[Git][security-tracker-team/security-tracker][master] 2 commits: Mark CVE-2017-14062/libidn as no-dsa

Fri Dec 13 22:11:27 GMT 2019


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5053c6d1 by Salvatore Bonaccorso at 2019-12-13T22:10:28Z
Mark CVE-2017-14062/libidn as no-dsa

- - - - -
1a62fc9b by Salvatore Bonaccorso at 2019-12-13T22:11:05Z
Remove libidn from dsa-needed

- - - - -


2 changed files:

- data/CVE/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -127650,6 +127650,7 @@ CVE-2017-14062 (Integer overflow in the decode_digit function in puny_decode.c i
 	{DSA-3988-1 DLA-1447-1 DLA-1085-1 DLA-1084-1}
 	- libidn2-0 2.0.2-4 (bug #873902)
 	- libidn 1.33-2 (bug #873903)
+	[stretch] - libidn <no-dsa> (Minor issue; can be fixed in point release)
 	NOTE: https://gitlab.com/libidn/libidn2/commit/3284eb342cd0ed1a18786e3fcdf0cdd7e76676bd
 CVE-2017-14061 (Integer overflow in the _isBidi function in bidi.c in Libidn2 before 2 ...)
 	- libidn2-0 2.0.2-4 (bug #873904)


=====================================
data/dsa-needed.txt
=====================================
@@ -31,9 +31,6 @@ graphicsmagick/oldstable
 --
 jruby/oldstable
 --
-libidn/oldstable
-  santiago proposed debdiffs for jessie and stretch
---
 libopenmpt
 --
 linux (carnil)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/cc1232fecb2a664db638664fb90a1c994f01d17c...1a62fc9b4eff5a0e0b01792493e4b60d46dca564

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/cc1232fecb2a664db638664fb90a1c994f01d17c...1a62fc9b4eff5a0e0b01792493e4b60d46dca564
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191213/978d7536/attachment-0001.html>
