[Secure-testing-commits] r56991 - in data: . DLA
Raphaël Hertzog
hertzog at moszumanska.debian.org
Thu Oct 26 15:47:18 UTC 2017
Author: hertzog
Date: 2017-10-26 15:47:18 +0000 (Thu, 26 Oct 2017)
New Revision: 56991
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-1146-1 for mosquitto
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2017-10-26 15:36:28 UTC (rev 56990)
+++ data/DLA/list 2017-10-26 15:47:18 UTC (rev 56991)
@@ -1,3 +1,6 @@
+[26 Oct 2017] DLA-1146-1 mosquitto - security update
+ {CVE-2017-9868}
+ [wheezy] - mosquitto 0.15-2+deb7u2
[26 Oct 2017] DLA-1145-1 zoneminder - security update
{CVE-2017-5595}
[wheezy] - zoneminder 1.25.0-4+deb7u2
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-10-26 15:36:28 UTC (rev 56990)
+++ data/dla-needed.txt 2017-10-26 15:47:18 UTC (rev 56991)
@@ -59,8 +59,6 @@
ming (Hugo Lefeuvre)
NOTE: 20171014: wip, currently working on it with upstream, might take a while
--
-mosquitto (Roger A. Leigh/Gianfranco Costamagna)
---
mp3gain
NOTE: Successfully reproduced CVE-2017-144{09, 07} but couldn't reproduce CVE-2017-144{06, 08, 10, 11, 12} (valgrind in Wheezy, gcc+asan in Jessie).
NOTE: Bundles a modified, old version of mpg123 under mpglibDBL/, so issues might be already discovered/fixed in mpg123 or lame:
More information about the Secure-testing-commits
mailing list