[Secure-testing-commits] r48576 - in data: . DLA
Balint Reczey
rbalint at moszumanska.debian.org
Mon Jan 30 21:06:19 UTC 2017
Author: rbalint
Date: 2017-01-30 21:06:19 +0000 (Mon, 30 Jan 2017)
New Revision: 48576
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Claim DLA-808-1 for ruby-archive-tar-minitar
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2017-01-30 20:51:10 UTC (rev 48575)
+++ data/DLA/list 2017-01-30 21:06:19 UTC (rev 48576)
@@ -1,3 +1,6 @@
+[30 Jan 2017] DLA-808-1 ruby-archive-tar-minitar - security update
+ {CVE-2016-10173}
+ [wheezy] - ruby-archive-tar-minitar 0.5.2-2+deb7u1
[30 Jan 2017] DLA-610-2 tiff3 - regression update
[wheezy] - tiff3 3.9.6-11+deb7u3
[30 Jan 2017] DLA-807-1 imagemagick - security update
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-01-30 20:51:10 UTC (rev 48575)
+++ data/dla-needed.txt 2017-01-30 21:06:19 UTC (rev 48576)
@@ -91,9 +91,6 @@
NOTE: Upstream is not going to fix CVE-2016-8686 since it believes it is not
NOTE: a bug (see #843861).
--
-ruby-archive-tar-minitar (Balint Reczey)
- NOTE: Vulnerable code is in lib/archive/tar/minitar/command.rb
---
slurm-llnl
NOTE: the patch from upstream uses new members of the struct batch_job_launch_msg_t
NOTE: from my point of view backporting the introduction of these new members to this old
More information about the Secure-testing-commits
mailing list