[Git][security-tracker-team/security-tracker][master] Mark CVE-2018-17187/qpid-proton as unimportant
Salvatore Bonaccorso
carnil at debian.org
Thu Nov 15 16:30:08 GMT 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a47cb250 by Salvatore Bonaccorso at 2018-11-15T16:28:49Z
Mark CVE-2018-17187/qpid-proton as unimportant
proton-j is not build into binary packages but the source present.
Later versions removed proton-j from the qpid-proton source and moved it
to a separate upstream source git repository not present in Debian.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5424,7 +5424,7 @@ CVE-2018-17189
CVE-2018-17188
RESERVED
CVE-2018-17187 (The Apache Qpid Proton-J transport includes an optional wrapper layer ...)
- - qpid-proton 0.22.0-1
+ - qpid-proton 0.22.0-1 (unimportant)
NOTE: https://qpid.apache.org/cves/CVE-2018-17187.html
NOTE: https://issues.apache.org/jira/browse/PROTON-1962
NOTE: https://github.com/apache/qpid-proton-j/commit/0cb8ca03cec42120dcfc434561592d89a89a805e
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a47cb250d5587a7fcceaae64c5c745a9236d7164
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a47cb250d5587a7fcceaae64c5c745a9236d7164
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181115/738cc8d9/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list