[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add CVE-2017-18189 for DLA-1197-1

Salvatore Bonaccorso carnil at debian.org
Sat Feb 17 19:43:01 UTC 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c94cd4f3 by Salvatore Bonaccorso at 2018-02-17T20:42:44+01:00
Add CVE-2017-18189 for DLA-1197-1

Reason: The cross reference to DLA's is build from data/DLA/list as
master reference. Adding only to data/CVE/list will invalidate the entry
on next automatic build of references.

This ensures the cross-reference is properly build.

Alternatively, if one does not want a later finding of a CVE be directly
associated with a DLA/DSA, one can add

	[wheezy] - sox 14.4.0-3+deb7u2

to data/CVE/list, marking the fix as well in the given version, but not
associating it to the DLA.

- - - - -


1 changed file:

- data/DLA/list


Changes:

=====================================
data/DLA/list
=====================================
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -270,7 +270,7 @@
 	{CVE-2017-15266 CVE-2017-15267 CVE-2017-15600 CVE-2017-15601 CVE-2017-15602 CVE-2017-15922}
 	[wheezy] - libextractor 1:0.6.3-5+deb7u1
 [30 Nov 2017] DLA-1197-1 sox - security update
-	{CVE-2017-11332 CVE-2017-11358 CVE-2017-11359 CVE-2017-15370 CVE-2017-15371 CVE-2017-15372 CVE-2017-15642}
+	{CVE-2017-11332 CVE-2017-11358 CVE-2017-11359 CVE-2017-15370 CVE-2017-15371 CVE-2017-15372 CVE-2017-15642 CVE-2017-18189}
 	[wheezy] - sox 14.4.0-3+deb7u2
 [30 Nov 2017] DLA-1196-1 optipng - security update
 	{CVE-2017-16938}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c94cd4f36e7b5898a28c3544a26561a4881aad34

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c94cd4f36e7b5898a28c3544a26561a4881aad34
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180217/c7bd9a78/attachment.html>

More information about the Secure-testing-commits mailing list