[Secure-testing-commits] r56619 - data/CVE

Wed, 11 Oct 2017 13:41:16 -0700 

Author: jmm
Date: 2017-10-11 20:40:49 +0000 (Wed, 11 Oct 2017)
New Revision: 56619

Modified:
   data/CVE/list
Log:
mark a few no-dsa issues as ignored
remove bogus gnome-keyring entry


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-10-11 20:00:11 UTC (rev 56618)
+++ data/CVE/list       2017-10-11 20:40:49 UTC (rev 56619)
@@ -27190,9 +27190,9 @@
        NOTE: 
http://blogs.gentoo.org/ago/2017/02/09/zziplib-out-of-bounds-read-in-zzip_mem_entry_new-memdisk-c/
 CVE-2017-5977 (The zzip_mem_entry_extra_block function in memdisk.c in zziplib 
...)
        - zziplib <unfixed> (bug #864150; bug #854727)
-       [stretch] - zziplib <no-dsa> (Minor issue)
-       [jessie] - zziplib <no-dsa> (Minor issue)
-       [wheezy] - zziplib <no-dsa> (Minor issue)
+       [stretch] - zziplib <ignored> (Minor issue)
+       [jessie] - zziplib <ignored> (Minor issue)
+       [wheezy] - zziplib <ignored> (Minor issue)
        NOTE: 
http://blogs.gentoo.org/ago/2017/02/09/zziplib-invalid-memory-read-in-zzip_mem_entry_extra_block-memdisk-c/
 CVE-2017-5976 (Heap-based buffer overflow in the zzip_mem_entry_extra_block 
function ...)
        {DSA-3878-1 DLA-994-1}
@@ -27563,11 +27563,6 @@
        NOTE: http://www.openwall.com/lists/oss-security/2017/02/07/5
        NOTE: https://bitbucket.org/openpyxl/openpyxl/issues/749
        NOTE: https://bitbucket.org/openpyxl/openpyxl/commits/3b4905f428e1
-CVE-2017-XXXX [gnome-keyring lives on after ssh session stops]
-       - gnome-keyring <unfixed> (low; bug #395572)
-       [stretch] - gnome-keyring <no-dsa> (Minor issue)
-       [jessie] - gnome-keyring <no-dsa> (Minor issue)
-       [wheezy] - gnome-keyring <no-dsa> (Minor issue)
 CVE-2017-6059 (Mod_auth_openidc.c in the Ping Identity OpenID Connect 
authentication ...)
        - libapache2-mod-auth-openidc 2.1.5-1
        [jessie] - libapache2-mod-auth-openidc <no-dsa> (Minor issue)
@@ -62169,9 +62164,9 @@
        NOTE: http://www.openwall.com/lists/oss-security/2016/04/09/5
 CVE-2012-XXXX [Option -localhost seems to fail to restrict ipv6 access]
        - x11vnc <unfixed> (bug #672435)
-       [stretch] - x11vnc <no-dsa> (Minor issue; workaround exits)
-       [jessie] - x11vnc <no-dsa> (Minor issue; workaround exits)
-       [wheezy] - x11vnc <no-dsa> (Minor issue; workaround exits)
+       [stretch] - x11vnc <ignored> (Minor issue; workaround exits)
+       [jessie] - x11vnc <ignored> (Minor issue; workaround exits)
+       [wheezy] - x11vnc <ignored> (Minor issue; workaround exits)
 CVE-2016-3948 (Squid 3.x before 3.5.16 and 4.x before 4.0.8 improperly perform 
bounds ...)
        - squid3 3.5.16-1 (bug #819784)
        [jessie] - squid3 <no-dsa> (Minor issue; needs substantial backporting; 
too intrusive to backport)
@@ -65975,9 +65970,9 @@
        NOTE: Upstream confirmed it does not affect squid 2.7.x
 CVE-2016-2568 (pkexec, when used with --user nonpriv, allows local users to 
escape to ...)
        - policykit-1 <unfixed> (bug #816062; bug #812512)
-       [stretch] - policykit-1 <no-dsa> (Minor issue)
-       [jessie] - policykit-1 <no-dsa> (Minor issue)
-       [wheezy] - policykit-1 <no-dsa> (Minor issue)
+       [stretch] - policykit-1 <ignored> (Minor issue)
+       [jessie] - policykit-1 <ignored> (Minor issue)
+       [wheezy] - policykit-1 <ignored> (Minor issue)
        NOTE: Restricting ioctl on the kernel side seems the better approach
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1300746
 CVE-2016-2558 (The Escape interface in the Kernel Mode Driver layer in the 
NVIDIA GPU ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to