[Secure-testing-commits] r41839 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed May 18 16:02:01 UTC 2016
Author: carnil
Date: 2016-05-18 16:02:01 +0000 (Wed, 18 May 2016)
New Revision: 41839
Modified:
data/CVE/list
Log:
Mark jq issues as no-dsa
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-05-18 15:52:44 UTC (rev 41838)
+++ data/CVE/list 2016-05-18 16:02:01 UTC (rev 41839)
@@ -1803,6 +1803,7 @@
NOT-FOR-US: Foxit
CVE-2016-4074 (The jv_dump_term function in jq 1.5 allows remote attackers to cause a ...)
- jq <unfixed> (bug #822456)
+ [jessie] - jq <no-dsa> (Minor issue)
NOTE: https://github.com/stedolan/jq/issues/1136
NOTE: http://www.openwall.com/lists/oss-security/2016/04/24/3
CVE-2016-4069 [Protect download urls against CSRF using unique request tokens]
@@ -2021,6 +2022,7 @@
NOTE: http://www.openwall.com/lists/oss-security/2016/04/20/5
CVE-2015-8863 (Off-by-one error in the tokenadd function in jv_parse.c in jq allows ...)
- jq <unfixed> (bug #802231)
+ [jessie] - jq <no-dsa> (Minor issue)
NOTE: https://github.com/stedolan/jq/issues/995
NOTE: https://github.com/stedolan/jq/commit/8eb1367ca44e772963e704a700ef72ae2e12babd
NOTE: http://www.openwall.com/lists/oss-security/2016/04/23/1
More information about the Secure-testing-commits
mailing list