[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] CVE-2018-6794/suricata: add note about wheezy
Santiago R.R.
santiago at debian.org
Mon Feb 19 23:10:33 UTC 2018
Santiago R.R. pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0241ef43 by Santiago R.R at 2018-02-20T00:09:49+01:00
CVE-2018-6794/suricata: add note about wheezy
Signed-off-by: Santiago R.R <santiagorr at riseup.net>
- - - - -
1 changed file:
- data/dla-needed.txt
Changes:
=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -77,10 +77,8 @@ opencv (Thorsten Alteholz)
openjdk-7 (Emilio Pozuelo)
--
suricata (Santiago R.R.)
- NOTE: Hard to tell whether the package is vulnerable. DetectFlow in detect.c
- NOTE: does not exist. Code seems to be in SigMatchSignatures instead.
- NOTE: StreamTcpInlineDropInvalid function does not exist at all. Perhaps contact
- NOTE: upstream and ask for a clarification?
+ NOTE: Confirmed to be vulnerable.
+ NOTE: Follow security-team and tag it no-dsa?
--
wordpress
NOTE: 20180217: Upstream unsure how to fix at the moment (lamby)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0241ef43ac51500f28c75892eae575464d8cd9bc
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0241ef43ac51500f28c75892eae575464d8cd9bc
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180219/99527a36/attachment-0001.html>
More information about the Secure-testing-commits
mailing list