[Secure-testing-commits] r50099 - data/CVE

Antoine Beaupré anarcat at moszumanska.debian.org
Mon Mar 27 20:09:11 UTC 2017 

Author: anarcat
Date: 2017-03-27 20:09:11 +0000 (Mon, 27 Mar 2017)
New Revision: 50099

Modified:
   data/CVE/list
Log:
follow jessie and mark binutils as no-dsa in wheezy

those issues are minor in that they affect mostly development and
debugging tools one should be running on stable anyways and unlikely
to still be in use in wheezy.


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-27 19:29:37 UTC (rev 50098)
+++ data/CVE/list	2017-03-27 20:09:11 UTC (rev 50099)
@@ -192,27 +192,32 @@
 	RESERVED
 CVE-2017-7227 (GNU linker (ld) in GNU Binutils 2.28 is vulnerable to a heap-based ...)
 	- binutils 2.27.51.20161212-1
+	[wheezy] - binutils <no-dsa> (Minor issue)
 	[jessie] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20906
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=406bd128dba2a59d0736839fc87a59bce319076c
 CVE-2017-7226 (The pe_ILF_object_p function in the Binary File Descriptor (BFD) ...)
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <no-dsa> (Minor issue)
+	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20905
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=fa6631b4eecfcca00c13b9594e6336dffd40982f
 CVE-2017-7225 (The find_nearest_line function in addr2line in GNU Binutils 2.28 does ...)
 	- binutils 2.27.51.20161201-1
 	[jessie] - binutils <no-dsa> (Minor issue)
+	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20891
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=50455f1ab2935f7321215dfa681745c9b1cb5b19
 CVE-2017-7224 (The find_nearest_line function in objdump in GNU Binutils 2.28 is ...)
 	- binutils 2.27.51.20161201-1
 	[jessie] - binutils <no-dsa> (Minor issue)
+	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20892
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e82ab856bb4689330c29fb9f1c57a8555b26380e
 CVE-2017-7223 (GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer ...)
 	- binutils 2.27.51.20161212-1
 	[jessie] - binutils <no-dsa> (Minor issue)
+	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=20898
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=69ace2200106348a1b00d509a6a234337c104c17
 CVE-2017-7222 (A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 ...)
@@ -257,6 +262,7 @@
 CVE-2017-7210 (objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based ...)
 	- binutils <unfixed> (low; bug #858324)
 	[jessie] - binutils <no-dsa> (Minor issue)
+	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21157
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a2dea0b20bc66a4c287c3c50002b8c3b3e9d953a
 CVE-2017-7209 (The dump_section_as_bytes function in readelf in GNU Binutils 2.28 ...)
@@ -786,6 +792,7 @@
 CVE-2017-6969 (readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer ...)
 	- binutils <unfixed> (bug #858256)
 	[jessie] - binutils <no-dsa> (Minor issue)
+	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21156
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b814a36d3440de95f2ac6eaa4fc7935c322ea456
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=43a444f9c5bfd44b4304eafd78338e21d54bea14
@@ -802,11 +809,13 @@
 CVE-2017-6966 (readelf in GNU Binutils 2.28 has a use-after-free (specifically ...)
 	- binutils <unfixed> (bug #858263)
 	[jessie] - binutils <no-dsa> (Minor issue)
+	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21139
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f84ce13b6708801ca1d6289b7c4003e2f5a6d7f9
 CVE-2017-6965 (readelf in GNU Binutils 2.28 writes to illegal addresses while ...)
 	- binutils <unfixed> (bug #858264)
 	[jessie] - binutils <no-dsa> (Minor issue)
+	[wheezy] - binutils <no-dsa> (Minor issue)
 	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=21137
 	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=03f7786e2f440b9892b1c34a58fb26222ce1b493
 CVE-2017-6964

More information about the Secure-testing-commits mailing list