[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] 2 commits: OBS, zypper no-dsa

Mon Mar 5 18:44:22 UTC 2018

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dc06be91 by Moritz Muehlenhoff at 2018-03-05T19:43:35+01:00
OBS, zypper no-dsa

- - - - -
ff974964 by Moritz Muehlenhoff at 2018-03-05T19:43:53+01:00
add PHP to dsa-needed

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -44295,6 +44295,7 @@ CVE-2017-9272 (The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be ...)
 	NOT-FOR-US: IDM
 CVE-2017-9271 (The commandline package update tool zypper writes HTTP proxy ...)
 	- zypper <unfixed> (low)
+	[jessie] - zypper <ignored> (Minor issue)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1050625
 CVE-2017-9270 (In cryptctl before version 2.0 a malicious server could send RPC ...)
 	NOT-FOR-US: SuSE cryptctl
@@ -57894,6 +57895,7 @@ CVE-2017-5189 (NetIQ iManager before 3.0.3 delivered a SSL private key in a Java
 	NOT-FOR-US: NetIQ iManager
 CVE-2017-5188 (The bs_worker code in open build service before 20170320 followed ...)
 	- open-build-service <unfixed> (low)
+	[stretch] - open-build-service <no-dsa> (Minor issue)
 CVE-2017-5187 (A Cross-Site Request Forgery (CWE-352) vulnerability in Directory ...)
 	NOT-FOR-US: Micro Focus
 CVE-2017-5186 (Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before ...)


=====================================
data/dsa-needed.txt
=====================================
--- a/data/dsa-needed.txt
+++ b/data/dsa-needed.txt
@@ -57,6 +57,12 @@ openjpeg2 (luciano)
 --
 passenger/stable
 --
+php5/oldstable
+  wait for 5.6.34 release
+--
+php7.0/stable
+  wait for 7.0.28 release 
+--
 php-horde-image
 --
 phpmyadmin/oldstable



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/7ba749dff2474fedcfdde47fdcc81593cd45de21...ff974964371eba426ec7fe7f8c061db144fdcd04

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/7ba749dff2474fedcfdde47fdcc81593cd45de21...ff974964371eba426ec7fe7f8c061db144fdcd04
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180305/769eee6a/attachment.html>
