[Secure-testing-commits] r52974 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Jun 28 08:54:30 UTC 2017
Author: carnil
Date: 2017-06-28 08:54:30 +0000 (Wed, 28 Jun 2017)
New Revision: 52974
Modified:
data/CVE/list
Log:
Mark CVE-2017-9841/phunit as no-dsa for stretch
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-06-28 08:27:54 UTC (rev 52973)
+++ data/CVE/list 2017-06-28 08:54:30 UTC (rev 52974)
@@ -318,6 +318,7 @@
RESERVED
CVE-2017-9841 (Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 ...)
- phpunit <unfixed> (bug #866200)
+ [stretch] - phpunit <no-dsa> (Can be fixed via a point release, Minor issue; not to be used exposed on production servers)
[jessie] - phpunit <not-affected> (Issue introduced later; vulnerable code not present)
[wheezy] - phpunit <not-affected> (Issue introduced later; vulnerable code not present)
NOTE: https://github.com/sebastianbergmann/phpunit/pull/1956
More information about the Secure-testing-commits
mailing list