[Secure-testing-commits] r54907 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Aug 20 11:33:18 UTC 2017
Author: carnil
Date: 2017-08-20 11:33:18 +0000 (Sun, 20 Aug 2017)
New Revision: 54907
Modified:
data/CVE/list
Log:
Add CVE-2011-0469/open-build-service
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-20 11:30:00 UTC (rev 54906)
+++ data/CVE/list 2017-08-20 11:33:18 UTC (rev 54907)
@@ -169063,7 +169063,10 @@
[wheezy] - chromium-browser <not-affected>
- webkit <not-affected> (chromium specific)
CVE-2011-0469 (Code injection in openSUSE when running some source services used in ...)
- TODO: check
+ - open-build-service <not-affected> (Fixed before initial upload to Debian)
+ NOTE: https://bugzilla.suse.com/show_bug.cgi?id=679325
+ NOTE: Main fix: https://github.com/openSUSE/open-build-service/commit/76b0ab003f34435ca90d943e02dd22279cdeec2a
+ NOTE: Secondary fix: https://github.com/openSUSE/open-build-service/commit/23c8d21c75242999e29379e6ca8418a14c8725c6
CVE-2011-0468 (The aaa_base package before 11.3-8.9.1 in SUSE openSUSE 11.3, and ...)
NOT-FOR-US: OpenSUSE aaa_base package
CVE-2011-0467
More information about the Secure-testing-commits
mailing list