[Secure-testing-commits] r58613 - data/CVE
Ola Lundqvist
opal at moszumanska.debian.org
Fri Dec 15 21:18:04 UTC 2017
Author: opal
Date: 2017-12-15 21:18:04 +0000 (Fri, 15 Dec 2017)
New Revision: 58613
Modified:
data/CVE/list
Log:
Tiage results.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-15 21:10:14 UTC (rev 58612)
+++ data/CVE/list 2017-12-15 21:18:04 UTC (rev 58613)
@@ -4808,7 +4808,9 @@
TODO: check
CVE-2017-17535 (lib/gui.py in Bob Hepple gjots2 2.4.1 does not validate strings before ...)
- gjots2 <unfixed>
+ [wheezy] - gjots2 <no-dsa> (Minor issue)
NOTE: https://sources.debian.org/src/gjots2/2.4.1-2/lib/gui.py/?hl=2188#L2188
+ NOTE: Classified as minor in wheezy as even though the function itself do not validate the url, the function that call do actually terminate on whitespace so the package is in practice not vulnerable.
CVE-2017-17534 (uiutil.c in Mensis 0.0.080507 does not validate strings before ...)
- mensis <removed>
NOTE: https://sources.debian.org/src/mensis/0.0.080507-4/uiutil.c/?hl=293#L428
More information about the Secure-testing-commits
mailing list