[Secure-testing-commits] r56788 - in data: . CVE DSA

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Oct 17 21:14:57 UTC 2017 

Author: jmm
Date: 2017-10-17 21:14:56 +0000 (Tue, 17 Oct 2017)
New Revision: 56788

Modified:
   data/CVE/list
   data/DSA/list
   data/dsa-needed.txt
Log:
xorg-server DSA


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-17 21:10:15 UTC (rev 56787)
+++ data/CVE/list	2017-10-17 21:14:56 UTC (rev 56788)
@@ -38276,6 +38276,7 @@
 CVE-2017-2624 [Timing attack against MIT Cookie]
 	RESERVED
 	- xorg-server 2:1.19.2-1 (low; bug #856398)
+	[jessie] - xorg-server 2:1.16.4-1+deb8u2
 	[wheezy] - xorg-server <no-dsa> (Minor issue, can be fixed in a point update or next DSA)
 	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2017-001-xorg/
 CVE-2017-2623
@@ -90973,6 +90974,7 @@
 	[wheezy] - postgresql-8.4 <not-affected> (postgresql-8.4 in wheezy only provides PL/Perl; EOL upstream)
 CVE-2015-3164 (The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 ...)
 	- xorg-server 2:1.17.2-1 (bug #788410)
+	[jessie] - xorg-server 2:1.16.4-1+deb8u2
 	[wheezy] - xorg-server <not-affected> (XWayland not present)
 	[squeeze] - xorg-server <not-affected> (XWayland not present)
 	NOTE: http://lists.freedesktop.org/archives/wayland-devel/2015-June/022548.html

Modified: data/DSA/list
===================================================================
--- data/DSA/list	2017-10-17 21:10:15 UTC (rev 56787)
+++ data/DSA/list	2017-10-17 21:14:56 UTC (rev 56788)
@@ -1,3 +1,7 @@
+[17 Oct 2017] DSA-4000-1 xorg-server - security update
+	{CVE-2017-12176 CVE-2017-12177 CVE-2017-12178 CVE-2017-12179 CVE-2017-12180 CVE-2017-12181 CVE-2017-12182 CVE-2017-12183 CVE-2017-12184 CVE-2017-12185 CVE-2017-12186 CVE-2017-12187 CVE-2017-13721 CVE-2017-13723}
+	[jessie] - xorg-server 2:1.16.4-1+deb8u2
+	[stretch] - xorg-server 2:1.19.2-1+deb9u2
 [16 Oct 2017] DSA-3999-1 wpa - security update
 	{CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088}
 	[jessie] - wpa 2.3-1+deb8u5

Modified: data/dsa-needed.txt
===================================================================
--- data/dsa-needed.txt	2017-10-17 21:10:15 UTC (rev 56787)
+++ data/dsa-needed.txt	2017-10-17 21:14:56 UTC (rev 56788)
@@ -70,7 +70,5 @@
 --
 xen
 --
-xorg-server (jmm)
---
 zendframework/oldstable
 --

More information about the Secure-testing-commits mailing list