[Secure-testing-commits] r57957 - in data: . CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Thu Nov 23 14:03:24 UTC 2017
Author: hertzog
Date: 2017-11-23 14:03:24 +0000 (Thu, 23 Nov 2017)
New Revision: 57957
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Add couchdb to dla-needed.txt
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-23 13:09:09 UTC (rev 57956)
+++ data/CVE/list 2017-11-23 14:03:24 UTC (rev 57957)
@@ -12749,9 +12749,12 @@
CVE-2017-12636 (CouchDB administrative users can configure the database server via ...)
- couchdb <removed>
NOTE: http://www.openwall.com/lists/oss-security/2017/11/14/6
+ NOTE: Likely patch for 1.2.x: https://github.com/apache/couchdb/commit/9a28df7e9703a1a3420e7616c4d33a523ee06354
+ NOTE: Possibly needs more updates: https://github.com/apache/couchdb/commit/bf6b6a1c84321baee2c4ad354059a45e0b8fdec7
CVE-2017-12635 (Due to differences in the Erlang-based JSON parser and ...)
- couchdb <removed>
NOTE: http://www.openwall.com/lists/oss-security/2017/11/14/6
+ NOTE: Likely patch for 1.2.x: https://github.com/apache/couchdb/commit/3706a77c13a78672e5a3fbde06e7bffd3665f73b
CVE-2017-12634 (The camel-castor component in Apache Camel 2.x before 2.19.4 and ...)
NOT-FOR-US: Apache Camel
CVE-2017-12633 (The camel-hessian component in Apache Camel 2.x before 2.19.4 and ...)
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-11-23 13:09:09 UTC (rev 57956)
+++ data/dla-needed.txt 2017-11-23 14:03:24 UTC (rev 57957)
@@ -14,6 +14,9 @@
NOTE: 20170719: maintainer will handle the upload, see https://lists.debian.org/d0b9674a-ac5b-5cc9-1982-fb6f36155c5a@pbandjelly.org
NOTE: 20171013: anarcat pinged maintainer: https://lists.debian.org/87efpuc95w.fsf@curie.anarc.at
--
+couchdb
+ NOTE: Only in wheezy, we are on our own.
+--
exiv2
--
irssi (Rhonda D'Vine)
More information about the Secure-testing-commits
mailing list