Author: apo Date: 2016-08-01 10:33:54 +0000 (Mon, 01 Aug 2016) New Revision: 43695
Modified: data/CVE/list data/dla-needed.txt Log: Mark CVE-2016-1000027 as no-dsa for Wheezy "Vulnerable" code is present but upstream says it works as intended. Will however improve the documentation in future updates. Modified: data/CVE/list =================================================================== --- data/CVE/list 2016-08-01 10:24:30 UTC (rev 43694) +++ data/CVE/list 2016-08-01 10:33:54 UTC (rev 43695) @@ -1024,6 +1024,7 @@ CVE-2016-1000027 RESERVED - libspring-java <unfixed> + [wheezy] - libspring-java <no-dsa> (Minor issue) NOTE: https://www.tenable.com/security/research/tra-2016-20 TODO: check CVE-2016-6255 [write files via POST] Modified: data/dla-needed.txt =================================================================== --- data/dla-needed.txt 2016-08-01 10:24:30 UTC (rev 43694) +++ data/dla-needed.txt 2016-08-01 10:33:54 UTC (rev 43695) @@ -37,8 +37,6 @@ NOTE: this package needs 30GB disk space, lots of RAM and CPU power NOTE: can reproduce in Wheezy VM -- -libspring-java --- libsys-syslog-perl NOTE: was not fixed with DLA-565-1. Can be fixed similar to Jessie. -- _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits