[Secure-testing-commits] r58855 - in data: . DLA

Thorsten Alteholz alteholz at moszumanska.debian.org
Fri Dec 22 23:09:23 UTC 2017


Author: alteholz
Date: 2017-12-22 23:09:22 +0000 (Fri, 22 Dec 2017)
New Revision: 58855

Modified:
   data/DLA/list
   data/dla-needed.txt
Log:
Reserve DLA-1218-1 for rsync

Modified: data/DLA/list
===================================================================
--- data/DLA/list	2017-12-22 22:43:17 UTC (rev 58854)
+++ data/DLA/list	2017-12-22 23:09:22 UTC (rev 58855)
@@ -1,3 +1,6 @@
+[23 Dec 2017] DLA-1218-1 rsync - security update
+	{CVE-2017-16548 CVE-2017-17433 CVE-2017-17434}
+	[wheezy] - rsync 3.0.9-4+deb7u1
 [21 Dec 2017] DLA-1217-1 irssi - security update
 	{CVE-2017-5193 CVE-2017-5194 CVE-2017-5356 CVE-2017-15227 CVE-2017-15228 CVE-2017-15721 CVE-2017-15722}
 	[wheezy] - irssi 0.8.15-5+deb7u4

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt	2017-12-22 22:43:17 UTC (rev 58854)
+++ data/dla-needed.txt	2017-12-22 23:09:22 UTC (rev 58855)
@@ -67,8 +67,6 @@
 python3.2 (Emilio Pozuelo)
   NOTE: webbrowser.py as binary is hard to exploit, but when using it as an import then it may be possible to trigger something. Should be fixed to be on the safe side even though it is not an urgent problem.
 --
-rsync (Thorsten Alteholz)
---
 rtpproxy
   NOTE: it's not clear to me if a fix is even possible. -- Raphaël Hertzog
 --




More information about the Secure-testing-commits mailing list