Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: a2aa1c94 by Salvatore Bonaccorso at 2018-08-06T18:28:50Z Update notes for CVE-2017-7893 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -69345,10 +69345,9 @@ CVE-2017-7893 (In SaltStack Salt before 2016.3.6, compromised salt-minions can . - salt <undetermined> NOTE: https://docs.saltstack.com/en/2017.7/topics/releases/2016.3.6.html NOTE: https://github.com/saltstack/salt/issues/48939 - NOTE: The first version in Debian unstable containing the fix is likely - NOTE: 2016.11.5+ds-1 which is the first merging changes from 2016.3.6 - NOTE: that is the "previous branch". - TODO: check, pinpoint fixing version, check with maintainers on issue, upstream asked + NOTE: https://github.com/saltstack/salt/commit/0a0f46fb1478be5eb2f90882a90390cb35ec43cb + NOTE: The behaviour though was back off by default in a later commit again + NOTE: cf. https://github.com/saltstack/salt/pull/40206 CVE-2017-7892 (Sandstorm Cap'n Proto before 0.5.3.1 allows remote crashes related to a ...) - capnproto 0.6.1-1 (unimportant; bug #860960) NOTE: https://github.com/sandstorm-io/capnproto/blob/master/security-advisories/2017-04-17-0-apple-clang-elides-bounds-check.md View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a2aa1c94016addb69c0ed64d09220ec18caaec9e -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/a2aa1c94016addb69c0ed64d09220ec18caaec9e You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits