[Secure-testing-commits] r56993 - in data: . CVE
Raphaël Hertzog
hertzog at moszumanska.debian.org
Thu Oct 26 16:31:39 UTC 2017
Author: hertzog
Date: 2017-10-26 16:31:39 +0000 (Thu, 26 Oct 2017)
New Revision: 56993
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Demote CVE-2017-0378 on wheezy to no-dsa like the security team did
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-26 16:29:06 UTC (rev 56992)
+++ data/CVE/list 2017-10-26 16:31:39 UTC (rev 56993)
@@ -44544,6 +44544,7 @@
- phamm <unfixed> (bug #868988)
[stretch] - phamm <no-dsa> (Minor issue)
[jessie] - phamm <no-dsa> (Minor issue)
+ [wheezy] - phamm <no-dsa> (Minor issue)
NOTE: https://github.com/lota/phamm/issues/21
NOTE: https://github.com/lota/phamm/commit/331bdbf0e79632385495fa62e087a6b4cf78857e
CVE-2017-0377 (Tor 0.3.x before 0.3.0.9 has a guard-selection algorithm that only ...)
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-10-26 16:29:06 UTC (rev 56992)
+++ data/dla-needed.txt 2017-10-26 16:31:39 UTC (rev 56993)
@@ -80,9 +80,6 @@
--
openjdk-7 (Emilio Pozuelo)
--
-phamm
- NOTE: no upstream fixed yet, therefore maintainers not yet contacted
---
pngcrush
NOTE: CVE-2015-7700: the problematic call to png_free_data() is present
NOTE: in wheezy but it's not clear to me where the other call to free() is.
More information about the Secure-testing-commits
mailing list