[Git][security-tracker-team/security-tracker][master] Remove no-dsa tagged entries for libplist which will get an update

Dylan Aïssi daissi at debian.org
Wed Apr 1 23:33:56 BST 2020



Dylan Aïssi pushed to branch master at Debian Security Tracker / security-tracker


Commits:
76deedc8 by Dylan Aïssi at 2020-04-02T00:33:33+02:00
Remove no-dsa tagged entries for libplist which will get an update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -166206,7 +166206,6 @@ CVE-2017-7983 (In Joomla! 1.5.0 through 3.6.5 (fixed in 3.7.0), mail sent using
 	NOT-FOR-US: Joomla!
 CVE-2017-7982 (Integer overflow in the plist_from_bin function in bplist.c in libimob ...)
 	- libplist 1.12+git+1+e37ca00-0.3 (bug #860945)
-	[jessie] - libplist <no-dsa> (Minor issue)
 	[wheezy] - libplist <no-dsa> (Minor issue)
 	NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/fdebf8b319b9280cd0e9b4382f2c7cbf26ef9325
 	NOTE: https://github.com/libimobiledevice/libplist/issues/103
@@ -171487,7 +171486,6 @@ CVE-2017-6440 (The parse_data_node function in bplist.c in libimobiledevice libp
 CVE-2017-6439 (Heap-based buffer overflow in the parse_string_node function in bplist ...)
 	{DLA-870-1}
 	- libplist 1.12+git+1+e37ca00-0.1
-	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/95
 	NOTE: https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
 CVE-2017-6438 (Heap-based buffer overflow in the parse_unicode_node function in bplis ...)
@@ -171505,13 +171503,11 @@ CVE-2017-6437 (The base64encode function in base64.c in libimobiledevice libplis
 CVE-2017-6436 (The parse_string_node function in bplist.c in libimobiledevice libplis ...)
 	{DLA-870-1}
 	- libplist 1.12+git+1+e37ca00-0.1
-	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/94
 	NOTE: https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
 CVE-2017-6435 (The parse_string_node function in bplist.c in libimobiledevice libplis ...)
 	{DLA-870-1}
 	- libplist 1.12+git+1+e37ca00-0.1
-	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/93
 	NOTE: https://github.com/libimobiledevice/libplist/commit/fbd8494d5e4e46bf2e90cb6116903e404374fb56
 CVE-2017-6434
@@ -173476,13 +173472,11 @@ CVE-2017-5836 (The plist_free_data function in plist.c in libplist allows attack
 CVE-2017-5835 (libplist allows attackers to cause a denial of service (large memory a ...)
 	{DLA-840-1}
 	- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
-	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/88
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
 CVE-2017-5834 (The parse_dict_node function in bplist.c in libplist allows attackers  ...)
 	{DLA-840-1}
 	- libplist 1.12+git+1+e37ca00-0.1 (bug #854000)
-	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/89
 	NOTE: http://www.openwall.com/lists/oss-security/2017/01/31/6
 CVE-2017-5829 (An access restriction bypass vulnerability in HPE Aruba ClearPass Poli ...)
@@ -174637,7 +174631,6 @@ CVE-2017-5553 (Cross-site scripting (XSS) vulnerability in plugins/markdown_plug
 CVE-2017-5545 (The main function in plistutil.c in libimobiledevice libplist through  ...)
 	{DLA-811-1}
 	- libplist 1.12+git+1+e37ca00-0.1 (low; bug #852385)
-	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: https://github.com/libimobiledevice/libplist/issues/87
 	NOTE: Fixed by: https://github.com/libimobiledevice/libplist/commit/7391a506352c009fe044dead7baad9e22dd279ee
 CVE-2017-5544 (An issue was discovered on FiberHome Fengine S5800 switches V210R240.  ...)
@@ -175864,7 +175857,6 @@ CVE-2017-5210 (Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by:
 CVE-2017-5209 (The base64decode function in base64.c in libimobiledevice libplist thr ...)
 	{DLA-811-1}
 	- libplist 1.12+git+1+e37ca00-0.1 (low; bug #851196)
-	[jessie] - libplist <no-dsa> (Minor issue)
 	NOTE: Upstream bug: https://github.com/libimobiledevice/libplist/issues/84
 	NOTE: https://github.com/libimobiledevice/libplist/commit/3a55ddd3c4c11ce75a86afbefd085d8d397ff957
 CVE-2017-5205 (The ISAKMP parser in tcpdump before 4.9.0 has a buffer overflow in pri ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76deedc8824aa5f5b6f77cb01044fa4422cefadc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76deedc8824aa5f5b6f77cb01044fa4422cefadc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200401/56311d9c/attachment.html>


More information about the debian-security-tracker-commits mailing list