Antoine Beaupré pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
359c3a7a by Antoine Beaupré at 2018-02-16T10:40:43-05:00
triage systemd and mr out of wheezy
mr follows triage in jessie
systemd/CVE-2018-6954 is triaged like CVE-2013-4392 although I'm feel
that wheezy *may* have support for tmpfiles.d - at least the manpage
is there... considering how limited systemd support was in wheezy,
however, i suspect it's fair to assume it's not largely used.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -486,6 +486,7 @@ CVE-2018-7032 (webcheckout in myrepos through 1.20171231
does not sanitize URLs
[stretch] - myrepos <no-dsa> (Minor issue)
[jessie] - myrepos <no-dsa> (Minor issue)
- mr <removed>
+ [wheezy] - mr <no-dsa> (Minor issue)
CVE-2018-6956
RESERVED
CVE-2018-6955
@@ -493,6 +494,7 @@ CVE-2018-6955
CVE-2018-6954 (systemd-tmpfiles in systemd through 237 mishandles symlinks
present in ...)
- systemd <unfixed>
NOTE: https://github.com/systemd/systemd/issues/7986
+ [wheezy] - systemd <not-affected> (/etc/tmpfiles.d not supported in
Wheezy)
CVE-2018-6953 (In CCN-lite 2, the Parser of NDNTLV does not verify whether a
certain ...)
NOT-FOR-US: CCN-lite 2
CVE-2018-6952 (A double free exists in the another_hunk function in pch.c in
GNU patch ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/359c3a7a65318331ec2507fb547651299ea207a7
---
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/359c3a7a65318331ec2507fb547651299ea207a7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
