[Secure-testing-commits] r58633 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sun Dec 17 08:13:27 UTC 2017
Author: carnil
Date: 2017-12-17 08:13:27 +0000 (Sun, 17 Dec 2017)
New Revision: 58633
Modified:
data/CVE/list
Log:
Mark CVE-2017-17519 as uniportant
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-17 08:13:16 UTC (rev 58632)
+++ data/CVE/list 2017-12-17 08:13:27 UTC (rev 58633)
@@ -4904,10 +4904,8 @@
NOTE: into abosulte ones. If you use url_handler.pl from other applications be sure to
NOTE: at least shell escaped its input.
CVE-2017-17519 (batteriesConfig.mlp in OCaml Batteries Included (aka ocaml-batteries) ...)
- - ocaml-batteries <unfixed>
- [wheezy] - ocaml-batteries <no-dsa> (Minor issue)
+ - ocaml-batteries <unfixed> (unimportant)
NOTE: https://sources.debian.org/src/ocaml-batteries/2.6.0-1/src/batteriesConfig.mlp/?hl=23#L23
- NOTE: The motivation for being minor in wheezt is that it is only for browsing help pages so the attack vector is limited.
CVE-2017-17518 (swt/motif/browser.c in White_dune (aka whitedune) 0.30.10 does not ...)
- whitedune <unfixed>
[wheezy] - whitedune <no-dsa> (Minor issue. Vulnerable code present but an attacker can not control the URL so it is impossible to trigger it)
More information about the Secure-testing-commits
mailing list