[Secure-testing-commits] r34095 - data/CVE

Salvatore Bonaccorso Wed, 06 May 2015 04:43:49 -0700

Author: carnil
Date: 2015-05-06 11:43:00 +0000 (Wed, 06 May 2015)
New Revision: 34095


Modified:
   data/CVE/list
Log:
Add stretch tagged entry for libxml2 for CVE-2014-3660

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2015-05-06 11:22:46 UTC (rev 34094)
+++ data/CVE/list       2015-05-06 11:43:00 UTC (rev 34095)
@@ -25288,6 +25288,7 @@
        - jenkins 1.565.3-1 (bug #763899)
 CVE-2014-3660 (parser.c in libxml2 before 2.9.2 does not properly prevent 
entity ...)
        {DSA-2978-2 DSA-3057-1 DLA-151-1 DLA-80-1}
+       [stretch] - libxml2 2.9.1+dfsg1-5
        [jessie] - libxml2 2.9.1+dfsg1-5
        - libxml2 2.9.2+dfsg1-1 (bug #765722)
        NOTE: 
https://www.ncsc.nl/actueel/nieuwsberichten/kwetsbaarheid-ontdekt-in-libxml2.html
@@ -25295,6 +25296,7 @@
        NOTE: Beware the upstream patch relies on other commits not
        NOTE: available in the squeeze/wheezy version (at least cff2546f that
        NOTE: changes how the ent->checked variable is used and likely a3f1e3e5 
too)
+       NOTE: stretch tagged entry added as workaround until 2.9.2+dfsg1-1 
migrates to testing
 CVE-2014-3659
        REJECTED
 CVE-2014-3658


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r34095 - data/CVE

Reply via email to