[Secure-testing-commits] r58635 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Dec 17 08:19:44 UTC 2017


Author: carnil
Date: 2017-12-17 08:19:44 +0000 (Sun, 17 Dec 2017)
New Revision: 58635

Modified:
   data/CVE/list
Log:
CVE-2017-17522: sort entries by source package

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-12-17 08:16:50 UTC (rev 58634)
+++ data/CVE/list	2017-12-17 08:19:44 UTC (rev 58635)
@@ -4884,6 +4884,7 @@
 	NOTE: https://sourceforge.net/p/testlilyissues/issues/5243/
 CVE-2017-17522 (Lib/webbrowser.py in Python through 3.6.3 does not validate strings ...)
 	- jython <unfixed>
+	[wheezy] - jython <not-affected> (Vulnerable code is not provided in the binary package)
 	- python2.6 <removed>
 	- python2.7 <unfixed>
 	- python3.2 <removed>
@@ -4891,7 +4892,6 @@
 	- python3.5 <unfixed>
 	- python3.6 <unfixed>
 	- python3.7 <unfixed>
-	[wheezy] - jython <not-affected> (Vulnerable code is not provided in the binary package)
 	NOTE: Lib/webbrowser.py does not validate strings before launching the program
 	NOTE: specified by the BROWSER environment variable.
 CVE-2017-17521 (uiutil.c in FontForge through 20170731 does not validate strings before ...)




More information about the Secure-testing-commits mailing list