[Secure-testing-commits] r49894 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Tue Mar 21 18:20:06 UTC 2017
Author: jmm
Date: 2017-03-21 18:20:06 +0000 (Tue, 21 Mar 2017)
New Revision: 49894
Modified:
data/CVE/list
Log:
update for glance
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-03-21 18:11:46 UTC (rev 49893)
+++ data/CVE/list 2017-03-21 18:20:06 UTC (rev 49894)
@@ -42,11 +42,14 @@
CVE-2017-7199
RESERVED
CVE-2017-7200 (An SSRF issue was discovered in OpenStack Glance before Newton. The ...)
- - glance <unfixed>
+ - glance 2:13.0.0-1
+ [jessie] - glance <no-dsa> (Minor issue, too intrusive to backport)
NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0078
NOTE: https://bugs.launchpad.net/ossn/+bug/1606495
NOTE: https://bugs.launchpad.net/ossn/+bug/1153614
- TODO: check affected versions
+ NOTE: https://bugs.launchpad.net/ossn/+bug/1153614
+ NOTE: The only implemented solution is to move to the v2 API (deprecated in 2:13.0.0-1, using
+ NOTE: that as the fixed version)
CVE-2017-7198
RESERVED
CVE-2017-7197
@@ -86,7 +89,6 @@
NOTE: https://github.com/erlang/otp/pull/1108
CVE-2017-7184 (The linux-image-* package 4.8.0.41.52 for the Linux kernel on Ubuntu ...)
- linux <undetermined>
- TODO: check as soon more details are available to see if this is specific to Ubuntu
CVE-2017-7186 (libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote ...)
- pcre3 <unfixed> (bug #858230)
- pcre2 <unfixed> (bug #858233)
More information about the Secure-testing-commits
mailing list