[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Mark python2.7 and python2.6 no-dsa for CVE-2018-1000030
Brian May
bam at debian.org
Wed Feb 7 21:00:01 UTC 2018
Brian May pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ca900181 by Brian May at 2018-02-08T07:57:33+11:00
Mark python2.7 and python2.6 no-dsa for CVE-2018-1000030
This has already been done for Jessie and Stretch. Plus upstream thinks
this isn't a security issue.
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1269,7 +1269,9 @@ CVE-2018-1000030 [Heap-Buffer-Overflow and Heap-Use-After-Free in Objects/fileob
- python2.7 2.7.14-5
[stretch] - python2.7 <no-dsa> (Minor issue)
[jessie] - python2.7 <no-dsa> (Minor issue)
+ [wheezy] - python2.7 <no-dsa> (Minor issue)
- python2.6 <removed>
+ [wheezy] - python2.6 <no-dsa> (Minor issue)
NOTE: Original report: https://bugs.python.org/issue31530
NOTE: https://bugs.python.org/file47157/0001-stop-crashes-when-iterating-over-a-file-on-multiple-.patch
NOTE: which was followed by a pull request to fix the issue:
=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -64,10 +64,6 @@ openjdk-7 (Emilio Pozuelo)
--
python-crypto
--
-python2.6
---
-python2.7 (Abhijith PA)
---
simplesamlphp (Abhijith PA)
--
tomcat-native (Markus Koschany)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ca9001819334d39944f89b8799ea63c07b0bc502
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/ca9001819334d39944f89b8799ea63c07b0bc502
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180207/1112a8fc/attachment-0001.html>
More information about the Secure-testing-commits
mailing list