[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] triage systemd and mr out of wheezy

Antoine Beaupré anarcat at debian.org
Fri Feb 16 15:50:26 UTC 2018 

Antoine Beaupré pushed to branch master at Debian Security Tracker / security-tracker


Commits:
359c3a7a by Antoine Beaupré at 2018-02-16T10:40:43-05:00
triage systemd and mr out of wheezy

mr follows triage in jessie

systemd/CVE-2018-6954 is triaged like CVE-2013-4392 although I'm feel
that wheezy *may* have support for tmpfiles.d - at least the manpage
is there... considering how limited systemd support was in wheezy,
however, i suspect it's fair to assume it's not largely used.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -486,6 +486,7 @@ CVE-2018-7032 (webcheckout in myrepos through 1.20171231 does not sanitize URLs 
 	[stretch] - myrepos <no-dsa> (Minor issue)
 	[jessie] - myrepos <no-dsa> (Minor issue)
 	- mr <removed>
+	[wheezy] - mr <no-dsa> (Minor issue)
 CVE-2018-6956
 	RESERVED
 CVE-2018-6955
@@ -493,6 +494,7 @@ CVE-2018-6955
 CVE-2018-6954 (systemd-tmpfiles in systemd through 237 mishandles symlinks present in ...)
 	- systemd <unfixed>
 	NOTE: https://github.com/systemd/systemd/issues/7986
+	[wheezy] - systemd <not-affected> (/etc/tmpfiles.d not supported in Wheezy)
 CVE-2018-6953 (In CCN-lite 2, the Parser of NDNTLV does not verify whether a certain ...)
 	NOT-FOR-US: CCN-lite 2
 CVE-2018-6952 (A double free exists in the another_hunk function in pch.c in GNU patch ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/359c3a7a65318331ec2507fb547651299ea207a7

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/359c3a7a65318331ec2507fb547651299ea207a7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180216/505c7667/attachment.html>

More information about the Secure-testing-commits mailing list