[Secure-testing-commits] r58619 - data/CVE

Ola Lundqvist opal at moszumanska.debian.org
Fri Dec 15 22:55:20 UTC 2017


Author: opal
Date: 2017-12-15 22:55:20 +0000 (Fri, 15 Dec 2017)
New Revision: 58619

Modified:
   data/CVE/list
Log:
Triage result.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-15 22:45:25 UTC (rev 58618)
+++ data/CVE/list	2017-12-15 22:55:20 UTC (rev 58619)
@@ -4880,7 +4880,9 @@
 	NOTE: at least shell escaped its input.
 CVE-2017-17519 (batteriesConfig.mlp in OCaml Batteries Included (aka ocaml-batteries) ...)
 	- ocaml-batteries <unfixed>
+        [wheezy] - ocaml-batteries <no-dsa> (Minor issue)
 	NOTE: https://sources.debian.org/src/ocaml-batteries/2.6.0-1/src/batteriesConfig.mlp/?hl=23#L23
+	NOTE: The motivation for being minor in wheezt is that it is only for browsing help pages so the attack vector is limited.
 CVE-2017-17518 (swt/motif/browser.c in White_dune (aka whitedune) 0.30.10 does not ...)
 	- whitedune <unfixed>
 	NOTE: https://sources.debian.org/src/whitedune/0.30.10-2.1/src/swt/motif/browser.c/?hl=159#L214




More information about the Secure-testing-commits mailing list