Author: carnil Date: 2017-01-19 18:35:52 +0000 (Thu, 19 Jan 2017) New Revision: 48198
Modified: data/CVE/list data/DSA/list Log: Adjust the CVE assignments for python-pysaml2 Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-01-19 17:46:49 UTC (rev 48197) +++ data/CVE/list 2017-01-19 18:35:52 UTC (rev 48198) @@ -805,12 +805,12 @@ CVE-2016-10125 (D-Link DGS-1100 devices with Rev.B firmware 1.01.018 have a hardcoded ...) NOT-FOR-US: D-Link CVE-2016-10127 [XML external entity attack] - RESERVED - {DSA-3759-1} + - python-pysaml2 <unfixed> + NOTE: https://github.com/rohe/pysaml2/issues/366 +CVE-2016-10149 [CWE-776 (Entity Expansion)] - python-pysaml2 3.0.0-5 (bug #850716) - NOTE: https://github.com/rohe/pysaml2/pull/379 + NOTE: NOTE: https://github.com/rohe/pysaml2/pull/379 NOTE: https://github.com/rohe/pysaml2/commit/6e09a25d9b4b7aa7a506853210a9a14100b8bc9b - NOTE: http://www.openwall.com/lists/oss-security/2017/01/10/6 CVE-2017-XXXX [multiple new security issues] - w3m 0.5.3-34 (bug #850432) [jessie] - w3m <no-dsa> (Minor issues) Modified: data/DSA/list =================================================================== --- data/DSA/list 2017-01-19 17:46:49 UTC (rev 48197) +++ data/DSA/list 2017-01-19 18:35:52 UTC (rev 48198) @@ -22,7 +22,7 @@ {CVE-2016-9646 CVE-2016-10026 CVE-2017-0356} [jessie] - ikiwiki 3.20141016.4 [12 Jan 2017] DSA-3759-1 python-pysaml2 - security update - {CVE-2016-10127} + {CVE-2016-10149} [jessie] - python-pysaml2 2.0.0-1+deb8u1 [11 Jan 2017] DSA-3758-1 bind9 - security update {CVE-2016-9131 CVE-2016-9147 CVE-2016-9444} _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits