[Secure-testing-commits] r58773 - in data: . CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Thu Dec 21 10:02:34 UTC 2017
Author: hertzog
Date: 2017-12-21 10:02:34 +0000 (Thu, 21 Dec 2017)
New Revision: 58773
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Drop global from dla-needed.txt, issue is unimportant
Still filed a bug because the underlying code should really be improved
even if it's generally not used on malicious URLs.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-12-21 10:02:22 UTC (rev 58772)
+++ data/CVE/list 2017-12-21 10:02:34 UTC (rev 58773)
@@ -5227,7 +5227,7 @@
NOTE: https://sources.debian.org/src/kiwi/1.9.22-4/examples/framework/news/news3.py/?hl=88#L88
NOTE: Only in examples code, negligible impact
CVE-2017-17531 (gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before ...)
- - global <unfixed> (unimportant)
+ - global <unfixed> (unimportant; bug #884912)
NOTE: https://sources.debian.org/src/global/4.8.6-2/gozilla/gozilla.c/#L269
CVE-2017-17530 (common/help.c in Geomview 1.9.5 does not validate strings before ...)
- geomview <unfixed> (unimportant)
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-12-21 10:02:22 UTC (rev 58772)
+++ data/dla-needed.txt 2017-12-21 10:02:34 UTC (rev 58773)
@@ -23,8 +23,6 @@
--
gimp (Emilio Pozuelo)
--
-global
---
graphicsmagick
--
icu (Roberto C. Sánchez)
More information about the Secure-testing-commits
mailing list