[Secure-testing-commits] r55059 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Aug 25 09:32:07 UTC 2017 

Author: jmm
Date: 2017-08-25 09:32:07 +0000 (Fri, 25 Aug 2017)
New Revision: 55059

Modified:
   data/CVE/list
Log:
clear up some php5 entries
salt no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-25 09:20:37 UTC (rev 55058)
+++ data/CVE/list	2017-08-25 09:32:07 UTC (rev 55059)
@@ -1644,7 +1644,6 @@
 CVE-2017-12934 (ext/standard/var_unserializer.re in PHP 7.0.x before 7.0.21 and 7.1.x ...)
 	- php7.1 7.1.8-1
 	- php7.0 7.0.22-1
-	- php5 <undetermined>
 	NOTE: Fixed in 7.1.7, 7.0.21
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74101
 CVE-2017-12933 (The finish_nested_data function in ext/standard/var_unserializer.re in ...)
@@ -1656,7 +1655,6 @@
 CVE-2017-12932 (ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x ...)
 	- php7.1 7.1.8-1
 	- php7.0 7.0.22-1
-	- php5 <undetermined>
 	NOTE: Fixed in 7.1.8, 7.0.22
 	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74103
 	NOTE: https://github.com/php/php-src/commit/1a23ebc1fff59bf480ca92963b36eba5c1b904c4
@@ -2523,6 +2521,8 @@
 	RESERVED
 CVE-2017-12791 (Directory traversal vulnerability in minion id validation in SaltStack ...)
 	- salt <unfixed> (bug #872399)
+	[stretch] - salt <no-dsa> (Minor issue)
+	[jessie] - salt <no-dsa> (Minor issue)
 	NOTE: https://github.com/saltstack/salt/pull/42944
 	NOTE: https://github.com/saltstack/salt/commit/6366e05d0d70bd709cc4233c3faf32a759d0173a
 	NOTE: https://docs.saltstack.com/en/2016.11/topics/releases/2016.11.7.html
@@ -72387,7 +72387,7 @@
 	NOTE: gtk+2.0 2.21.5-1 removed the embedded copy of gdk-pixbuf and build-depends on external gdk-pixbuf
 CVE-2015-XXXX [trivial hash complexity DoS attack]
 	- php5 <removed> (bug #800564)
-	[jessie] - php5 <no-dsa> (Too intrusive to backport)
+	[jessie] - php5 <ignored> (Too intrusive to backport)
 	[wheezy] - php5 <no-dsa> (Too intrusive to backport)
 	[squeeze] - php5 <no-dsa> (Too intrusive to backport)
 	NOTE: https://bugs.php.net/bug.php?id=70644

More information about the Secure-testing-commits mailing list