[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add reference to additional required commit due to regression for CVE-2017-15132

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1480314c by Salvatore Bonaccorso at 2018-01-30T21:41:56+01:00
Add reference to additional required commit due to regression for CVE-2017-15132

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -22395,7 +22395,8 @@ CVE-2017-15132 (A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort
 	- dovecot <unfixed> (bug #888432)
 	[stretch] - dovecot <no-dsa> (Minor memory leak, will be fixed via point release)
 	[jessie] - dovecot <no-dsa> (Minor memory leak, will be fixed via point release)
-	NOTE: https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060.patch
+	NOTE: Fixed by: https://github.com/dovecot/core/commit/1a29ed2f96da1be22fa5a4d96c7583aa81b8b060.patch
+	NOTE: Regression fix needed on top: https://github.com/dovecot/core/commit/a9b135760aea6d1790d447d351c56b78889dac22
 CVE-2017-15131 (It was found that system umask policy is not being honored when ...)
 	- xdg-user-dirs <unfixed> (unimportant)
 	NOTE: The CVE relates that created directories by xdg-user-dirs might not



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1480314c80c5e9ceda46044806969c038bdde366

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1480314c80c5e9ceda46044806969c038bdde366
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180130/6ba900c7/attachment.html>