[Secure-testing-commits] r50103 - data/CVE

[Antoine Beaupré]

Author: anarcat
Date: 2017-03-27 21:04:05 +0000 (Mon, 27 Mar 2017)
New Revision: 50103

Modified:
   data/CVE/list
Log:
CVE-2017-6507 no-dsa in wheezy



Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-03-27 20:39:08 UTC (rev 50102)
+++ data/CVE/list	2017-03-27 21:04:05 UTC (rev 50103)
@@ -1825,9 +1825,12 @@
 	NOT-FOR-US: burgundy-cms
 CVE-2017-6507 (An issue was discovered in AppArmor before 2.12. Incorrect handling of ...)
 	- apparmor <unfixed> (bug #858768)
+	[wheezy] - apparmor <no-dsa> (Experimental/unsupported feature)
 	NOTE: http://bazaar.launchpad.net/~apparmor-dev/apparmor/master/revision/3647
 	NOTE: http://bazaar.launchpad.net/~apparmor-dev/apparmor/master/revision/3648
 	NOTE: https://bugs.launchpad.net/apparmor/+bug/1668892
+	NOTE: affects only third-party rules, e.g. from Docker or LXC
+	NOTE: LXC in wheezy doesn't support proper isolation
 CVE-2017-6814 (In WordPress before 4.7.3, there is authenticated Cross-Site Scripting ...)
 	{DSA-3815-1 DLA-860-1}
 	- wordpress 4.7.3+dfsg-1 (bug #857026)