[Secure-testing-commits] r58761 - in data: . CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Thu Dec 21 07:59:01 UTC 2017
Author: hertzog
Date: 2017-12-21 07:59:01 +0000 (Thu, 21 Dec 2017)
New Revision: 58761
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Reclassify CVE-2017-15377 on suricata as no-dsa on wheezy (like jessie/stretch)
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-21 07:58:19 UTC (rev 58760)
+++ data/CVE/list 2017-12-21 07:59:01 UTC (rev 58761)
@@ -14068,6 +14068,7 @@
- suricata 1:4.0.0-1 (low)
[stretch] - suricata <no-dsa> (Minor issue)
[jessie] - suricata <no-dsa> (Minor issue)
+ [wheezy] - suricata <no-dsa> (Minor issue)
NOTE: https://github.com/OISF/suricata/pull/2680/commits/47afc577ff763150f9b47f10331f5ef9eb847a57
NOTE: https://redmine.openinfosecfoundation.org/issues/2231
CVE-2017-15376 (The TELNET service in Mobatek MobaXterm 10.4 does not require ...)
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-12-21 07:58:19 UTC (rev 58760)
+++ data/dla-needed.txt 2017-12-21 07:59:01 UTC (rev 58761)
@@ -91,9 +91,6 @@
rtpproxy
NOTE: it's not clear to me if a fix is even possible. -- Raphaël Hertzog
--
-suricata
- NOTE: 2017-10-27: At a quick glance, I can't see that this is vulnerable. --lamby
---
swftools (Guido Günther)
NOTE: 20171118: At least CVE-2017-16797 is present. (lamby)
NOTE: 20171210: likely to be turned into a pkg with limited sec support
More information about the Secure-testing-commits
mailing list