[Secure-testing-commits] r52003 - data/CVE
Moritz Muehlenhoff
jmm at moszumanska.debian.org
Sat May 27 22:18:00 UTC 2017
Author: jmm
Date: 2017-05-27 22:18:00 +0000 (Sat, 27 May 2017)
New Revision: 52003
Modified:
data/CVE/list
Log:
gdm3 no-dsa
remove some source packages CVE-2013-2255, they're mentioned in the upstream
bug, but were clearly not treated as security issues by upstream during the
last four years
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-27 22:10:57 UTC (rev 52002)
+++ data/CVE/list 2017-05-27 22:18:00 UTC (rev 52003)
@@ -39165,6 +39165,7 @@
CVE-2016-1000002
RESERVED
- gdm3 <unfixed> (low; bug #849432)
+ [stretch] - gdm3 <no-dsa> (Minor issue)
[jessie] - gdm3 <no-dsa> (Minor issue)
[wheezy] - gdm3 <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1391126
@@ -120130,15 +120131,8 @@
[wheezy] - nova <not-affected> (Affected code not present)
CVE-2013-2255 [Inconsistent and non-validating HTTPS client]
RESERVED
- - cinder <unfixed>
- [jessie] - cinder <no-dsa> (Minor issue)
- keystone 2014.1-1
[wheezy] - keystone <no-dsa> (Minor issue)
- - nova <unfixed>
- [jessie] - nova <no-dsa> (Minor issue)
- [wheezy] - nova <no-dsa> (Minor issue)
- - quantum <unfixed>
- [wheezy] - quantum <no-dsa> (Minor issue)
- swift <not-affected> (See https://bugs.launchpad.net/keystone/+bug/1188189/comments/5)
NOTE: Fixes for keystone: https://review.openstack.org/#/c/76476/
CVE-2013-2254 (The deepGetOrCreateNode function in ...)
More information about the Secure-testing-commits
mailing list