[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] exempi, obs no-dsa

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
456db781 by Moritz Muehlenhoff at 2018-03-22T23:02:42+01:00
exempi, obs no-dsa
zsh undetermined

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -498,32 +498,44 @@ CVE-2018-8727
 	RESERVED
 CVE-2017-18238 (An issue was discovered in Exempi before 2.4.4. The ...)
 	{DLA-1310-1}
-	- exempi 2.4.4-1
+	- exempi 2.4.4-1 (low)
+	[stretch] - exempi <no-dsa> (Minor issue)
+	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102483
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=886cd1d2314755adb1f4cdb99c16ff00830f0331
 CVE-2017-18237 (An issue was discovered in Exempi before 2.4.3. The ...)
-	- exempi 2.4.3-1
+	- exempi 2.4.3-1 (low)
+	[stretch] - exempi <no-dsa> (Minor issue)
+	[jessie] - exempi <no-dsa> (Minor issue)
 	[wheezy] - exempi <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101914
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=f19d0107fbae1fb41836cd110d4425e407e64048
 CVE-2017-18236 (An issue was discovered in Exempi before 2.4.4. The ...)
 	{DLA-1310-1}
-	- exempi 2.4.4-1
+	- exempi 2.4.4-1 (low)
+	[stretch] - exempi <no-dsa> (Minor issue)
+	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102484
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=fe59605d3520bf2ca4e0a963d194f10e9fee5806
 CVE-2017-18235 (An issue was discovered in Exempi before 2.4.3. The VPXChunk class in ...)
-	- exempi 2.4.3-1
+	- exempi 2.4.3-1 (low)
+	[stretch] - exempi <no-dsa> (Minor issue)
+	[jessie] - exempi <no-dsa> (Minor issue)
 	[wheezy] - exempi <not-affected> (vulnerable code not present)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101913
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=9e76a7782a54a242f18d609e7ba32bf1c430a5e4
 CVE-2017-18234 (An issue was discovered in Exempi before 2.4.3. It allows remote ...)
 	{DLA-1310-1}
-	- exempi 2.4.3-1
+	- exempi 2.4.3-1 (low)
+	[stretch] - exempi <no-dsa> (Minor issue)
+	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=100397
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=c26d5beb60a5a85f76259f50ed3e08c8169b0a0c
 CVE-2017-18233 (An issue was discovered in Exempi before 2.4.4. Integer overflow in the ...)
 	{DLA-1310-1}
-	- exempi 2.4.4-1
+	- exempi 2.4.4-1 (low)
+	[stretch] - exempi <no-dsa> (Minor issue)
+	[jessie] - exempi <no-dsa> (Minor issue)
 	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=102151
 	NOTE: https://cgit.freedesktop.org/exempi/commit/?id=65a8492832b7335ffabd01f5f64d89dec757c260
 CVE-2018-8726
@@ -21052,8 +21064,9 @@ CVE-2018-1073
 CVE-2018-1072
 	RESERVED
 CVE-2018-1071 (zsh through version 5.4.2 is vulnerable to a stack-based buffer ...)
-	- zsh <unfixed>
+	- zsh <undetermined>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1553531
+	NOTE: No actionable information at this point
 CVE-2018-1070
 	RESERVED
 CVE-2018-1069 (Red Hat OpenShift Enterprise version 3.7 is vulnerable to access ...)
@@ -47594,7 +47607,8 @@ CVE-2017-9270 (In cryptctl before version 2.0 a malicious server could send RPC 
 CVE-2017-9269 (In libzypp before August 2018 GPG keys attached to YUM repositories ...)
 	- libzypp <unfixed>
 CVE-2017-9268 (In the open build service before 201707022 the wipetrigger and rebuild ...)
-	- open-build-service <unfixed>
+	- open-build-service <unfixed> (low)
+	[stretch] - open-build-service <no-dsa> (Minor issue)
 	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1045519
 CVE-2017-9267 (In Novell eDirectory before 9.0.3.1 the LDAP interface was not ...)
 	NOT-FOR-US: Novell eDirectory



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/456db7819d8f2eed0f2bf58726df14c6407440fe

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/456db7819d8f2eed0f2bf58726df14c6407440fe
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180322/f0f2db8f/attachment.html>