Author: carnil
Date: 2017-11-24 07:08:06 + (Fri, 24 Nov 2017)
New Revision: 57986
Modified:
data/CVE/list
Log:
Add CVE-2017-16932/libxml2
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-24 06:48:21 UTC (rev 57985)
Author: carnil
Date: 2017-11-24 06:48:21 + (Fri, 24 Nov 2017)
New Revision: 57985
Modified:
data/CVE/list
Log:
Add CVE-2017-16931
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-24 06:34:09 UTC (rev 57984)
+++
Author: carnil
Date: 2017-11-24 06:34:09 + (Fri, 24 Nov 2017)
New Revision: 57984
Modified:
data/CVE/list
Log:
Add upstream issues for exiv2
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-24 05:19:29 UTC (rev
Author: carnil
Date: 2017-11-24 05:19:29 + (Fri, 24 Nov 2017)
New Revision: 57983
Modified:
data/CVE/list
Log:
Mark CVE-2017-5130/libxml2 as no-dsa, reasoning in NOTE
Modified: data/CVE/list
===
--- data/CVE/list
Author: jmm
Date: 2017-11-23 22:05:10 + (Thu, 23 Nov 2017)
New Revision: 57982
Modified:
data/CVE/list
data/DSA/list
data/dsa-needed.txt
Log:
otrs, openjdk-7 DSA
Modified: data/CVE/list
===
--- data/CVE/list
Author: santiago
Date: 2017-11-23 21:47:29 + (Thu, 23 Nov 2017)
New Revision: 57981
Modified:
data/dsa-needed.txt
Log:
dsa-needed.txt: santiago takes a look at poppler
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt
Author: alteholz
Date: 2017-11-23 21:20:03 + (Thu, 23 Nov 2017)
New Revision: 57980
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-1188-1 for libxml2
Modified: data/DLA/list
===
--- data/DLA/list
Author: sectracker
Date: 2017-11-23 21:10:12 + (Thu, 23 Nov 2017)
New Revision: 57979
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 21:03:31 UTC (rev 57978)
+++
Author: carnil
Date: 2017-11-23 21:03:31 + (Thu, 23 Nov 2017)
New Revision: 57978
Modified:
data/CVE/list
Log:
CVE-2017-16804/redmine fixed in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 21:01:04
Author: carnil
Date: 2017-11-23 21:01:04 + (Thu, 23 Nov 2017)
New Revision: 57977
Modified:
data/CVE/list
Log:
CVE-2017-15577/redmine fixed in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 21:00:09
Author: carnil
Date: 2017-11-23 21:00:09 + (Thu, 23 Nov 2017)
New Revision: 57976
Modified:
data/CVE/list
Log:
CVE-2017-15576/redmine fixed in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 20:59:12
Author: carnil
Date: 2017-11-23 20:59:12 + (Thu, 23 Nov 2017)
New Revision: 57975
Modified:
data/CVE/list
Log:
CVE-2017-15575/redmine fixed in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 20:58:12
Author: carnil
Date: 2017-11-23 20:58:12 + (Thu, 23 Nov 2017)
New Revision: 57974
Modified:
data/CVE/list
Log:
CVE-2017-15574/redmine fixed in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 20:57:21
Author: carnil
Date: 2017-11-23 20:57:21 + (Thu, 23 Nov 2017)
New Revision: 57973
Modified:
data/CVE/list
Log:
CVE-2017-15573/redmine fixed in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 20:56:09
Author: carnil
Date: 2017-11-23 20:56:09 + (Thu, 23 Nov 2017)
New Revision: 57972
Modified:
data/CVE/list
Log:
CVE-2017-15572/redmine fixed in 3.3.3 upstream, included in the 3.4.2-1 upload
Modified: data/CVE/list
===
---
Author: carnil
Date: 2017-11-23 20:54:56 + (Thu, 23 Nov 2017)
New Revision: 57971
Modified:
data/CVE/list
Log:
Add bug references for redmine issues
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 20:31:48 UTC
Author: carnil
Date: 2017-11-23 20:31:48 + (Thu, 23 Nov 2017)
New Revision: 57970
Modified:
data/CVE/list
Log:
Add bug reference forCVE-2017-16896/tt-rss, #882543
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23
(rev 57968)
+++ data/dla-needed.txt 2017-11-23 20:14:11 UTC (rev 57969)
@@ -90,6 +90,7 @@
--
roundcube (Roberto C. Sánchez)
NOTE: 2017118: Patch is ready; because of code differences, waiting on
upstream to review or provide information on how to reproduce the exploit
+ NOTE: 20171123
Author: anarcat
Date: 2017-11-23 19:53:24 + (Thu, 23 Nov 2017)
New Revision: 57968
Modified:
data/dla-needed.txt
Log:
propose resolution for exiv2
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-11-23 19:51:53
Author: pochu
Date: 2017-11-23 19:51:53 + (Thu, 23 Nov 2017)
New Revision: 57967
Modified:
data/DLA/list
Log:
remove two CVEs not fixed in the openjdk-7 update
These are issues in zlib and lcms, and we use the external copies,
so they are not fixed in this update.
