Author: carnil Date: 2017-10-18 05:36:03 +0000 (Wed, 18 Oct 2017) New Revision: 56797
Modified: data/CVE/list Log: Mark CVE-2017-14604 as no-dsa Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-10-18 05:32:30 UTC (rev 56796) +++ data/CVE/list 2017-10-18 05:36:03 UTC (rev 56797) @@ -2513,6 +2513,7 @@ CVE-2017-14604 (GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by ...) {DSA-3994-1} - nautilus 3.25.90-1 (bug #860268) + [jessie] - nautilus <no-dsa> (Minor issue, issue mitigated because does not silently decompress tarballs) NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=777991 NOTE: https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-os/ NOTE: https://github.com/freedomofpress/securedrop/issues/2238 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits