[Secure-testing-commits] r47887 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Jan 11 05:34:17 UTC 2017


Author: carnil
Date: 2017-01-11 05:34:17 +0000 (Wed, 11 Jan 2017)
New Revision: 47887

Modified:
   data/CVE/list
Log:
CVE-2016-9318, remove mentioning of stable for now

Will be evaluated once final solution will appear.

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-01-11 05:30:19 UTC (rev 47886)
+++ data/CVE/list	2017-01-11 05:34:17 UTC (rev 47887)
@@ -13011,10 +13011,11 @@
 	RESERVED
 CVE-2016-9318 (libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and ...)
 	- libxml2 <unfixed> (bug #844581)
-	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=772726#c15
-	NOTE: tentative patch available but not blessed by upstream yet (2016-12-13)
-	NOTE: For stable and oldstable it is probably not worth the effort to fix this problem.
-	NOTE: The reason is that the correction is to introduce a new option that can be specified if this new behaviour is wanted. It is not enforced by default.
+	NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=772726
+	NOTE: Tentative patch available but not blessed by upstream yet (2016-12-13) (cf. comment #15)
+	NOTE: For oldstable it is probably not worth the effort to fix this problem.
+	NOTE: The reason is that the correction is to introduce a new option that can be specified if this new behaviour
+	NOTE: is wanted. It is not enforced by default.
 CVE-2016-9317
 	RESERVED
 CVE-2016-9316




More information about the Secure-testing-commits mailing list