[Git][security-tracker-team/security-tracker][master] Mark CVE-2017-17689 as unfixed for unstable
Salvatore Bonaccorso
carnil at debian.org
Fri May 25 11:30:01 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c4c21afe by Salvatore Bonaccorso at 2018-05-25T12:26:28+02:00
Mark CVE-2017-17689 as unfixed for unstable
The original bug #898631 was for both S/MIME and PGP/MIME part actually,
but the S/MIME part is not yet fixed for thunderbird. Nor is the CVE
considered as fixed by mozilla itself. Revert thus the fixed status. For
now not reopening the bug, we might track a new one in the BTS
specifically for the S/MIME part.
We might ignore the issue in future given there is conceptual flaw in
S/MIME.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -24740,7 +24740,7 @@ CVE-2017-17691
CVE-2017-17690
RESERVED
CVE-2017-17689 (The S/MIME specification allows a Cipher Block Chaining (CBC) ...)
- - thunderbird 1:52.8.0-1 (bug #898631)
+ - thunderbird <unfixed> (bug #898631)
- evolution <unfixed> (bug #898633)
- kmail <unfixed> (bug #898634)
- kf5-messagelib <unfixed> (bug #899127)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c4c21afebd073219fed94346fbffa0424ed76435
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c4c21afebd073219fed94346fbffa0424ed76435
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180525/abfd3ab1/attachment.html>
More information about the debian-security-tracker-commits
mailing list