[Git][security-tracker-team/security-tracker][master] Triage jasperreports for Jessie.

[Markus Koschany]

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
593135ab by Markus Koschany at 2018-09-28T11:49:55Z
Triage jasperreports for Jessie.

Ignore open issues. No detailed information were publicly disclosed.
Jasperreports is mainly used as a build-dependency for Spring.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -54682,6 +54682,7 @@ CVE-2017-14942 (Intelbras WRN 150 devices allow remote attackers to read the ...
 	NOT-FOR-US: Intelbras WRN 150 devices
 CVE-2017-14941 (Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure ...)
 	- jasperreports <undetermined> (bug #880467; bug #884131)
+	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: https://github.com/binary1985/VulnerabilityDisclosure/blob/master/JasperSoft%20JasperReports%20-%204.7%20-%20CVE-2017-14941
 CVE-2017-14940 (scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) ...)
@@ -83827,10 +83828,12 @@ CVE-2017-5534 (The tibbr user profiles components of tibbr Community, and tibbr
 	NOT-FOR-US: tibbr
 CVE-2017-5533 (A vulnerability in the server content cache of TIBCO JasperReports ...)
 	- jasperreports <undetermined> (bug #884131)
+	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: http://www.tibco.com/support/advisories/2017/11/tibco-security-advisory-november-15-2017-tibco-jasperreports-server-2017
 CVE-2017-5532 (A vulnerability in the report renderer component of TIBCO ...)
 	- jasperreports <undetermined> (bug #884131)
+	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: https://www.tibco.com/support/advisories/2017/11/tibco-security-advisory-november-15-2017-tibco-jasperreports-2017-5532
 CVE-2017-5531 (Deployments of TIBCO Managed File Transfer Command Center versions ...)
@@ -83839,10 +83842,12 @@ CVE-2017-5530 (The tibbr web server components of tibbr Community, and tibbr ...
 	NOT-FOR-US: tibbr
 CVE-2017-5529 (JasperReports library components contain an information disclosure ...)
 	- jasperreports <undetermined> (bug #880467)
+	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: https://www.tibco.com/support/advisories/2017/06/tibco-security-advisory-june-28-2017-tibco-jasperreports-server-2017-0
 CVE-2017-5528 (Multiple JasperReports Server components contain vulnerabilities ...)
 	- jasperreports <undetermined> (bug #880467)
+	[jessie] - jasperreports <ignored> (no detailed information available, only needed as build-dependency for Spring)
 	[wheezy] - jasperreports <end-of-life> (cannot be supported due to lack of information)
 	NOTE: https://www.tibco.com/support/advisories/2017/06/tibco-security-advisory-june-28-2017-tibco-jasperreports-server-2017
 CVE-2017-5527 (TIBCO Spotfire Server 7.0.X before 7.0.2, 7.5.x before 7.5.1, 7.6.x ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/593135ab051af44ec4652acf806ddbc4e44b8893

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/593135ab051af44ec4652acf806ddbc4e44b8893
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180928/e666e2b2/attachment.html>