[Secure-testing-commits] r54316 - in data: . CVE
Markus Koschany
apo at moszumanska.debian.org
Sat Aug 5 13:08:06 UTC 2017
Author: apo
Date: 2017-08-05 13:08:06 +0000 (Sat, 05 Aug 2017)
New Revision: 54316
Modified:
data/CVE/list
data/dla-needed.txt
Log:
CVE-2017-12425,varnish: Mark as not affected in Wheezy
According to upstream the code path is not exposed to clients and thus is not a
security issue in this version.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-05 11:29:25 UTC (rev 54315)
+++ data/CVE/list 2017-08-05 13:08:06 UTC (rev 54316)
@@ -640,6 +640,7 @@
CVE-2017-12425 (An issue was discovered in Varnish HTTP Cache 4.0.1 through 4.0.4, ...)
{DSA-3924-1}
- varnish <unfixed> (bug #870467)
+ [wheezy] - varnish <not-affected> (code path is not exposed to clients)
NOTE: https://www.varnish-cache.org/security/VSV00001.html#vsv00001
NOTE: https://github.com/varnishcache/varnish-cache/issues/2379
NOTE: https://github.com/varnishcache/varnish-cache/commit/09731b24b2225e3c0d66d3ec1b4fedef6fa22b6e
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-08-05 11:29:25 UTC (rev 54315)
+++ data/dla-needed.txt 2017-08-05 13:08:06 UTC (rev 54316)
@@ -168,9 +168,6 @@
NOTE: 20170711, Version 3.9.6-11+deb7u7 fixes CVE-2017-9936 (DLA-1023-1)
NOTE: CVE-2017-9935 is still unresolved upstream
--
-varnish (Markus Koschany)
- NOTE: Asked for clarification at https://github.com/varnishcache/varnish-cache/issues/2379
---
wireshark
--
wordpress
More information about the Secure-testing-commits
mailing list