[Secure-testing-commits] r45103 - in data: . CVE

[Chris Lamb]

Author: lamby
Date: 2016-10-06 10:01:25 +0000 (Thu, 06 Oct 2016)
New Revision: 45103

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
CVE-2016-8339 (redis) is not-affected in wheezy.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2016-10-06 06:41:18 UTC (rev 45102)
+++ data/CVE/list	2016-10-06 10:01:25 UTC (rev 45103)
@@ -157,6 +157,7 @@
 CVE-2016-8339
 	RESERVED
 	- redis 3:3.2.4-1
+	[wheezy] - redis <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://github.com/antirez/redis/commit/6d9f8e2462fc2c426d48c941edeb78e5df7d2977
 	NOTE: http://www.talosintelligence.com/reports/TALOS-2016-0206/
 CVE-2016-8338

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt	2016-10-06 06:41:18 UTC (rev 45102)
+++ data/dla-needed.txt	2016-10-06 10:01:25 UTC (rev 45103)
@@ -82,8 +82,6 @@
   NOTE: Potentially affected by all qemu CVE-s:
   NOTE: https://lists.debian.org/debian-lts/2016/09/msg00014.html
 --
-redis (Chris Lamb)
---
 samba
   NOTE: patch for CVE-2016-2115 has been removed intentionally in version 2:3.6.6-6+deb7u10
   NOTE: so maybe this is <no-dsa>