[Secure-testing-commits] r58003 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Nov 24 21:08:51 UTC 2017


Author: carnil
Date: 2017-11-24 21:08:51 +0000 (Fri, 24 Nov 2017)
New Revision: 58003

Modified:
   data/CVE/list
Log:
CVE-2017-1000382: Remove github reference

Rationale: The github commit was basically just an attempt to address
the issue, but it turns out that the commit does not fix the issue.

Workaround/Mitigation/Protection exists by moving thes swap file
location e.g. to ~/.vim/swap/ (with potentially some drawbacks).

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-11-24 21:02:57 UTC (rev 58002)
+++ data/CVE/list	2017-11-24 21:08:51 UTC (rev 58003)
@@ -2149,7 +2149,6 @@
 	[jessie] - vim <no-dsa> (Minor issue)
 	[wheezy] - vim <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2017/10/31/15
-	NOTE: https://github.com/vim/vim/commit/5a73e0ca54c77e067c3b12ea6f35e3e8681e8cf8
 CVE-2017-16248 (The Catalyst-Plugin-Static-Simple module before 0.34 for Perl allows ...)
 	- libcatalyst-plugin-static-simple-perl 0.34-1 (bug #880458)
 	[stretch] - libcatalyst-plugin-static-simple-perl <no-dsa> (Minor issue)




More information about the Secure-testing-commits mailing list