[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: follow security team with no-dsa for irssi
Thorsten Alteholz
alteholz at debian.org
Thu Jan 25 21:24:14 UTC 2018
Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker
Commits:
64b06266 by Thorsten Alteholz at 2018-01-25T22:19:19+01:00
follow security team with no-dsa for irssi
- - - - -
305de372 by Thorsten Alteholz at 2018-01-25T22:20:00+01:00
follow security team with no-dsa for non-free p7zip-rar
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -838,6 +838,7 @@ CVE-2018-5996 [Memory Corruptions via RAR PPMd]
- p7zip-rar <unfixed> (bug #888314)
[stretch] - p7zip-rar <no-dsa> (Non-free not supported)
[jessie] - p7zip-rar <no-dsa> (Non-free not supported)
+ [wheezy] - p7zip-rar <no-dsa> (Non-free not supported)
NOTE: https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/
CVE-2018-5995
RESERVED
@@ -2725,24 +2726,28 @@ CVE-2018-5208 (In Irssi before 1.0.6, a calculation error in the completion code
- irssi <unfixed> (bug #886475)
[stretch] - irssi <no-dsa> (Minor issue)
[jessie] - irssi <no-dsa> (Minor issue)
+ [wheezy] - irssi <no-dsa> (Minor issue)
NOTE: https://irssi.org/security/irssi_sa_2018_01.txt
NOTE: https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.6.diff
CVE-2018-5207 (When using an incomplete variable argument, Irssi before 1.0.6 may ...)
- irssi <unfixed> (bug #886475)
[stretch] - irssi <no-dsa> (Minor issue)
[jessie] - irssi <no-dsa> (Minor issue)
+ [wheezy] - irssi <no-dsa> (Minor issue)
NOTE: https://irssi.org/security/irssi_sa_2018_01.txt
NOTE: https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.6.diff
CVE-2018-5206 (When the channel topic is set without specifying a sender, Irssi before ...)
- irssi <unfixed> (bug #886475)
[stretch] - irssi <no-dsa> (Minor issue)
[jessie] - irssi <no-dsa> (Minor issue)
+ [wheezy] - irssi <no-dsa> (Minor issue)
NOTE: https://irssi.org/security/irssi_sa_2018_01.txt
NOTE: https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.6.diff
CVE-2018-5205 (When using incomplete escape codes, Irssi before 1.0.6 may access data ...)
- irssi <unfixed> (bug #886475)
[stretch] - irssi <no-dsa> (Minor issue)
[jessie] - irssi <no-dsa> (Minor issue)
+ [wheezy] - irssi <no-dsa> (Minor issue)
NOTE: https://irssi.org/security/irssi_sa_2018_01.txt
NOTE: https://github.com/irssi/irssi/releases/download/1.0.6/irssi-1.0.5_1.0.6.diff
CVE-2018-5204
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/4bcd2e221f60a7ffd8fa43abc8fc052b345bdc6a...305de3729c58e24206a7a57f6254acc270daf622
---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/4bcd2e221f60a7ffd8fa43abc8fc052b345bdc6a...305de3729c58e24206a7a57f6254acc270daf622
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180125/35296489/attachment-0001.html>
More information about the Secure-testing-commits
mailing list