[Secure-testing-commits] r57656 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Wed Nov 15 11:38:53 UTC 2017


Author: carnil
Date: 2017-11-15 11:38:53 +0000 (Wed, 15 Nov 2017)
New Revision: 57656

Modified:
   data/CVE/list
Log:
Add Status for varnish issue in jessie

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-15 11:34:49 UTC (rev 57655)
+++ data/CVE/list	2017-11-15 11:38:53 UTC (rev 57656)
@@ -23199,10 +23199,11 @@
 CVE-2017-8808 (MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 ...)
 	- mediawiki 1:1.27.4-1
 	NOTE: https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-November/000216.html
-CVE-2017-8807
+CVE-2017-8807 [Data leak - '-sfile' Stevedore transient objects]
 	RESERVED
 	- varnish <unfixed>
-	NOTE: http://varnish-cache.org/security/VSV00002.html#vsv00002
+	[jessie] - varnish <not-affected> (Vulnerable code not present, issue introduced in 4.1.0)
+	NOTE: http://varnish-cache.org/security/VSV00002.html
 CVE-2017-8806 (The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster ...)
 	{DSA-4029-1 DLA-1169-1}
 	- postgresql-common 188




More information about the Secure-testing-commits mailing list