[Secure-testing-commits] r57782 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sat Nov 18 14:44:38 UTC 2017


Author: carnil
Date: 2017-11-18 14:44:38 +0000 (Sat, 18 Nov 2017)
New Revision: 57782

Modified:
   data/CVE/list
Log:
Add mariadb-10.1 issues and mark as postponed for stretch

There is no urgency to have a seprate DSA release for this update since
the CVE are fairly minor (at least from the available information).

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-18 13:06:09 UTC (rev 57781)
+++ data/CVE/list	2017-11-18 14:44:38 UTC (rev 57782)
@@ -19340,12 +19340,15 @@
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 CVE-2017-10378 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	{DSA-4002-1 DLA-1141-1}
+	- mariadb-10.1 10.1.29-1
+	[stretch] - mariadb-10.1 <postponed> (Minor issue)
 	- mariadb-10.0 <removed>
 	[jessie] - mariadb-10.0 <postponed> (Minor issue)
 	- mysql-5.7 <not-affected> (Fixed before initial release to Debian, upstream 5.7.12)
 	- mysql-5.5 <removed> (bug #878402)
 	NOTE: http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html#AppendixMSQL
 	NOTE: https://jira.mariadb.org/browse/MDEV-13819
+	NOTE: https://github.com/MariaDB/server/commit/b000e169562697aa072600695d4f0c0412f94f4f
 CVE-2017-10377
 	RESERVED
 CVE-2017-10376
@@ -19657,6 +19660,8 @@
 	NOT-FOR-US: Oracle
 CVE-2017-10268 (Vulnerability in the MySQL Server component of Oracle MySQL ...)
 	{DSA-4002-1 DLA-1141-1}
+	- mariadb-10.1 10.1.29-1
+	[stretch] - mariadb-10.1 <postponed> (Minor issue)
 	- mariadb-10.0 <removed>
 	[jessie] - mariadb-10.0 <postponed> (Minor issue)
 	- mysql-5.7 <unfixed> (bug #878398)




More information about the Secure-testing-commits mailing list