[Secure-testing-commits] r53361 - in data: . CVE
Thorsten Alteholz
alteholz at moszumanska.debian.org
Mon Jul 10 14:05:43 UTC 2017
Author: alteholz
Date: 2017-07-10 14:05:43 +0000 (Mon, 10 Jul 2017)
New Revision: 53361
Modified:
data/CVE/list
data/dla-needed.txt
Log:
ark CVE-2017-9847 as not-affected for Wheezy
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-10 13:56:42 UTC (rev 53360)
+++ data/CVE/list 2017-07-10 14:05:43 UTC (rev 53361)
@@ -1641,6 +1641,7 @@
NOT-FOR-US: Easysite
CVE-2017-9847 (The bdecode function in bdecode.cpp in libtorrent 1.1.3 allows remote ...)
- libtorrent-rasterbar <unfixed> (bug #865845)
+ [wheezy] - libtorrent-rasterbar <not-affected> (new bdecode introduced in 1.1.0; vulnerable code not present)
NOTE: https://github.com/arvidn/libtorrent/issues/2099
NOTE: Fixed by: https://github.com/arvidn/libtorrent/commit/ec30a5e9ec703afb8abefba757c6d401303b53db
CVE-2017-9846 (Winmail Server 6.1 allows remote code execution by authenticated users ...)
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-07-10 13:56:42 UTC (rev 53360)
+++ data/dla-needed.txt 2017-07-10 14:05:43 UTC (rev 53361)
@@ -86,9 +86,6 @@
libtasn1-3 (Thorsten Alteholz)
NOTE: 20170702, no upstream fix yet
--
-libtorrent-rasterbar (Thorsten Alteholz)
- NOTE: 20170702 sent email to maintainer
---
libxml-libxml-perl
NOTE: 20170702, no upstream fix yet, so no need to bother maintainer yet, sent email later
--
More information about the Secure-testing-commits
mailing list