[Secure-testing-commits] r58390 - in data: . CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat Dec 9 12:49:29 UTC 2017
Author: jmm
Date: 2017-12-09 12:49:29 +0000 (Sat, 09 Dec 2017)
New Revision: 58390
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
various stable triage
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-09 11:52:10 UTC (rev 58389)
+++ data/CVE/list 2017-12-09 12:49:29 UTC (rev 58390)
@@ -170,6 +170,8 @@
RESERVED
CVE-2017-17459 (http_transport.c in Fossil before 2.4, when the SSH sync protocol is ...)
- fossil 1:2.4-1
+ [stretch] - fossil <no-dsa> (Minor issue)
+ [jessie] - fossil <no-dsa> (Minor issue)
NOTE: https://www.fossil-scm.org/xfer/info/1f63db591c77108c
CVE-2017-17458 (In Mercurial before 4.4.1, it is possible that a specially malformed ...)
- mercurial 4.4.1-1
@@ -4600,6 +4602,8 @@
NOT-FOR-US: Snap Creek Duplicator (WordPress Site Migration & Backup) plugin for WordPress
CVE-2017-16820 (The csnmp_read_table function in snmp.c in the SNMP plugin in collectd ...)
- collectd <unfixed> (bug #881757)
+ [stretch] - collectd <no-dsa> (Minor issue)
+ [jessie] - collectd <no-dsa> (Minor issue)
[wheezy] - collectd <not-affected> (Vulnerable code not present)
NOTE: https://github.com/collectd/collectd/issues/2291
CVE-2017-16814
@@ -8983,6 +8987,8 @@
RESERVED
CVE-2017-15232 (libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and ...)
- libjpeg-turbo <unfixed> (low; bug #878567)
+ [stretch] - libjpeg-turbo <no-dsa> (Minor issue)
+ [jessie] - libjpeg-turbo <no-dsa> (Minor issue)
- libjpeg6b <not-affected> (Vulnerable code not present)
- libjpeg8 <not-affected> (Vulnerable code not present)
- libjpeg9 <not-affected> (Vulnerable code not present)
@@ -53073,6 +53079,7 @@
NOT-FOR-US: JMX endpoint of Red Hat JBoss EAP 5
CVE-2016-9584 (libical allows remote attackers to cause a denial of service ...)
{DLA-959-1}
+ - libical3 3.0.1-1 (bug #852034)
- libical <unfixed> (bug #852034)
[stretch] - libical <no-dsa> (Minor issue)
[jessie] - libical <no-dsa> (Minor issue)
Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt 2017-12-09 11:52:10 UTC (rev 58389)
+++ data/dsa-needed.txt 2017-12-09 12:49:29 UTC (rev 58390)
@@ -30,10 +30,14 @@
--
openafs (jmm)
--
+openjpeg2
+--
openssl1.0/stable
--
otrs2
--
+passenger/stable
+--
php-horde-image
--
php5
More information about the Secure-testing-commits
mailing list