Author: carnil
Date: 2017-08-26 05:11:41 + (Sat, 26 Aug 2017)
New Revision: 55097
Modified:
data/CVE/list
Log:
Add new krb5 issue
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-26 05:01:31 UTC (rev 55096)
+++
Author: carnil
Date: 2017-08-26 05:01:31 + (Sat, 26 Aug 2017)
New Revision: 55096
Modified:
data/CVE/list
Log:
Mark CVE-2015-8365/libav as removed
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 22:57:13 UTC
Author: hle
Date: 2017-08-25 22:57:13 + (Fri, 25 Aug 2017)
New Revision: 55095
Modified:
data/CVE/list
Log:
Mark CVE-2015-8365 as unfixed in wheezy and jessie. Add link to upstream
patches for both branches.
Modified: data/CVE/list
Author: roberto
Date: 2017-08-25 21:48:28 + (Fri, 25 Aug 2017)
New Revision: 55094
Modified:
data/dla-needed.txt
Log:
Claim tiff/tiff3 in dla-needed.txt
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-08-25
Author: hle
Date: 2017-08-25 21:39:45 + (Fri, 25 Aug 2017)
New Revision: 55093
Modified:
data/CVE/list
Log:
Mark CVE-2017-9994 in wheezy (Vulnerable code not present, WebP
decoder feature introduced in v10)
Modified: data/CVE/list
2017-08-25 21:36:12 UTC (rev 55091)
+++ data/dla-needed.txt 2017-08-25 21:38:56 UTC (rev 55092)
@@ -53,7 +53,7 @@
graphicsmagick (Thorsten Alteholz)
--
imagemagick (Roberto C. Sánchez)
- NOTE: 20170814, work continues patches up to CVE-2017-12587 backported
+ NOTE: 20170825, work is complete
Author: hle
Date: 2017-08-25 21:36:12 + (Fri, 25 Aug 2017)
New Revision: 55091
Modified:
data/CVE/list
Log:
Mark CVE-2017-9991 in wheezy (vulnerable code not present, XWD
feature present since v9b)
Modified: data/CVE/list
Author: hle
Date: 2017-08-25 21:19:56 + (Fri, 25 Aug 2017)
New Revision: 55090
Modified:
data/CVE/list
Log:
Fix typo in CVE-2017-6419 & CVE-2017-11423 (does not does not have). Mark
CVE-2017-9996 in wheezy (Vulnerable code not present).
Modified: data/CVE/list
Author: carnil
Date: 2017-08-25 21:16:41 + (Fri, 25 Aug 2017)
New Revision: 55089
Modified:
data/CVE/list
Log:
Process NFUs
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 21:10:13 UTC (rev 55088)
+++
Author: sectracker
Date: 2017-08-25 21:10:13 + (Fri, 25 Aug 2017)
New Revision: 55088
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 20:55:59 UTC (rev 55087)
+++
Author: carnil
Date: 2017-08-25 20:55:59 + (Fri, 25 Aug 2017)
New Revision: 55087
Modified:
data/CVE/list
Log:
Add bug reference(s) for nss
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 20:16:33 UTC (rev
Author: hle
Date: 2017-08-25 20:16:33 + (Fri, 25 Aug 2017)
New Revision: 55086
Modified:
data/CVE/list
Log:
Mark mysql-connector-python postponed in wheezy.
