[Secure-testing-commits] r57388 - data/CVE

Mon Nov 6 22:07:48 UTC 2017

Author: jmm
Date: 2017-11-06 22:07:48 +0000 (Mon, 06 Nov 2017)
New Revision: 57388

Modified:
   data/CVE/list
Log:
one java issue apparently specific to Oracle Java
koji no-dsa


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2017-11-06 22:07:10 UTC (rev 57387)
+++ data/CVE/list	2017-11-06 22:07:48 UTC (rev 57388)
@@ -4106,6 +4106,7 @@
 	REJECTED
 CVE-2017-1002153 (Koji 1.13.0 does not properly validate SCM paths, allowing an attacker ...)
 	- koji <unfixed> (bug #877921)
+	[stretch] - koji <no-dsa> (Minor issue)
 	NOTE: https://pagure.io/koji/issue/563
 	NOTE: https://pagure.io/koji/c/ba7b5a3cbed11ade11c3af5e834c9a6de4f6d7c3
 CVE-2017-1000257 (An IMAP FETCH response line indicates the size of the returned data, ...)
@@ -18463,10 +18464,9 @@
 	- mysql-5.5 <not-affected> (Only affects MySQL 5.6 and 5.7)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10293 (Vulnerability in the Java SE component of Oracle Java SE ...)
-	- openjdk-8 8u151-b12-1
-	- openjdk-7 <removed>
-	- openjdk-6 <removed>
-	[wheezy] - openjdk-6 <end-of-life>
+	- openjdk-8 <not-affected> (Seems to be specific to Oracle Java)
+	- openjdk-7 <not-affected> (Seems to be specific to Oracle Java)
+	- openjdk-6 <not-affected> (Seems to be specific to Oracle Java)
 CVE-2017-10292 (Vulnerability in the RDBMS Security component of Oracle Database ...)
 	NOT-FOR-US: Oracle
 CVE-2017-10291


