[Secure-testing-commits] r47887 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jan 11 05:34:17 UTC 2017
Author: carnil
Date: 2017-01-11 05:34:17 +0000 (Wed, 11 Jan 2017)
New Revision: 47887
Modified:
data/CVE/list
Log:
CVE-2016-9318, remove mentioning of stable for now
Will be evaluated once final solution will appear.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-11 05:30:19 UTC (rev 47886)
+++ data/CVE/list 2017-01-11 05:34:17 UTC (rev 47887)
@@ -13011,10 +13011,11 @@
RESERVED
CVE-2016-9318 (libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and ...)
- libxml2 <unfixed> (bug #844581)
- NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=772726#c15
- NOTE: tentative patch available but not blessed by upstream yet (2016-12-13)
- NOTE: For stable and oldstable it is probably not worth the effort to fix this problem.
- NOTE: The reason is that the correction is to introduce a new option that can be specified if this new behaviour is wanted. It is not enforced by default.
+ NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=772726
+ NOTE: Tentative patch available but not blessed by upstream yet (2016-12-13) (cf. comment #15)
+ NOTE: For oldstable it is probably not worth the effort to fix this problem.
+ NOTE: The reason is that the correction is to introduce a new option that can be specified if this new behaviour
+ NOTE: is wanted. It is not enforced by default.
CVE-2016-9317
RESERVED
CVE-2016-9316
More information about the Secure-testing-commits
mailing list