Author: carnil
Date: 2017-01-19 18:35:52 +0000 (Thu, 19 Jan 2017)
New Revision: 48198
Modified:
data/CVE/list
data/DSA/list
Log:
Adjust the CVE assignments for python-pysaml2
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-01-19 17:46:49 UTC (rev 48197)
+++ data/CVE/list 2017-01-19 18:35:52 UTC (rev 48198)
@@ -805,12 +805,12 @@
CVE-2016-10125 (D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a
hardcoded ...)
NOT-FOR-US: D-Link
CVE-2016-10127 [XML external entity attack]
- RESERVED
- {DSA-3759-1}
+ - python-pysaml2 <unfixed>
+ NOTE: https://github.com/rohe/pysaml2/issues/366
+CVE-2016-10149 [CWE-776 (Entity Expansion)]
- python-pysaml2 3.0.0-5 (bug #850716)
- NOTE: https://github.com/rohe/pysaml2/pull/379
+ NOTE: NOTE: https://github.com/rohe/pysaml2/pull/379
NOTE:
https://github.com/rohe/pysaml2/commit/6e09a25d9b4b7aa7a506853210a9a14100b8bc9b
- NOTE: http://www.openwall.com/lists/oss-security/2017/01/10/6
CVE-2017-XXXX [multiple new security issues]
- w3m 0.5.3-34 (bug #850432)
[jessie] - w3m <no-dsa> (Minor issues)
Modified: data/DSA/list
===================================================================
--- data/DSA/list 2017-01-19 17:46:49 UTC (rev 48197)
+++ data/DSA/list 2017-01-19 18:35:52 UTC (rev 48198)
@@ -22,7 +22,7 @@
{CVE-2016-9646 CVE-2016-10026 CVE-2017-0356}
[jessie] - ikiwiki 3.20141016.4
[12 Jan 2017] DSA-3759-1 python-pysaml2 - security update
- {CVE-2016-10127}
+ {CVE-2016-10149}
[jessie] - python-pysaml2 2.0.0-1+deb8u1
[11 Jan 2017] DSA-3758-1 bind9 - security update
{CVE-2016-9131 CVE-2016-9147 CVE-2016-9444}
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
