[Secure-testing-commits] r54561 - in data: CVE DSA
Sebastien Delafond
seb at moszumanska.debian.org
Thu Aug 10 18:45:35 UTC 2017
Author: seb
Date: 2017-08-10 18:45:35 +0000 (Thu, 10 Aug 2017)
New Revision: 54561
Modified:
data/CVE/list
data/DSA/list
Log:
CVE-2016-8734 is jessie-only
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-10 18:38:56 UTC (rev 54560)
+++ data/CVE/list 2017-08-10 18:45:35 UTC (rev 54561)
@@ -37793,7 +37793,7 @@
CVE-2016-8734 [Unrestricted XML entity expansion in mod_dontdothat and Subversion clients using http(s)://]
RESERVED
- subversion 1.9.5-1 (low)
- [jessie] - subversion <no-dsa> (Minor issue; can be fixed via point release)
+ [jessie] - subversion 1.8.10-6+deb8u5.
[wheezy] - subversion <no-dsa> (Minor issue, binary packages not affected since built against Neon as HTTP library)
NOTE: Above wheezy entry workarounded; binary packages not affected (since in wheezy build against Neon as HTTP
NOTE: library), though source is. (unimporant) for individual lines is not supported, thus workaround by marking
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2017-08-10 18:38:56 UTC (rev 54560)
+++ data/DSA/list 2017-08-10 18:45:35 UTC (rev 54561)
@@ -2,7 +2,7 @@
{CVE-2017-9359 CVE-2017-9372}
[jessie] - pjproject 2.1.0.0.ast20130823-1+deb8u1
[10 Aug 2017] DSA-3932-1 subversion - security update
- {CVE-2016-8734 CVE-2017-9800}
+ {CVE-2017-9800}
[jessie] - subversion 1.8.10-6+deb8u5
[stretch] - subversion 1.9.5-1+deb9u1
[10 Aug 2017] DSA-3931-1 ruby-rack-cors - security update
More information about the Secure-testing-commits
mailing list