[Secure-testing-commits] r54907 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Aug 20 11:33:18 UTC 2017


Author: carnil
Date: 2017-08-20 11:33:18 +0000 (Sun, 20 Aug 2017)
New Revision: 54907

Modified:
   data/CVE/list
Log:
Add CVE-2011-0469/open-build-service

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-20 11:30:00 UTC (rev 54906)
+++ data/CVE/list	2017-08-20 11:33:18 UTC (rev 54907)
@@ -169063,7 +169063,10 @@
 	[wheezy] - chromium-browser <not-affected>
 	- webkit <not-affected> (chromium specific)
 CVE-2011-0469 (Code injection in openSUSE when running some source services used in ...)
-	TODO: check
+	- open-build-service <not-affected> (Fixed before initial upload to Debian)
+	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=679325
+	NOTE: Main fix: https://github.com/openSUSE/open-build-service/commit/76b0ab003f34435ca90d943e02dd22279cdeec2a
+	NOTE: Secondary fix: https://github.com/openSUSE/open-build-service/commit/23c8d21c75242999e29379e6ca8418a14c8725c6
 CVE-2011-0468 (The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and ...)
 	NOT-FOR-US: OpenSUSE aaa_base package
 CVE-2011-0467




More information about the Secure-testing-commits mailing list