[Secure-testing-commits] r53480 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Jul 14 06:16:38 UTC 2017


Author: jmm
Date: 2017-07-14 06:16:37 +0000 (Fri, 14 Jul 2017)
New Revision: 53480

Modified:
   data/CVE/list
Log:
mark as important, follows a similar policy like glibc


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-07-13 21:52:30 UTC (rev 53479)
+++ data/CVE/list	2017-07-14 06:16:37 UTC (rev 53480)
@@ -349,9 +349,8 @@
 CVE-2017-11165 (dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive ...)
 	NOT-FOR-US: dataTaker
 CVE-2017-11164 (In PCRE 8.41, the OP_KETRMAX feature in the match function in ...)
-	- pcre3 <unfixed>
+	- pcre3 <unfixed> (unimportant)
 	NOTE: http://openwall.com/lists/oss-security/2017/07/11/3
-	TODO: check, most likely to be marked unimportant, as per referenced thread
 CVE-2017-11163 (Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in ...)
 	- cacti 1.1.12+ds1-1 (bug #868080)
 	[stretch] - cacti <not-affected> (Vulnerable code introduced later)




More information about the Secure-testing-commits mailing list