Modified:
Author: anarcat
Date: 2017-11-23 18:32:01 + (Thu, 23 Nov 2017)
New Revision: 57966
Modified:
data/dla-needed.txt
Log:
claim exiv2
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-11-23 17:10:54 UTC (rev 57965)
Author: pochu
Date: 2017-11-23 17:10:54 + (Thu, 23 Nov 2017)
New Revision: 57965
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-1187-1 for openjdk-7
Modified: data/DLA/list
===
--- data/DLA/list
Author: carnil
Date: 2017-11-23 15:52:01 + (Thu, 23 Nov 2017)
New Revision: 57964
Modified:
data/CVE/list
Log:
Update CVE-2017-9299 status
The state is not fully correct. But the original report ist too vague
and unclear to be tracked down, and after upstream's look at it ist
still not
Author: carnil
Date: 2017-11-23 15:21:50 + (Thu, 23 Nov 2017)
New Revision: 57963
Modified:
data/CVE/list
Log:
Add bug reference for CVE-2017-12087
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 15:10:30 UTC
Author: carnil
Date: 2017-11-23 15:10:30 + (Thu, 23 Nov 2017)
New Revision: 57962
Modified:
data/CVE/list
Log:
Checked CVE-2017-16818/ceph, not affected in Debian
Basic support for IAM policies (and thus the respective code) was only
added with the 12.1.0 release of ceph. All versions in
Author: carnil
Date: 2017-11-23 14:22:15 + (Thu, 23 Nov 2017)
New Revision: 57961
Modified:
data/next-oldstable-point-update.txt
Log:
Track proposed update for sam2p in jessie
Modified: data/next-oldstable-point-update.txt
Author: carnil
Date: 2017-11-23 14:19:04 + (Thu, 23 Nov 2017)
New Revision: 57959
Modified:
data/CVE/list
Log:
Process several Huawei specific CVE assignments as NFU
Modified: data/CVE/list
===
--- data/CVE/list
Author: carnil
Date: 2017-11-23 14:19:14 + (Thu, 23 Nov 2017)
New Revision: 57960
Modified:
data/CVE/list
Log:
Remove note, package status tracked
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 14:19:04 UTC
Author: hertzog
Date: 2017-11-23 14:15:16 + (Thu, 23 Nov 2017)
New Revision: 57958
Modified:
data/CVE/list
Log:
Mark wheezy as not affected by CVE-2017-16834
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23
Author: hertzog
Date: 2017-11-23 14:03:24 + (Thu, 23 Nov 2017)
New Revision: 57957
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Add couchdb to dla-needed.txt
Modified: data/CVE/list
===
--- data/CVE/list
Author: carnil
Date: 2017-11-23 13:09:09 + (Thu, 23 Nov 2017)
New Revision: 57956
Modified:
data/CVE/list
Log:
Mark CVE-2017-16663/sam2p as no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 12:26:23 UTC
Author: jmm
Date: 2017-11-23 12:26:23 + (Thu, 23 Nov 2017)
New Revision: 57955
Modified:
data/CVE/list
Log:
shairpoint non-issue
a few no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 11:50:22 UTC (rev
Author: hertzog
Date: 2017-11-23 11:50:22 + (Thu, 23 Nov 2017)
New Revision: 57954
Modified:
data/dla-needed.txt
Log:
Add xrdp to dla-needed.txt
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-11-23 11:50:19
Author: hertzog
Date: 2017-11-23 11:50:19 + (Thu, 23 Nov 2017)
New Revision: 57953
Modified:
data/CVE/list
Log:
CVE-2017-15288: Indicate which pull request apply to each version
Modified: data/CVE/list
===
--- data/CVE/list
Author: hertzog
Date: 2017-11-23 11:50:05 + (Thu, 23 Nov 2017)
New Revision: 57952
Modified:
data/CVE/list
Log:
Ignore CVE-2017-1000203 in wheezy
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 11:49:52 UTC
Author: hertzog
Date: 2017-11-23 11:49:52 + (Thu, 23 Nov 2017)
New Revision: 57951
Modified:
data/dla-needed.txt
Log:
Add back xen to dla-needed.txt
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-11-23
Author: hertzog
Date: 2017-11-23 10:42:43 + (Thu, 23 Nov 2017)
New Revision: 57950
Modified:
data/dla-needed.txt
Log:
Add otrs2 to dla-needed.txt
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-11-23 10:33:28
Author: hertzog
Date: 2017-11-23 10:33:28 + (Thu, 23 Nov 2017)
New Revision: 57949
Modified:
data/dla-needed.txt
Log:
Add ohcount to dla-needed.txt
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-11-23 09:56:59
Author: hertzog
Date: 2017-11-23 09:56:59 + (Thu, 23 Nov 2017)
New Revision: 57948
Modified:
data/dla-needed.txt
Log:
Add exiv2 to dla-needed.txt
Modified: data/dla-needed.txt
===
--- data/dla-needed.txt 2017-11-23 09:10:18
Author: sectracker
Date: 2017-11-23 09:10:18 + (Thu, 23 Nov 2017)
New Revision: 57947
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 09:03:06 UTC (rev 57946)
+++
Author: carnil
Date: 2017-11-23 09:03:06 + (Thu, 23 Nov 2017)
New Revision: 57946
Modified:
data/CVE/list
Log:
Add bug reference for xrdp issue, #882463
Modified: data/CVE/list
===
--- data/CVE/list 2017-11-23 06:58:28
41 matches
Mail list logo