[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Partially revert "CVE-2018-7409/unixodbc: add fixed by note"

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b2f97927 by Salvatore Bonaccorso at 2018-02-26T21:39:38+01:00
Partially revert "CVE-2018-7409/unixodbc: add fixed by note"

This reverts commit af0ef05174e5fefdcb4c22d647c46a6057b86c4a.

The update did remove the previous changes done for the links2/elinks
CVE.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -157,9 +157,12 @@ CVE-2017-18195
 	RESERVED
 CVE-2012-6709 (ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate ...)
 	- elinks <unfixed> (bug #891575)
-	- links2 2.7-1 (bug #694658)
+	- links2 2.6-1 (bug #694658; bug #510417)
 	NOTE: Patch proposed upstream (when using): http://lists.linuxfromscratch.org/pipermail/elinks-dev/2015-June/002099.html
 	NOTE: tested links2 against badssl.com, no apparent issue back in wheezy
+	NOTE: src:links2/2.6-1 adds verify-ssl-certs-510417.diff to verify SSL certs.
+	NOTE: src:links2 upstream in 2.11 adds support for verifying SSL certificates.
+	TODO: double check links2 again, since #694658 claims not all issues are fixed
 CVE-2018-7422
 	RESERVED
 CVE-2018-7421 (In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b2f979277d39a4788cf11be3a955ddacaceb6ae1

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b2f979277d39a4788cf11be3a955ddacaceb6ae1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180226/9f3aaeaa/attachment.html>