[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Triage result.

[Ola Lundqvist]

Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2b096652 by Ola Lundqvist at 2018-03-28T19:18:11+02:00
Triage result.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -104,6 +104,7 @@ CVE-2018-9058 (In Long Range Zip (aka lrzip) 0.631, there is an infinite loop in
 	- lrzip <unfixed>
 	[stretch] - lrzip <no-dsa> (Minor issue)
 	[jessie] - lrzip <no-dsa> (Minor issue)
+	[wheezy] - lrzip <ignored> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/93
 CVE-2018-XXXX [DRUPAL-PSA-2018-001]
 	- drupal7 <unfixed> (bug #894259)
@@ -709,6 +710,7 @@ CVE-2018-1000135 (GNOME NetworkManager version 1.10.2 and earlier contains a Inf
 	- network-manager <unfixed>
 	[stretch] - network-manager <no-dsa> (Minor issue)
 	[jessie] - network-manager <no-dsa> (Minor issue)
+	[wheezy] - network-manager <no-dsa> (Minor issue)
 	NOTE: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1754671
 	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=746422
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1553634
@@ -5082,6 +5084,7 @@ CVE-2018-7185 (The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote 
 	- ntp 1:4.2.8p11+dfsg-1 (low)
 	[stretch] - ntp <no-dsa> (Minor issue)
 	[jessie] - ntp <no-dsa> (Minor issue)
+	[wheezy] - ntp <ignored> (Minor issue)
 	- ntpsec <not-affected> (Issue not present)
 	NOTE: http://www.kb.cert.org/vuls/id/961909
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3454
@@ -5090,6 +5093,7 @@ CVE-2018-7184 (ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before upda
 	- ntp 1:4.2.8p11+dfsg-1 (low)
 	[stretch] - ntp <no-dsa> (Minor issue)
 	[jessie] - ntp <no-dsa> (Minor issue)
+	[wheezy] - ntp <ignored> (Minor issue)
 	- ntpsec <not-affected> (Issue not present)
 	NOTE: http://www.kb.cert.org/vuls/id/961909
 	NOTE: http://support.ntp.org/bin/view/Main/NtpBug3453


=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -123,6 +123,8 @@ opencv
 --
 openjdk-7 (Emilio Pozuelo)
 --
+openssl
+--
 php5
   NOTE: 20180226: consider reviewing the backlog of issues fixed in jessie to see if it is worth fixing a few DOS in the backlog (anarcat)
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2b0966525de1a2641b2c65ad3df6abbde424930c

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/2b0966525de1a2641b2c65ad3df6abbde424930c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180328/0bd91398/attachment-0001.html>