Author: jmm
Date: 2017-12-08 06:51:32 + (Fri, 08 Dec 2017)
New Revision: 58352
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
erlang DSA
Modified: data/DSA/list
===
--- data/DSA/list 2017-12-08 06:44:41 UTC (rev
Author: jmm
Date: 2017-12-08 06:44:41 + (Fri, 08 Dec 2017)
New Revision: 58351
Modified:
data/dsa-needed.txt
Log:
add openafs to dsa-needed
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-12-08 06:11:46 UTC
Author: carnil
Date: 2017-12-08 06:11:46 + (Fri, 08 Dec 2017)
New Revision: 58350
Modified:
data/CVE/list
Log:
Process CVE-2017-15097, mark as NFU, add note
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-08
Author: pabs
Date: 2017-12-08 05:48:14 + (Fri, 08 Dec 2017)
New Revision: 58349
Modified:
data/embedded-code-copies
Log:
Convert (embedded) to (embed)
(embed) is the correct keyword for the format.
Modified: data/embedded-code-copies
Author: pabs
Date: 2017-12-08 05:48:06 + (Fri, 08 Dec 2017)
New Revision: 58348
Modified:
data/embedded-code-copies
Log:
List packages that embed woff2 or brotli
Modified: data/embedded-code-copies
===
---
Author: jmm
Date: 2017-12-07 21:43:17 + (Thu, 07 Dec 2017)
New Revision: 58347
Modified:
data/CVE/list
Log:
NFUs
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07 21:37:01 UTC (rev 58346)
+++ data/CVE/list
Author: jmm
Date: 2017-12-07 21:36:37 + (Thu, 07 Dec 2017)
New Revision: 58345
Modified:
data/dsa-needed.txt
Log:
add ruby2.1 to dsa-needed
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-12-07 21:35:53 UTC
Author: jmm
Date: 2017-12-07 21:35:53 + (Thu, 07 Dec 2017)
New Revision: 58344
Modified:
data/CVE/list
Log:
qemu triage
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07 21:23:37 UTC (rev 58343)
+++
Author: jmm
Date: 2017-12-07 21:37:01 + (Thu, 07 Dec 2017)
New Revision: 58346
Modified:
data/dsa-needed.txt
Log:
add xen to dsa-needed
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-12-07 21:36:37 UTC (rev
with next OpenSSL
advisory round)
+ [jessie] - openssl (Vulnerable code not present)
+ [wheezy] - openssl (Vulnerable code not present)
+ - openssl1.0 (low)
NOTE: https://www.openssl.org/news/secadv/20171207.txt
NOTE: OpenSSL_1_1_0-stable:
https://git.openssl.org
Author: carnil
Date: 2017-12-07 21:19:45 + (Thu, 07 Dec 2017)
New Revision: 58342
Modified:
data/CVE/list
Log:
Add CVE-2017-17459/fossil
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07 21:14:42 UTC (rev 58341)
Author: carnil
Date: 2017-12-07 21:14:42 + (Thu, 07 Dec 2017)
New Revision: 58341
Modified:
data/CVE/list
Log:
Add CVE-2017-17458/mercurial, fixed already in unstable
Modified: data/CVE/list
===
--- data/CVE/list
-3738 (There is an overflow bug in the AVX2 Montgomery multiplication
...)
- openssl
- openssl1.0
NOTE: https://www.openssl.org/news/secadv/20171207.txt
NOTE: OpenSSL_1_1_0-stable:
https://git.openssl.org/?p=openssl.git;a=commit;h
Author: jmm
Date: 2017-12-07 20:59:36 + (Thu, 07 Dec 2017)
New Revision: 58339
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
various no-dsa
add two openssl and sqlite to dsa-needed
Modified: data/CVE/list
===
---
Author: carnil
Date: 2017-12-07 19:29:48 + (Thu, 07 Dec 2017)
New Revision: 58338
Modified:
data/CVE/list
Log:
Hint to the fix for CVE-2017-16926
The commit changes ohcount to use libmagic instead of spawning a process
to run file and allowing the injection.
Modified: data/CVE/list
Author: carnil
Date: 2017-12-07 19:15:38 + (Thu, 07 Dec 2017)
New Revision: 58337
Modified:
data/CVE/list
Log:
Mark CVE-2017-16876 as no-dsa
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07 19:07:55 UTC (rev
Author: carnil
Date: 2017-12-07 19:07:55 + (Thu, 07 Dec 2017)
New Revision: 58336
Modified:
data/dsa-needed.txt
Log:
Add and take libxcursor in dsa-needed list
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt
Author: carnil
Date: 2017-12-07 16:05:21 + (Thu, 07 Dec 2017)
New Revision: 58335
Modified:
data/dsa-needed.txt
Log:
Add otrs2 to dsa-needed list
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-12-07 15:35:04
Author: carnil
Date: 2017-12-07 15:35:04 + (Thu, 07 Dec 2017)
New Revision: 58334
Modified:
data/CVE/list
Log:
Add bug reference for libxcursor issue, #883792
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07
Author: carnil
Date: 2017-12-07 15:29:38 + (Thu, 07 Dec 2017)
New Revision: 58333
Modified:
data/CVE/list
Log:
Add bug reference for CVE-2017-15412
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07 15:18:11 UTC
Author: carnil
Date: 2017-12-07 15:18:11 + (Thu, 07 Dec 2017)
New Revision: 58332
Modified:
data/CVE/list
Log:
CVE-2017-17090/asterisk fixed in unstable
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07 14:49:13
58330)
+++ data/CVE/list 2017-12-07 14:49:13 UTC (rev 58331)
@@ -43467,6 +43467,8 @@
- openssl
- openssl1.0
NOTE: https://www.openssl.org/news/secadv/20171207.txt
+ NOTE: OpenSSL_1_1_0-stable:
https://git.openssl.org/?p=openssl.git;a=commit;h
://www.openssl.org/news/secadv/20171207.txt
CVE-2017-3737 [Read/write after SSL object in error state]
RESERVED
- openssl 1.1.0b-2
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org
/secadv/20171207.txt
CVE-2017-3736 (There is a carry propagating bug in the x86_64 Montgomery
squaring ...)
