[Secure-testing-commits] r46327 - data/CVE
Markus Koschany
apo at moszumanska.debian.org
Fri Nov 18 17:29:03 UTC 2016
Author: apo
Date: 2016-11-18 17:29:03 +0000 (Fri, 18 Nov 2016)
New Revision: 46327
Modified:
data/CVE/list
Log:
Mark CVE-2016-9401, bash as no-dsa for Wheezy
Upstream considers this only to be a normal bug
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-18 17:21:52 UTC (rev 46326)
+++ data/CVE/list 2016-11-18 17:29:03 UTC (rev 46327)
@@ -128,6 +128,7 @@
CVE-2016-9401 [popd controlled free]
- bash <unfixed> (bug #844727)
[jessie] - bash <no-dsa> (Minor issue)
+ [wheezy] - bash <no-dsa> (Minor issue)
NOTE: Upstream bash considers this issue only to be a bug.
CVE-2016-9399 [jpc_dec.c:1650: void calcstepsizes(uint_fast16_t, int, uint_fast16_t *): Assertion `!((expn + (numrlvls - 1) - (numrlvls - 1 - ((bandno > 0) ? ((bandno + 2) / 3) : (0)))) & (~0x1f))' failed.]
- jasper <removed> (unimportant)
More information about the Secure-testing-commits
mailing list