[Secure-testing-commits] r54377 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Mon Aug 7 08:19:57 UTC 2017
Author: carnil
Date: 2017-08-07 08:19:54 +0000 (Mon, 07 Aug 2017)
New Revision: 54377
Modified:
data/CVE/list
Log:
Mark CVE-2017-12588 as unimportant
The zmq3 input and output modules not enabled and build in Debian.
---{ input plugins }---
[...]
imzmq3 input module enabled: no
[...]
---{ output plugins }---
omzmq3 module will be compiled: no
and both not compiled.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-07 07:38:42 UTC (rev 54376)
+++ data/CVE/list 2017-08-07 08:19:54 UTC (rev 54377)
@@ -11,9 +11,10 @@
CVE-2017-12589
RESERVED
CVE-2017-12588 (The zmq3 input and output modules in rsyslog before 8.28.0 interpreted ...)
- - rsyslog 8.28.0-1
+ - rsyslog 8.28.0-1 (unimportant)
NOTE: https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b
NOTE: https://github.com/rsyslog/rsyslog/pull/1565
+ NOTE: The zmq3 input and output modules are not enabled and built in Debian
CVE-2017-12587 (ImageMagick 7.0.6-1 has a large loop vulnerability in the ReadPWPImage ...)
- imagemagick 8:6.9.7.4+dfsg-16 (bug #870526)
NOTE: https://github.com/ImageMagick/ImageMagick/issues/535
More information about the Secure-testing-commits
mailing list