{DSA-4017-1}
- openssl 1.1.0g-1
___
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http
Author: carnil
Date: 2017-12-07 14:23:01 + (Thu, 07 Dec 2017)
New Revision: 58328
Modified:
data/CVE/list
Log:
Add information for CVE-2017-15412
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07 14:05:00 UTC
Author: carnil
Date: 2017-12-07 14:05:00 + (Thu, 07 Dec 2017)
New Revision: 58327
Modified:
data/CVE/list
Log:
CVE-2017-15422/icu: reference the chromium bug to better identify the issue
since no further information provided
Modified: data/CVE/list
Author: carnil
Date: 2017-12-07 13:52:08 + (Thu, 07 Dec 2017)
New Revision: 58326
Modified:
data/CVE/list
Log:
Update information for CVE-2017-16854/otrs2
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07
Author: carnil
Date: 2017-12-07 13:51:56 + (Thu, 07 Dec 2017)
New Revision: 58325
Modified:
data/CVE/list
Log:
Update information for CVE-2017-16921/otrs2
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07
Author: carnil
Date: 2017-12-07 13:46:59 + (Thu, 07 Dec 2017)
New Revision: 58324
Modified:
data/CVE/list
Log:
Add CVE-2017-16854/otrs2
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07 13:35:28 UTC (rev 58323)
Author: carnil
Date: 2017-12-07 13:35:28 + (Thu, 07 Dec 2017)
New Revision: 58323
Modified:
data/CVE/list
Log:
Add CVE-2017-16921/otrs2
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07 12:53:29 UTC (rev 58322)
Author: jmm
Date: 2017-12-07 12:53:29 + (Thu, 07 Dec 2017)
New Revision: 58322
Modified:
data/CVE/list
data/dsa-needed.txt
Log:
new chromium issues (also libxml/icu)
Modified: data/CVE/list
===
--- data/CVE/list
Author: jmm
Date: 2017-12-07 10:12:09 + (Thu, 07 Dec 2017)
New Revision: 58321
Modified:
data/dsa-needed.txt
Log:
take erlang
Modified: data/dsa-needed.txt
===
--- data/dsa-needed.txt 2017-12-07 10:02:24 UTC (rev 58320)
+++
Author: carnil
Date: 2017-12-07 10:02:24 + (Thu, 07 Dec 2017)
New Revision: 58320
Modified:
data/CVE/list
Log:
CVE-2017-17051/nova fixed
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07 09:37:21 UTC (rev 58319)
Author: carnil
Date: 2017-12-07 09:37:21 + (Thu, 07 Dec 2017)
New Revision: 58319
Modified:
data/CVE/list
Log:
Add two new libsndfile issues
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07 09:13:50 UTC (rev
Author: carnil
Date: 2017-12-07 09:13:50 + (Thu, 07 Dec 2017)
New Revision: 58318
Modified:
data/CVE/list
Log:
Add fixing version for CVE-2017-17446/game-music-emu, #883691
Modified: data/CVE/list
===
--- data/CVE/list
Author: carnil
Date: 2017-12-07 09:11:59 + (Thu, 07 Dec 2017)
New Revision: 58317
Modified:
data/CVE/list
Log:
Add three new linux issues
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07 09:10:16 UTC (rev 58316)
Author: seb
Date: 2017-12-07 09:10:07 + (Thu, 07 Dec 2017)
New Revision: 58315
Modified:
data/DSA/list
data/dsa-needed.txt
Log:
Reserve DSA-4056-1 for CVE-2017-16239 (nova)
Modified: data/DSA/list
===
--- data/DSA/list
Author: sectracker
Date: 2017-12-07 09:10:16 + (Thu, 07 Dec 2017)
New Revision: 58316
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07 09:10:07 UTC (rev 58315)
+++
Author: carnil
Date: 2017-12-07 08:29:28 + (Thu, 07 Dec 2017)
New Revision: 58314
Modified:
data/CVE/list
Log:
Add patch for CVE-2017-17446/game-music-emu
Modified: data/CVE/list
===
--- data/CVE/list 2017-12-07
39 matches
Mail list logo