[Secure-testing-commits] r45114 - in data: . CVE
Ola Lundqvist
opal at moszumanska.debian.org
Thu Oct 6 21:24:00 UTC 2016
Author: opal
Date: 2016-10-06 21:23:59 +0000 (Thu, 06 Oct 2016)
New Revision: 45114
Modified:
data/CVE/list
data/dla-needed.txt
Log:
CVE-2016-7543 can not be reproduced.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2016-10-06 21:20:41 UTC (rev 45113)
+++ data/CVE/list 2016-10-06 21:23:59 UTC (rev 45114)
@@ -2778,9 +2778,13 @@
CVE-2016-7543
RESERVED
- bash 4.4-1
+ [jessie] - bash <not-affected> (Problem not reproducible)
+ [wheezy] - bash <not-affected> (Problem not reproducible)
NOTE: http://www.openwall.com/lists/oss-security/2016/09/26/9
NOTE: Default shell is dash which is not vulnerable, but bash in Jessie and
- NOTE: Wheezy are affected
+ NOTE: Wheezy are affected. Or actually it is not possible to reproduce
+ NOTE: the problem. It should definitely be as it is not a timing issue.
+ NOTE: Probably solved by the fact that SHELLOPTS is a read-only variable.
CVE-2016-7542
RESERVED
CVE-2016-7541
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-10-06 21:20:41 UTC (rev 45113)
+++ data/dla-needed.txt 2016-10-06 21:23:59 UTC (rev 45114)
@@ -11,8 +11,6 @@
--
asterisk (Thorsten Alteholz)
--
-bash (Ola Lundqvist)
---
gcc-mingw-w64 (Stephen Kitt)
--
ghostscript (Roberto C. Sánchez)
More information about the Secure-testing-commits
mailing list