[Secure-testing-commits] r53310 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat Jul 8 21:44:38 UTC 2017
Author: jmm
Date: 2017-07-08 21:44:38 +0000 (Sat, 08 Jul 2017)
New Revision: 53310
Modified:
data/CVE/list
Log:
vim bug
puppet n/a
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-08 21:43:28 UTC (rev 53309)
+++ data/CVE/list 2017-07-08 21:44:38 UTC (rev 53310)
@@ -11,7 +11,7 @@
- catdoc <unfixed> (bug #867717)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1468471
CVE-2017-11109 (Vim 8.0 allows attackers to cause a denial of service (invalid free) or ...)
- - vim <unfixed>
+ - vim <unfixed> (low; bug #867720)
[stretch] - vim <no-dsa> (Minor issue)
[jessie] - vim <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1468492
@@ -25192,8 +25192,8 @@
NOTE: https://puppet.com/security/cve/cve-2017-2295
NOTE: https://github.com/puppetlabs/puppet/commit/06d8c51367ca932b9da5d9b01958cfc0adf0f2ea
CVE-2017-2294 (Versions of Puppet Enterprise prior to 2016.4.5 or 2017.2.1 failed to ...)
- - puppet <undetermined>
- TODO: check if really only Enterprise version
+ - puppet <not-affected> (Doesn't affect Puppet as shipped in Debian)
+ NOTE: Puppet as shipped in Debian doesn't provide puppetdb yet
CVE-2017-2293
RESERVED
CVE-2017-2292 (Versions of MCollective prior to 2.10.4 deserialized YAML from agents ...)
More information about the Secure-testing-commits
mailing list