[Secure-testing-commits] r41839 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed May 18 16:02:01 UTC 2016


Author: carnil
Date: 2016-05-18 16:02:01 +0000 (Wed, 18 May 2016)
New Revision: 41839

Modified:
   data/CVE/list
Log:
Mark jq issues as no-dsa

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-05-18 15:52:44 UTC (rev 41838)
+++ data/CVE/list	2016-05-18 16:02:01 UTC (rev 41839)
@@ -1803,6 +1803,7 @@
 	NOT-FOR-US: Foxit
 CVE-2016-4074 (The jv_dump_term function in jq 1.5 allows remote attackers to cause a ...)
 	- jq <unfixed> (bug #822456)
+	[jessie] - jq <no-dsa> (Minor issue)
 	NOTE: https://github.com/stedolan/jq/issues/1136
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/24/3
 CVE-2016-4069 [Protect download urls against CSRF using unique request tokens]
@@ -2021,6 +2022,7 @@
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/20/5
 CVE-2015-8863 (Off-by-one error in the tokenadd function in jv_parse.c in jq allows ...)
 	- jq <unfixed> (bug #802231)
+	[jessie] - jq <no-dsa> (Minor issue)
 	NOTE: https://github.com/stedolan/jq/issues/995
 	NOTE: https://github.com/stedolan/jq/commit/8eb1367ca44e772963e704a700ef72ae2e12babd
 	NOTE: http://www.openwall.com/lists/oss-security/2016/04/23/1




More information about the Secure-testing-commits mailing list