[Secure-testing-commits] r50011 - data/CVE

Markus Koschany Fri, 24 Mar 2017 14:41:08 -0700

Author: apo
Date: 2017-03-24 21:40:11 +0000 (Fri, 24 Mar 2017)
New Revision: 50011


Modified:
   data/CVE/list
Log:
Revert 50009 because update for libplist was just uploaded

An update for libplist was already prepared for Wheezy. I also think that we
should not mark the other CVEs as no-dsa until we have more information.



Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-03-24 21:39:31 UTC (rev 50010)
+++ data/CVE/list       2017-03-24 21:40:11 UTC (rev 50011)
@@ -2008,34 +2008,28 @@
 CVE-2017-6440 (The parse_data_node function in bplist.c in libimobiledevice 
libplist ...)
        - libplist <unfixed> (bug #858055)
        [jessie] - libplist <no-dsa> (Minor issue)
-       [wheezy] - libplist <no-dsa> (Minor issue)
        NOTE: https://github.com/libimobiledevice/libplist/issues/99
 CVE-2017-6439 (Heap-based buffer overflow in the parse_string_node function in 
...)
        - libplist 1.12+git+1+e37ca00-0.1
        [jessie] - libplist <no-dsa> (Minor issue)
-       [wheezy] - libplist <no-dsa> (Minor issue)
        NOTE: https://github.com/libimobiledevice/libplist/issues/95
        NOTE: 
https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
 CVE-2017-6438 (Heap-based buffer overflow in the parse_unicode_node function 
in ...)
        - libplist <unfixed>
        [jessie] - libplist <no-dsa> (Minor issue)
-       [wheezy] - libplist <no-dsa> (Minor issue)
        NOTE: https://github.com/libimobiledevice/libplist/issues/98
 CVE-2017-6437 (The base64encode function in base64.c in libimobiledevice 
libplist ...)
        - libplist <unfixed>
        [jessie] - libplist <no-dsa> (Minor issue)
-       [wheezy] - libplist <no-dsa> (Minor issue)
        NOTE: https://github.com/libimobiledevice/libplist/issues/100
 CVE-2017-6436 (The parse_string_node function in bplist.c in libimobiledevice 
...)
        - libplist 1.12+git+1+e37ca00-0.1
        [jessie] - libplist <no-dsa> (Minor issue)
-       [wheezy] - libplist <no-dsa> (Minor issue)
        NOTE: https://github.com/libimobiledevice/libplist/issues/94
        NOTE: 
https://github.com/libimobiledevice/libplist/commit/32ee5213fe64f1e10ec76c1ee861ee6f233120dd
 CVE-2017-6435 (The parse_string_node function in bplist.c in libimobiledevice 
...)
        - libplist 1.12+git+1+e37ca00-0.1
        [jessie] - libplist <no-dsa> (Minor issue)
-       [wheezy] - libplist <no-dsa> (Minor issue)
        NOTE: https://github.com/libimobiledevice/libplist/issues/93
        NOTE: 
https://github.com/libimobiledevice/libplist/commit/fbd8494d5e4e46bf2e90cb6116903e404374fb56
 CVE-2017-6434


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r50011 - data/CVE

Reply via email to