[Secure-testing-commits] r56439 - data/CVE

Author: carnil Date: 2017-10-06 04:32:50 + (Fri, 06 Oct 2017) New Revision: 56439 Modified: data/CVE/list Log: Add new issue in CVE-2017-2920/libofx Modified: data/CVE/list === --- data/CVE/list 2017-10-06 04:32:22 UTC

[Secure-testing-commits] r56438 - data/CVE

Author: carnil Date: 2017-10-06 04:32:22 + (Fri, 06 Oct 2017) New Revision: 56438 Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list === --- data/CVE/list 2017-10-06 01:09:20 UTC (rev 56437) +++

[Secure-testing-commits] r56437 - data/CVE

Author: benh Date: 2017-10-06 01:09:20 + (Fri, 06 Oct 2017) New Revision: 56437 Modified: data/CVE/list Log: Mark CVE-2017-14496 as not affecting wheezy and jessie Some of the added checks in the upstream fix for CVE-2017-14496 do seem to apply to these versions of dnsmasq (in different

[Secure-testing-commits] r56436 - data/CVE

Author: sectracker Date: 2017-10-05 21:10:17 + (Thu, 05 Oct 2017) New Revision: 56436 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-10-05 16:56:31 UTC (rev 56435) +++

[Secure-testing-commits] r56435 - data/CVE

Author: jmm Date: 2017-10-05 16:56:31 + (Thu, 05 Oct 2017) New Revision: 56435 Modified: data/CVE/list Log: NFU golang ignored resolve older ceilometer TODO Modified: data/CVE/list === --- data/CVE/list 2017-10-05

[Secure-testing-commits] r56434 - data/CVE

Author: benh Date: 2017-10-05 16:28:22 + (Thu, 05 Oct 2017) New Revision: 56434 Modified: data/CVE/list Log: Update status of recent dnsmasq CVEs in wheezy and jessie Two don't apply to wheezy. One was wrongly marked as not affecting jessie. Modified: data/CVE/list

[Secure-testing-commits] r56433 - data/CVE

Author: carnil Date: 2017-10-05 14:59:39 + (Thu, 05 Oct 2017) New Revision: 56433 Modified: data/CVE/list Log: Reference upstream bug for CVE-2017-12617 Modified: data/CVE/list === --- data/CVE/list 2017-10-05 14:06:30

[Secure-testing-commits] r56432 - data

Author: benh Date: 2017-10-05 14:06:30 + (Thu, 05 Oct 2017) New Revision: 56432 Modified: data/dla-needed.txt Log: Claim dnsmasq/wheezy Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-10-05 13:50:07 UTC (rev

[Secure-testing-commits] r56429 - data

Author: alteholz Date: 2017-10-05 13:41:09 + (Thu, 05 Oct 2017) New Revision: 56429 Modified: data/dla-needed.txt Log: claim botan Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-10-05 13:10:25 UTC (rev 56428)

[Secure-testing-commits] r56431 - data/CVE

Author: carnil Date: 2017-10-05 13:50:07 + (Thu, 05 Oct 2017) New Revision: 56431 Modified: data/CVE/list Log: Remove doubled NOTE Modified: data/CVE/list === --- data/CVE/list 2017-10-05 13:49:56 UTC (rev 56430) +++

[Secure-testing-commits] r56430 - data/CVE

Author: carnil Date: 2017-10-05 13:49:56 + (Thu, 05 Oct 2017) New Revision: 56430 Modified: data/CVE/list Log: Correct status for CVE-2017-12617, thanks mdeslaur on IRC Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r56428 - data

Author: apo Date: 2017-10-05 13:10:25 + (Thu, 05 Oct 2017) New Revision: 56428 Modified: data/dla-needed.txt Log: Claim wordpress in dla-needed.txt Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-10-05

[Secure-testing-commits] r56427 - data/CVE

Author: carnil Date: 2017-10-05 11:44:09 + (Thu, 05 Oct 2017) New Revision: 56427 Modified: data/CVE/list Log: Eight fontforge issues fixed in unstable The remaining two are not yet addressed. Modified: data/CVE/list === ---

[Secure-testing-commits] r56426 - bin

Author: geissert Date: 2017-10-05 10:31:07 + (Thu, 05 Oct 2017) New Revision: 56426 Modified: bin/check-new-issues Log: Cache the latest apt-cache results to speed things up Modified: bin/check-new-issues === ---

[Secure-testing-commits] r56425 - data/CVE

Author: apo Date: 2017-10-05 10:00:49 + (Thu, 05 Oct 2017) New Revision: 56425 Modified: data/CVE/list Log: asterisk,CVE-2017-14099,CVE-2017-14603: Ignored for Wheezy The strictrtp option is disabled by default in Wheezy. This makes it impossible to exploit the vulnerability. The patch is

[Secure-testing-commits] r56424 - in data: . DLA

Author: apo Date: 2017-10-05 09:56:00 + (Thu, 05 Oct 2017) New Revision: 56424 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-1122-1 for asterisk Modified: data/DLA/list === --- data/DLA/list 2017-10-05

[Secure-testing-commits] r56423 - in data: . DLA

Author: lamby Date: 2017-10-05 09:35:47 + (Thu, 05 Oct 2017) New Revision: 56423 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-1121-1 for curl. Modified: data/DLA/list === --- data/DLA/list 2017-10-05

[Secure-testing-commits] r56422 - data/CVE

Author: carnil Date: 2017-10-05 09:34:20 + (Thu, 05 Oct 2017) New Revision: 56422 Modified: data/CVE/list Log: Process NFUs Modified: data/CVE/list === --- data/CVE/list 2017-10-05 09:21:57 UTC (rev 56421) +++

[Secure-testing-commits] r56421 - data/CVE

Author: carnil Date: 2017-10-05 09:21:57 + (Thu, 05 Oct 2017) New Revision: 56421 Modified: data/CVE/list Log: Add CVE-2017-15032 Modified: data/CVE/list === --- data/CVE/list 2017-10-05 09:19:10 UTC (rev 56420) +++

[Secure-testing-commits] r56420 - data/CVE

Author: carnil Date: 2017-10-05 09:19:10 + (Thu, 05 Oct 2017) New Revision: 56420 Modified: data/CVE/list Log: Add CVE-2017-15033/imagemagick Modified: data/CVE/list === --- data/CVE/list 2017-10-05 09:10:16 UTC (rev

[Secure-testing-commits] r56419 - data/CVE

Author: sectracker Date: 2017-10-05 09:10:16 + (Thu, 05 Oct 2017) New Revision: 56419 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-10-05 04:16:45 UTC (rev 56418) +++