[Git][security-tracker-team/security-tracker][master] Demote severity for CVE-2017-14609 to unimportant

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0f23f146 by Salvatore Bonaccorso at 2018-09-16T20:03:26Z
Demote severity for CVE-2017-14609 to unimportant

See details in upstream bug and specific reply from Guillem Jover.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -54474,11 +54474,9 @@ CVE-2017-14610 (bareos-dir, bareos-fd, and bareos-sd in bareos-core in Bareos 16
 	[jessie] - bareos <no-dsa> (Minor issue)
 	NOTE: https://bugs.bareos.org/view.php?id=847
 CVE-2017-14609 (The server daemons in Kannel 1.5.0 and earlier create a PID file after ...)
-	- kannel <unfixed> (low; bug #877361)
-	[stretch] - kannel <no-dsa> (Minor issue)
-	[jessie] - kannel <no-dsa> (Minor issue)
-	[wheezy] - kannel <no-dsa> (Minor issue)
+	- kannel <unfixed> (unimportant; bug #877361)
 	NOTE: https://redmine.kannel.org/issues/771
+	NOTE: No real security issue in combination with start-stop-daemon from dpkg
 CVE-2017-14608 (In LibRaw through 0.18.4, an out of bounds read flaw related to ...)
 	{DLA-1109-1}
 	- libraw 0.18.5-1 (low)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0f23f14626274430278d28ff2cb629d3692cab6a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0f23f14626274430278d28ff2cb629d3692cab6a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180916/c293ce42/attachment-0001.html>