[Secure-testing-commits] r57051 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Sat Oct 28 08:35:44 UTC 2017
Author: carnil
Date: 2017-10-28 08:35:44 +0000 (Sat, 28 Oct 2017)
New Revision: 57051
Modified:
data/CVE/list
Log:
Add some clarification to note for CVE-2017-11613
The note probably should be dropped completely as classification by Red
Hat and Debian often diverge. We might mark it as unimportant instead if
the memory leak/issue should actually be handled by the calling
application or mark it otherwise as no-dsa if we know the problem is
present as well in the other supported releases.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-28 08:23:00 UTC (rev 57050)
+++ data/CVE/list 2017-10-28 08:35:44 UTC (rev 57051)
@@ -11984,7 +11984,9 @@
- tiff <unfixed> (bug #869823)
- tiff3 <removed>
NOTE: https://gist.github.com/dazhouzhou/1a3b7400547f23fe316db303ab9b604f
- NOTE: RedHat marked this NOTABUG: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-11613
+ NOTE: Red Hat marked this NOTABUG: https://bugzilla.redhat.com/show_bug.cgi?id=1475530
+ NOTE: NOTABUG in RHEL context only means in most cases that Red Hat does not intent
+ NOTE: to address this issue.
CVE-2017-11612 (In Joomla! before 3.7.4, inadequate filtering of potentially malicious ...)
NOT-FOR-US: Joomla!
CVE-2016-10401 (ZyXEL PK5001Z devices have zyad5001 as the su password, which makes it ...)
More information about the Secure-testing-commits
mailing list