[Secure-testing-commits] r58697 - in data: . CVE
Emilio Pozuelo Monfort
pochu at moszumanska.debian.org
Tue Dec 19 20:11:21 UTC 2017
Author: pochu
Date: 2017-12-19 20:11:21 +0000 (Tue, 19 Dec 2017)
New Revision: 58697
Modified:
data/CVE/list
data/dla-needed.txt
Log:
CVE-2017-3737/openssl postponed in wheezy
A buggy application that uses openssl in a special, incorrect way is needed
to exploit this.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-19 19:05:19 UTC (rev 58696)
+++ data/CVE/list 2017-12-19 20:11:21 UTC (rev 58697)
@@ -49166,6 +49166,7 @@
{DSA-4065-1}
- openssl 1.1.0b-2
[jessie] - openssl <postponed> (Can be fixed with next OpenSSL advisory round)
+ [wheezy] - openssl <postponed> (Can be fixed with next OpenSSL advisory round)
- openssl1.0 1.0.2n-1
NOTE: Not fully correct tracking, the issue just does not affect OpenSSL 1.1.0
NOTE: thus mark as fixed in the first 1.1.0 version which entered unstable.
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-12-19 19:05:19 UTC (rev 58696)
+++ data/dla-needed.txt 2017-12-19 20:11:21 UTC (rev 58697)
@@ -75,8 +75,6 @@
--
openafs (Thorsten Alteholz)
--
-openssl (Kurt Roeckx)
---
otrs2 (Emilio Pozuelo)
--
python2.6
More information about the Secure-testing-commits
mailing list