[Secure-testing-commits] r57315 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Nov 4 16:08:05 UTC 2017
Author: carnil
Date: 2017-11-04 16:08:04 +0000 (Sat, 04 Nov 2017)
New Revision: 57315
Modified:
data/CVE/list
Log:
Mark apr issue as no-dsa
Stefan Fritsch confirmed on IRC that the issue is rather minor and is
not warranting a DSA. Similarly might be apr-utils issue, but needs
still to be further checked.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-04 10:11:58 UTC (rev 57314)
+++ data/CVE/list 2017-11-04 16:08:04 UTC (rev 57315)
@@ -11195,6 +11195,8 @@
RESERVED
CVE-2017-12613 (When apr_exp_time*() or apr_os_exp_time*() functions are invoked with ...)
- apr <unfixed> (low; bug #879708)
+ [stretch] - apr <no-dsa> (Minor issue)
+ [jessie] - apr <no-dsa> (Minor issue)
NOTE: mail-archives.apache.org/mod_mbox/apr-dev/201710.mbox/%3CCACsi252POs4toeJJciwg09_eu2cO3XFg%3DUqsPjXsfjDoeC3-UQ%40mail.gmail.com%3E
NOTE: Fixed by: https://github.com/apache/apr/commit/ad958385a4180d7a83d90589689fcd36e3bbc57a
CVE-2017-12612 (In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe ...)
More information about the Secure-testing-commits
mailing list