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25
Author: carnil
Date: 2017-08-25 20:11:18 + (Fri, 25 Aug 2017)
New Revision: 55085
Modified:
data/dsa-needed.txt
Log:
Add note for php5 and php7.0
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-08-25 20:02:28
Author: carnil
Date: 2017-08-25 20:02:28 + (Fri, 25 Aug 2017)
New Revision: 55084
Modified:
data/CVE/list
Log:
Update CVE-2017-12978/cacti status
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 19:56:40 UTC
Author: jmm
Date: 2017-08-25 19:56:40 + (Fri, 25 Aug 2017)
New Revision: 55083
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
openjdk-7 DSA
Modified: data/DSA/list
===
--- data/DSA/list 2017-08-25 19:14:36 UTC
Author: apo
Date: 2017-08-25 19:14:36 + (Fri, 25 Aug 2017)
New Revision: 55082
Modified:
data/dla-needed.txt
Log:
Claim faad2 in dla-needed.txt
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-08-25 19:05:54
Author: carnil
Date: 2017-08-25 17:01:35 + (Fri, 25 Aug 2017)
New Revision: 55080
Modified:
data/dsa-needed.txt
Log:
Take mariadb-10.1 from dsa-needed list
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-08-25
Author: jbicha-guest
Date: 2017-08-25 16:56:15 + (Fri, 25 Aug 2017)
New Revision: 55079
Modified:
data/CVE/list
Log:
Mark webkit2gtk issues fixed in 2.16.3-2
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25
Author: apo
Date: 2017-08-25 16:35:50 + (Fri, 25 Aug 2017)
New Revision: 55077
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-1064-1 for freeradius
Modified: data/DLA/list
===
--- data/DLA/list
Author: apo
Date: 2017-08-25 16:03:35 + (Fri, 25 Aug 2017)
New Revision: 55076
Modified:
data/CVE/list
Log:
Revert 55074.
On second thought CVE-2017-10982 is relevant for Wheezy because similar code
can be
found in fr_dhcp_decode
Modified: data/CVE/list
Author: roberto
Date: 2017-08-25 15:50:55 + (Fri, 25 Aug 2017)
New Revision: 55075
Modified:
data/CVE/list
Log:
Note that CVE-2017-13145 does not affect imagemagick in wheezy
Modified: data/CVE/list
===
--- data/CVE/list
Author: apo
Date: 2017-08-25 15:49:08 + (Fri, 25 Aug 2017)
New Revision: 55074
Modified:
data/CVE/list
Log:
CVE-2017-10982,freeradius: Wheezy is not affected
The function fr_dhcp_decode_options does not exist in this version.
Modified: data/CVE/list
Author: roberto
Date: 2017-08-25 15:19:31 + (Fri, 25 Aug 2017)
New Revision: 55073
Modified:
data/CVE/list
Log:
Add reference for upstream commit that fixes CVE-2017-13144
Modified: data/CVE/list
===
--- data/CVE/list
Author: agx
Date: 2017-08-25 14:48:33 + (Fri, 25 Aug 2017)
New Revision: 55071
Modified:
data/CVE/list
Log:
lts: mark CVE-2017-11334 as no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 14:48:13 UTC (rev
Author: agx
Date: 2017-08-25 14:48:36 + (Fri, 25 Aug 2017)
New Revision: 55072
Modified:
data/dla-needed.txt
Log:
lts: update xen status
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-08-25 14:48:33 UTC (rev
Author: agx
Date: 2017-08-25 14:48:13 + (Fri, 25 Aug 2017)
New Revision: 55070
Modified:
data/CVE/list
Log:
lts: triage xen CVEs
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 14:43:39 UTC (rev 55069)
+++
Author: roberto
Date: 2017-08-25 14:43:39 + (Fri, 25 Aug 2017)
New Revision: 55069
Modified:
data/CVE/list
Log:
Add reference for upstream commit that fixes CVE-2017-13143
Modified: data/CVE/list
===
--- data/CVE/list
Author: roberto
Date: 2017-08-25 13:48:00 + (Fri, 25 Aug 2017)
New Revision: 55068
Modified:
data/CVE/list
Log:
Note that CVE-2017-13140 does not affect imagemagick in wheezy
Modified: data/CVE/list
===
--- data/CVE/list
