Author: hertzog
Date: 2017-05-22 13:41:14 +0000 (Mon, 22 May 2017)
New Revision: 51830
Modified:
data/CVE/list
Log:
Mark many issues as end-of-life in wheezy
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-05-22 13:41:02 UTC (rev 51829)
+++ data/CVE/list 2017-05-22 13:41:14 UTC (rev 51830)
@@ -3960,6 +3960,7 @@
NOT-FOR-US: core-eMLi
CVE-2017-7620 (MantisBT before 2.4.1 allows Permalink Injection via CSRF
attacks on a ...)
- mantis <removed>
+ [wheezy] - mantis <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://mantisbt.org/bugs/view.php?id=22909
NOTE: https://mantisbt.org/bugs/view.php?id=22702
CVE-2017-7618 (crypto/ahash.c in the Linux kernel through 4.10.9 allows
attackers to ...)
@@ -4659,6 +4660,7 @@
CVE-2017-7400 (OpenStack Horizon 9.x through 9.1.1, 10.x through 10.0.2, and
11.0.0 ...)
- horizon 3:10.0.1-1 (bug #859559)
[jessie] - horizon <not-affected> (Vulnerable code not present)
+ [wheezy] - horizon <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://launchpad.net/bugs/1667086
CVE-2016-10317 (The fill_threshhold_buffer function in base/gxht_thresh.c in
Artifex ...)
- ghostscript <unfixed> (bug #860869)
@@ -5559,6 +5561,7 @@
CVE-2017-7200 (An SSRF issue was discovered in OpenStack Glance before Newton.
The ...)
- glance 2:13.0.0-1
[jessie] - glance <no-dsa> (Minor issue, too intrusive to backport)
+ [wheezy] - glance <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://wiki.openstack.org/wiki/OSSN/OSSN-0078
NOTE: https://bugs.launchpad.net/ossn/+bug/1606495
NOTE: https://bugs.launchpad.net/ossn/+bug/1153614
@@ -6261,6 +6264,7 @@
CVE-2017-6903 (In ioquake3 before 2017-03-14, the auto-downloading feature has
...)
{DSA-3812-1}
- ioquake3 1.36+u20161101+dfsg1-2 (bug #857699)
+ [wheezy] - ioquake3 <end-of-life> (Not supported in Wheezy LTS)
- iortcw 1.50a+dfsg1-3 (bug #857714)
NOTE:
https://ioquake3.org/2017/03/13/important-security-update-please-update-ioquake3-immediately/
NOTE: Also affects openjk (only in experimental; bug #857715)
@@ -18533,6 +18537,7 @@
RESERVED
- keystone 2:10.0.0-9 (bug #861189)
[jessie] - keystone <not-affected> (Vulnerable code not present)
+ [wheezy] - keystone <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://bugs.launchpad.net/keystone/+bug/1677723
CVE-2017-2672
RESERVED
@@ -23734,26 +23739,31 @@
CVE-2017-0372
RESERVED
- mediawiki 1:1.27.3-1 (bug #861585)
+ [wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://phabricator.wikimedia.org/T158689
NOTE:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
NOTE:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000209.html
CVE-2017-0371
RESERVED
- mediawiki 1:1.27.2-1
+ [wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://phabricator.wikimedia.org/T68404
CVE-2017-0370
RESERVED
- mediawiki 1:1.27.2-1
+ [wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://phabricator.wikimedia.org/T48143
NOTE:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
CVE-2017-0369
RESERVED
- mediawiki 1:1.27.2-1
+ [wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://phabricator.wikimedia.org/T108138
NOTE:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
CVE-2017-0368
RESERVED
- mediawiki 1:1.27.2-1
+ [wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://phabricator.wikimedia.org/T156184
NOTE:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
CVE-2017-0367
@@ -23765,31 +23775,37 @@
CVE-2017-0366
RESERVED
- mediawiki 1:1.27.2-1
+ [wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://phabricator.wikimedia.org/T151735
NOTE:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
CVE-2017-0365
RESERVED
- mediawiki 1:1.27.2-1
+ [wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://phabricator.wikimedia.org/T144845
NOTE:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
CVE-2017-0364
RESERVED
- mediawiki 1:1.27.2-1
+ [wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://phabricator.wikimedia.org/T122209
NOTE:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
CVE-2017-0363
RESERVED
- mediawiki 1:1.27.2-1
+ [wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://phabricator.wikimedia.org/T109140
NOTE:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
CVE-2017-0362
RESERVED
- mediawiki 1:1.27.2-1
+ [wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://phabricator.wikimedia.org/T150044
NOTE:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
CVE-2017-0361
RESERVED
- mediawiki 1:1.27.2-1
+ [wheezy] - mediawiki <end-of-life> (Not supported in Wheezy LTS)
NOTE: https://phabricator.wikimedia.org/T125177
NOTE:
https://lists.wikimedia.org/pipermail/mediawiki-announce/2017-April/000207.html
CVE-2017-0360 (file_open in Tryton 3.x and 4.x through 4.2.2 allows remote ...)
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
