[Secure-testing-commits] r58503 - in data: . DLA

Brian May bam at moszumanska.debian.org
Tue Dec 12 21:16:41 UTC 2017


Author: bam
Date: 2017-12-12 21:16:41 +0000 (Tue, 12 Dec 2017)
New Revision: 58503

Modified:
   data/DLA/list
   data/dla-needed.txt
Log:
Reserve DLA-1206-1 for tiff

Modified: data/DLA/list
===================================================================
--- data/DLA/list	2017-12-12 21:12:19 UTC (rev 58502)
+++ data/DLA/list	2017-12-12 21:16:41 UTC (rev 58503)
@@ -1,3 +1,6 @@
+[13 Dec 2017] DLA-1206-1 tiff - security update
+	{CVE-2017-9935}
+	[wheezy] - tiff 4.0.2-6+deb7u17
 [12 Dec 2017] DLA-1205-1 simplesamlphp - security update
 	{CVE-2017-12867 CVE-2017-12868 CVE-2017-12869 CVE-2017-12872 CVE-2017-12873 CVE-2017-12874}
 	[wheezy] - simplesamlphp 1.9.2-1+deb7u1

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt	2017-12-12 21:12:19 UTC (rev 58502)
+++ data/dla-needed.txt	2017-12-12 21:16:41 UTC (rev 58503)
@@ -97,10 +97,6 @@
   NOTE: 20171118: At least CVE-2017-16797 is present. (lamby)
   NOTE: 20171210: likely to be turned into a pkg with limited sec support
 --
-tiff (Brian May)
-  NOTE: CVE-2017-9935: no upstream fix -- Brian May 2017-11-06
-  NOTE: CVE-2017-11613: no upstream fix, "not a bug" according to RH -- anarcat 2017-10-24
---
 tiff3 (Brian May)
   NOTE: CVE-2017-9935: no upstream fix -- Brian May 2017-11-06
   NOTE: CVE-2017-11613: no upstream fix, "not a bug" according to RH -- anarcat 2017-10-24




More information about the Secure-testing-commits mailing list