Author: roberto
Date: 2017-08-25 13:34:53 + (Fri, 25 Aug 2017)
New Revision: 55067
Modified:
data/CVE/list
Log:
Add references for upstream commits that fix CVE-2017-13140
Modified: data/CVE/list
===
--- data/CVE/list
Author: alteholz
Date: 2017-08-25 13:27:53 + (Fri, 25 Aug 2017)
New Revision: 55066
Modified:
data/dla-needed.txt
Log:
marked as unimportant
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-08-25 13:23:11 UTC
Author: roberto
Date: 2017-08-25 13:23:11 + (Fri, 25 Aug 2017)
New Revision: 55065
Modified:
data/CVE/list
Log:
Add reference for upstream commit that fixes CVE-2017-13139
Modified: data/CVE/list
===
--- data/CVE/list
Author: roberto
Date: 2017-08-25 12:39:56 + (Fri, 25 Aug 2017)
New Revision: 55064
Modified:
data/CVE/list
Log:
Note that CVE-2017-13061 does not affect imagemagick in wheezy or jessie
Modified: data/CVE/list
===
---
Author: alteholz
Date: 2017-08-25 12:31:58 + (Fri, 25 Aug 2017)
New Revision: 55063
Modified:
data/CVE/list
Log:
follow jessie with no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 12:30:12 UTC (rev
Author: alteholz
Date: 2017-08-25 12:30:12 + (Fri, 25 Aug 2017)
New Revision: 55062
Modified:
data/CVE/list
Log:
follow jessie with no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 10:27:04 UTC (rev
Author: carnil
Date: 2017-08-25 10:27:04 + (Fri, 25 Aug 2017)
New Revision: 55061
Modified:
data/CVE/list
Log:
Update status for CVE-2017-13692
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 10:17:45 UTC (rev
Author: carnil
Date: 2017-08-25 10:17:45 + (Fri, 25 Aug 2017)
New Revision: 55060
Modified:
data/CVE/list
Log:
Add CVE-2017-13692/tidy-html5
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 09:32:07 UTC (rev
Author: jmm
Date: 2017-08-25 09:32:07 + (Fri, 25 Aug 2017)
New Revision: 55059
Modified:
data/CVE/list
Log:
clear up some php5 entries
salt no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 09:20:37 UTC
Author: carnil
Date: 2017-08-25 09:20:37 + (Fri, 25 Aug 2017)
New Revision: 55058
Modified:
data/CVE/list
Log:
Add CVE-2017-1369{3,4,5}/linux
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 09:17:49 UTC (rev
Author: carnil
Date: 2017-08-25 09:17:49 + (Fri, 25 Aug 2017)
New Revision: 55057
Modified:
data/CVE/list
Log:
Add CVE-2017-13686/linux
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 09:10:15 UTC (rev 55056)
Author: sectracker
Date: 2017-08-25 09:10:15 + (Fri, 25 Aug 2017)
New Revision: 55056
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 07:03:30 UTC (rev 55055)
+++
Author: jmm
Date: 2017-08-25 07:03:30 + (Fri, 25 Aug 2017)
New Revision: 55055
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 07:02:27 UTC (rev 55054)
+++ data/CVE/list
Author: jmm
Date: 2017-08-25 07:02:27 + (Fri, 25 Aug 2017)
New Revision: 55054
Modified:
data/CVE/list
Log:
new pyjwt issue
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 07:00:50 UTC (rev 55053)
+++
Author: jmm
Date: 2017-08-25 07:00:50 + (Fri, 25 Aug 2017)
New Revision: 55053
Modified:
data/CVE/list
Log:
follow Oracle advisory here (and even if it affects 7, it would be fixed by the
latest release anyway)
Modified: data/CVE/list
Author: jmm
Date: 2017-08-25 06:59:56 + (Fri, 25 Aug 2017)
New Revision: 55052
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===
--- data/CVE/list 2017-08-25 06:28:51 UTC (rev 55051)
+++ data/CVE/list
Author: carnil
Date: 2017-08-25 06:28:51 + (Fri, 25 Aug 2017)
New Revision: 55051
Modified:
data/CVE/list
Log:
Record fix for unstable for CVE-2017-6386/virglrenderer
Modified: data/CVE/list
===
--- data/CVE/list
45 matches
Mail list logo