[Secure-testing-commits] r57430 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2017-11-08 05:34:08 +0000 (Wed, 08 Nov 2017)
New Revision: 57430

Modified:
   data/CVE/list
Log:
Mark ruby-yajl as no-dsa for stretch and jessie

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-08 05:32:08 UTC (rev 57429)
+++ data/CVE/list	2017-11-08 05:34:08 UTC (rev 57430)
@@ -286,7 +286,9 @@
 CVE-2017-16517
 	RESERVED
 CVE-2017-16516 (In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is ...)
-	- ruby-yajl <unfixed> (bug #880691)
+	- ruby-yajl <unfixed> (low; bug #880691)
+	[stretch] - ruby-yajl <no-dsa> (Minor issue)
+	[jessie] - ruby-yajl <no-dsa> (Minor issue)
 	NOTE: https://github.com/brianmario/yajl-ruby/issues/176
 	NOTE: https://github.com/brianmario/yajl-ruby/commit/0dc68aa50eaf50f323e18e705963d90221d93a24
 CVE-2017-16515