[Secure-testing-commits] r53867 - in data: . CVE
Markus Koschany
apo at moszumanska.debian.org
Mon Jul 24 19:37:19 UTC 2017
Author: apo
Date: 2017-07-24 19:37:19 +0000 (Mon, 24 Jul 2017)
New Revision: 53867
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Claim catdoc in dla-needed.txt and remove no-dsa tag for
CVE-2017-11110. The version of catdoc in Wheezy and Jessie are identical. We
just follow Jessie because the issue was already fixed there.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-07-24 18:11:01 UTC (rev 53866)
+++ data/CVE/list 2017-07-24 19:37:19 UTC (rev 53867)
@@ -1459,7 +1459,6 @@
CVE-2017-11110 (The ole_init function in ole.c in catdoc 0.95 allows remote attackers ...)
{DSA-3917-1}
- catdoc 1:0.95-3 (bug #867717)
- [wheezy] - catdoc <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1468471
CVE-2017-11109 (Vim 8.0 allows attackers to cause a denial of service (invalid free) or ...)
{DLA-1030-1}
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-07-24 18:11:01 UTC (rev 53866)
+++ data/dla-needed.txt 2017-07-24 19:37:19 UTC (rev 53867)
@@ -23,6 +23,8 @@
--
cairo (Emilio Pozuelo)
--
+catdoc (Markus Koschany)
+--
check-mk
NOTE: the code is different in wheezy but from a cursory look, there
NOTE: might be multiple places where error messages are not properly
More information about the Secure-testing-commits
mailing list