[Secure-testing-commits] r45895 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Nov 2 19:37:39 UTC 2016
Author: carnil
Date: 2016-11-02 19:37:39 +0000 (Wed, 02 Nov 2016)
New Revision: 45895
Modified:
data/CVE/list
Log:
Mark bsdiff as no-dsa for jessie, can be fixed via point release
Note: Main use of bsdiff seem to be via reverse dependencies like
debdelta. For the other cases it might be sufficient to have the fix
included in the point release.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-02 19:37:28 UTC (rev 45894)
+++ data/CVE/list 2016-11-02 19:37:39 UTC (rev 45895)
@@ -11816,6 +11816,7 @@
RESERVED
CVE-2014-9862 (Integer signedness error in bspatch.c in bspatch in bsdiff, as used in ...)
- bsdiff 4.3-17
+ [jessie] - bsdiff <no-dsa> (Minor issue; can be fixed via point release)
NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=372525
CVE-2016-5361 (programs/pluto/ikev1.c in libreswan before 3.17 retransmits in ...)
- libreswan <itp> (bug #773459)
More information about the Secure-testing-commits
mailing list