[Git][security-tracker-team/security-tracker][master] 2 commits: Remove no-dsa tag from CVE-2017-15105

Thu Feb 14 19:18:53 GMT 2019

Markus Koschany pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1fe97a49 by Markus Koschany at 2019-02-14T19:18:00Z
Remove no-dsa tag from CVE-2017-15105

- - - - -
5db47aef by Markus Koschany at 2019-02-14T19:18:41Z
Reserve DLA-1676-1 for unbound

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -81267,7 +81267,6 @@ CVE-2017-15105 (A flaw was found in the way unbound before 1.6.8 validated ...)
 	{DLA-1264-1}
 	- unbound 1.7.1-1 (bug #887733)
 	[stretch] - unbound 1.6.0-3+deb9u2
-	[jessie] - unbound <no-dsa> (Minor issue, can be fixed via point release)
 	NOTE: https://unbound.net/downloads/CVE-2017-15105.txt
 	NOTE: https://unbound.net/downloads/patch_cve_2017_15105.diff
 	NOTE: https://medium.com/nlnetlabs/the-peculiar-case-of-nsec-processing-using-expanded-wildcard-records-ae8285f236be


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[14 Feb 2019] DLA-1676-1 unbound - security update
+	{CVE-2017-15105}
+	[jessie] - unbound 1.4.22-3+deb8u4
 [14 Feb 2019] DLA-1675-1 python-gnupg - security update
 	{CVE-2019-6690}
 	[jessie] - python-gnupg 0.3.6-1+deb8u1


=====================================
data/dla-needed.txt
=====================================
@@ -145,8 +145,6 @@ tiff (Brian May)
   NOTE: CVE-2018-18661: Not possible to prove it fixes the specified vulnerability. (bam)
   NOTE: CVE-2018-18661: See thread starting at https://lists.debian.org/debian-lts/2018/11/msg00033.html (bam)
 --
-unbound (Markus Koschany)
---
 uriparser (Thorsten Alteholz)
   NOTE: 20190210: looking for testsuite package
 --



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b6621c47295e96cce07fd7c6c01382bd594d00dd...5db47aef15c7d6d26bbe00b84ac47a8ac2a9fd14

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/b6621c47295e96cce07fd7c6c01382bd594d00dd...5db47aef15c7d6d26bbe00b84ac47a8ac2a9fd14
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190214/765e6eaf/attachment-0001.html>
