[Secure-testing-commits] r48004 - in data: . CVE
Ola Lundqvist
opal at moszumanska.debian.org
Fri Jan 13 21:22:41 UTC 2017
Author: opal
Date: 2017-01-13 21:22:41 +0000 (Fri, 13 Jan 2017)
New Revision: 48004
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Marking CVE-2016-9318 as no-dsa for wheezy. No-one objected to my statement.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-13 21:13:57 UTC (rev 48003)
+++ data/CVE/list 2017-01-13 21:22:41 UTC (rev 48004)
@@ -13152,6 +13152,7 @@
RESERVED
CVE-2016-9318 (libxml2 2.9.4 and earlier, as used in XMLSec 1.2.23 and earlier and ...)
- libxml2 <unfixed> (bug #844581)
+ [wheezy] - libxml2 <no-dsa> (Minor issue)
NOTE: Upstream Bug: https://bugzilla.gnome.org/show_bug.cgi?id=772726
NOTE: Tentative patch available but not blessed by upstream yet (2016-12-13) (cf. comment #15)
NOTE: For wheezy it is probably not worth the effort to fix this problem.
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-01-13 21:13:57 UTC (rev 48003)
+++ data/dla-needed.txt 2017-01-13 21:22:41 UTC (rev 48004)
@@ -57,8 +57,6 @@
NOTE: no upstream fix yet for expand_external_ents but new no_xxe flag in 3.50
NOTE: could be backported (2016-12-13)
--
-libxml2
---
linux
--
ming (Balint Reczey)
More information about the Secure-testing-commits
mailing list