[Secure-testing-commits] r58390 - in data: . CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Sat Dec 9 12:49:29 UTC 2017


Author: jmm
Date: 2017-12-09 12:49:29 +0000 (Sat, 09 Dec 2017)
New Revision: 58390

Modified:
   data/CVE/list
   data/dsa-needed.txt
Log:
various stable triage


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-09 11:52:10 UTC (rev 58389)
+++ data/CVE/list	2017-12-09 12:49:29 UTC (rev 58390)
@@ -170,6 +170,8 @@
 	RESERVED
 CVE-2017-17459 (http_transport.c in Fossil before 2.4, when the SSH sync protocol is ...)
 	- fossil 1:2.4-1
+	[stretch] - fossil <no-dsa> (Minor issue)
+	[jessie] - fossil <no-dsa> (Minor issue)
 	NOTE: https://www.fossil-scm.org/xfer/info/1f63db591c77108c
 CVE-2017-17458 (In Mercurial before 4.4.1, it is possible that a specially malformed ...)
 	- mercurial 4.4.1-1
@@ -4600,6 +4602,8 @@
 	NOT-FOR-US: Snap Creek Duplicator (WordPress Site Migration & Backup) plugin for WordPress
 CVE-2017-16820 (The csnmp_read_table function in snmp.c in the SNMP plugin in collectd ...)
 	- collectd <unfixed> (bug #881757)
+	[stretch] - collectd <no-dsa> (Minor issue)
+	[jessie] - collectd <no-dsa> (Minor issue)
 	[wheezy] - collectd <not-affected> (Vulnerable code not present)
 	NOTE: https://github.com/collectd/collectd/issues/2291
 CVE-2017-16814
@@ -8983,6 +8987,8 @@
 	RESERVED
 CVE-2017-15232 (libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and ...)
 	- libjpeg-turbo <unfixed> (low; bug #878567)
+	[stretch] - libjpeg-turbo <no-dsa> (Minor issue)
+	[jessie] - libjpeg-turbo <no-dsa> (Minor issue)
 	- libjpeg6b <not-affected> (Vulnerable code not present)
 	- libjpeg8 <not-affected> (Vulnerable code not present)
 	- libjpeg9 <not-affected> (Vulnerable code not present)
@@ -53073,6 +53079,7 @@
 	NOT-FOR-US: JMX endpoint of Red Hat JBoss EAP 5
 CVE-2016-9584 (libical allows remote attackers to cause a denial of service ...)
 	{DLA-959-1}
+	- libical3 3.0.1-1 (bug #852034)
 	- libical <unfixed> (bug #852034)
 	[stretch] - libical <no-dsa> (Minor issue)
 	[jessie] - libical <no-dsa> (Minor issue)

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2017-12-09 11:52:10 UTC (rev 58389)
+++ data/dsa-needed.txt	2017-12-09 12:49:29 UTC (rev 58390)
@@ -30,10 +30,14 @@
 --
 openafs (jmm)
 --
+openjpeg2
+--
 openssl1.0/stable
 --
 otrs2
 --
+passenger/stable
+--
 php-horde-image
 --
 php5




More information about the Secure-testing-commits mailing list