[Secure-testing-commits] r46539 - in data: . CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Fri Nov 25 11:10:52 UTC 2016
Author: hertzog
Date: 2016-11-25 11:10:52 +0000 (Fri, 25 Nov 2016)
New Revision: 46539
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Mark CVE-2016-7965 as no-dsa on wheezy and drop entry in dla-needed.txt
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-11-25 11:04:16 UTC (rev 46538)
+++ data/CVE/list 2016-11-25 11:10:52 UTC (rev 46539)
@@ -5336,6 +5336,7 @@
CVE-2016-7965 (DokuWiki 2016-06-26a and older uses $_SERVER[HTTP_HOST] instead of the ...)
- dokuwiki <unfixed> (bug #844732)
[jessie] - dokuwiki <no-dsa> (Minor issue)
+ [wheezy] - dokuwiki <no-dsa> (Minor issue)
NOTE: https://github.com/splitbrain/dokuwiki/issues/1709
CVE-2016-7964 (The sendRequest method in HTTPClient Class in file /inc/HTTPClient.php ...)
- dokuwiki <unfixed> (bug #844731)
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-11-25 11:04:16 UTC (rev 46538)
+++ data/dla-needed.txt 2016-11-25 11:10:52 UTC (rev 46539)
@@ -12,9 +12,6 @@
--
asterisk
--
-dokuwiki
- NOTE: upstream marked CVE-2016-7965 as WONTFIX
---
dwarfutils
NOTE: New round of CVEs not seemingly covered by DLA 669-1.
--
More information about the Secure-testing-commits
mailing list