[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Reserve DLA-1329-1 for memcached

Antoine Beaupré anarcat at debian.org
Thu Mar 29 21:27:00 UTC 2018 

Antoine Beaupré pushed to branch master at Debian Security Tracker / security-tracker


Commits:
530ee747 by Antoine Beaupré at 2018-03-29T17:26:56-04:00
Reserve DLA-1329-1 for memcached

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -1,3 +1,6 @@
+[29 Mar 2018] DLA-1329-1 memcached - security update
+	{CVE-2018-1000127}
+	[wheezy] - memcached 1.4.13-0.2+deb7u4
 [29 Mar 2018] DLA-1328-1 xerces-c - security update
 	{CVE-2017-12627}
 	[wheezy] - xerces-c 3.1.1-3+deb7u5


=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -93,14 +93,6 @@ libvorbis
 --
 linux
 --
-memcached (anarcat)
-  NOTE: The Wheezy version supports the ascii protocol but the specific
-  NOTE: make_ascii_get_suffix function for the fix does not exist. Without a
-  NOTE: reproducer I cannot decide whether this version is vulnerable or not.
-  NOTE: -- Markus Koschany 2018-03-23 22:56:23 +0100
-  NOTE: reproducer in http://www.openwall.com/lists/oss-security/2018/03/08/7
-  NOTE: -- anarcat Thu Mar 29 16:30:36 EDT 2018
---
 mercurial (anarcat)
   NOTE: 20180315: The patch to CVE-2016-1000116 added in 2.2.2-4+deb7u5 makes
   NOTE: 20180315: the testsuite fail nondeterminstically. You will need to apply



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/530ee747f5039fa785367c80a8f91923111b0cf2

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/530ee747f5039fa785367c80a8f91923111b0cf2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180329/8769b8aa/attachment.html>

More information about the Secure-testing-commits mailing list