[Secure-testing-commits] r57119 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Sun Oct 29 19:56:20 UTC 2017


Author: carnil
Date: 2017-10-29 19:56:20 +0000 (Sun, 29 Oct 2017)
New Revision: 57119

Modified:
   data/CVE/list
Log:
Mark dulwich issue as no-dsa

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-10-29 18:34:27 UTC (rev 57118)
+++ data/CVE/list	2017-10-29 19:56:20 UTC (rev 57119)
@@ -9054,6 +9054,8 @@
 	NOTE: Non-privileged user namespaces disabled by default, only exploitable by arbitrary user if sysctl kernel.unprivileged_userns_clone=1
 CVE-2017-XXXX [dulwich: Prevents setting SSH arguments from SSH URLs when using SSH through a subprocess]
 	- dulwich 0.18.5-1
+	[stretch] - dulwich <no-dsa> (Minor issue)
+	[jessie] - dulwich <no-dsa> (Minor issue)
 	NOTE: https://www.dulwich.io/code/dulwich/commit/7116a0cbbda571f7dac863f4b1c00b6e16d6d8d6/
 	NOTE: This is similar class of issue as for CVE-2017-1000117/git
 	NOTE: But needs a separate CVE since different codebasis.




More information about the Secure-testing-commits mailing list