[Secure-testing-commits] r45956 - in data: . CVE DSA

Thu Nov 3 22:53:56 UTC 2016

Author: ghedo
Date: 2016-11-03 22:53:56 +0000 (Thu, 03 Nov 2016)
New Revision: 45956

Modified:
   data/CVE/list
   data/DSA/list
   data/dsa-needed.txt
Log:
Reserve DSA for curl

Modified: data/CVE/list
===================================================================

--- data/CVE/list	2016-11-03 21:45:34 UTC (rev 45955)
+++ data/CVE/list	2016-11-03 22:53:56 UTC (rev 45956)
@@ -1417,6 +1417,7 @@
 CVE-2016-8625
 	RESERVED
 	- curl <unfixed>
+	[jessie] - curl <no-dsa> (the fix is too invasive)
 	NOTE: https://github.com/curl/curl/commit/9c91ec778104ae3b744b39444d544e82d5ee9ece
 	NOTE: https://curl.haxx.se/docs/adv_20161102K.html
 	NOTE: https://curl.haxx.se/CVE-2016-8625.patch

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2016-11-03 21:45:34 UTC (rev 45955)
+++ data/DSA/list	2016-11-03 22:53:56 UTC (rev 45956)
@@ -1,3 +1,6 @@
+[03 Nov 2016] DSA-3705-1 curl - security update
+	{CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624}
+	[jessie] - curl 7.38.0-4+deb8u5
 [03 Nov 2016] DSA-3704-1 memcached - security update
 	{CVE-2016-8704 CVE-2016-8705 CVE-2016-8706}
 	[jessie] - memcached 1.4.21-1.1+deb8u1

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2016-11-03 21:45:34 UTC (rev 45955)
+++ data/dsa-needed.txt	2016-11-03 22:53:56 UTC (rev 45956)
@@ -16,8 +16,6 @@
 --
 chromium-browser
 --
-curl (ghedo)
---
 graphicsmagick (luciano)
 --
 icu


