[Git][security-tracker-team/security-tracker][master] Partially revert "data/dla-needed.txt: Drop pyopenssl after further investigation."

Salvatore Bonaccorso carnil at debian.org
Fri Oct 12 20:07:57 BST 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
60aaf7c1 by Salvatore Bonaccorso at 2018-10-12T19:07:30Z
Partially revert "data/dla-needed.txt: Drop pyopenssl after further investigation."

The wheezy entries should from be tracked in the ELTS tracker itself.

Was the intention to actually do [jessie] tagged entries?

This (partially) reverts commit 17dab33a7ab383cb7b60ce0a04abbb0720a7ab24.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -634,12 +634,10 @@ CVE-2018-1000809 (privacyIDEA version 2.23.1 and earlier contains a Improper Inp
 CVE-2018-1000808 (Python Cryptographic Authority pyopenssl version Before 17.5.0 ...)
 	- pyopenssl 17.5.0-1 (low)
 	[stretch] - pyopenssl <no-dsa> (Minor issue)
-	[wheezy] - pyopenssl <no-dsa> (Minor issue, but also requires at least cryptography 2.1.4 which exposes the X509_up_ref method)
 	NOTE: https://github.com/pyca/pyopenssl/pull/723
 	NOTE: https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509
 CVE-2018-1000807 (Python Cryptographic Authority pyopenssl version prior to version ...)
 	- pyopenssl 17.5.0-1
-	[wheezy] - pyopenssl <no-dsa> (Minor issue, but also requires at least cryptography 2.1.4 which exposes the X509_up_ref method)
 	NOTE: https://github.com/pyca/pyopenssl/pull/723
 	NOTE: https://github.com/pyca/pyopenssl/commit/e73818600065821d588af475b024f4eb518c3509
 CVE-2018-1000805 (Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/60aaf7c195e0fdaf401b468558fabe84b1f16b3b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/60aaf7c195e0fdaf401b468558fabe84b1f16b3b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181012/e1fbb469/attachment.html>

More information about the debian-security-tracker-commits mailing list