libspring-java <no-dsa> (Minor issue)
- libjackson-json-java <unfixed>
[jessie] - libjackson-json-java <no-dsa> (Minor issue)
+ [wheezy] - libjackson-json-java <no-dsa> (Minor issue)
NOTE: https://jira.spring.io/browse/SPR-13548
NOTE: https://github.com/spring-projects/spring-framework/commit/2bd1da
NOTE: https://github.com/spring-projects/spring-framework/commit/a95c3d
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-06-30 18:19:28 UTC (rev 42923)
+++ data/dla-needed.txt 2016-06-30 18:33:36 UTC (rev 42924)
@@ -49,16 +49,10 @@
https://marc.info/?l=oss-security&m=146685931517961&w=2 claims
that 0.47 & 1.0 are affected and wheezy has 0.48.
--
-libjackson-json-java
---
libjgroups-java
--
libreoffice
--
-libspring-java
- The JSON/JaF doesn't appear to be present in wheezy but the
- content-disposition stuff might be.
---
linux
--
mat
More information about the Secure-testing-commits
mailing list