[Secure-testing-commits] r52156 - data/CVE

Moritz Muehlenhoff Wed, 31 May 2017 10:25:58 -0700

Author: jmm
Date: 2017-05-31 17:25:40 +0000 (Wed, 31 May 2017)
New Revision: 52156


Modified:
   data/CVE/list
Log:
multiple no-dsa for stretch


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-05-31 14:37:13 UTC (rev 52155)
+++ data/CVE/list       2017-05-31 17:25:40 UTC (rev 52156)
@@ -876,36 +876,43 @@
        NOT-FOR-US: Google I/O 2017 application
 CVE-2017-9044 (The print_symbol_for_build_attribute function in readelf.c in 
GNU ...)
        - binutils <unfixed>
+       [stretch] - binutils <no-dsa> (Minor issue)
        [jessie] - binutils <no-dsa> (Minor issue)
        [wheezy] - binutils <no-dsa> (Minor issue)
 CVE-2017-9043 (readelf.c in GNU Binutils 2017-04-12 has a &quot;shift exponent 
too large ...)
        - binutils <unfixed> (bug #863674)
+       [stretch] - binutils <no-dsa> (Minor issue)
        [jessie] - binutils <no-dsa> (Minor issue)
        [wheezy] - binutils <no-dsa> (Minor issue)
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ddef72cdc10d82ba011a7ff81cafbbd3466acf54
 CVE-2017-9042 (readelf.c in GNU Binutils 2017-04-12 has a &quot;cannot be 
represented in ...)
        - binutils <unfixed> (bug #863674)
+       [stretch] - binutils <no-dsa> (Minor issue)
        [jessie] - binutils <no-dsa> (Minor issue)
        [wheezy] - binutils <no-dsa> (Minor issue)
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf
 CVE-2017-9041 (GNU Binutils 2.28 allows remote attackers to cause a denial of 
service ...)
        - binutils <unfixed> (bug #863674)
+       [stretch] - binutils <no-dsa> (Minor issue)
        [jessie] - binutils <no-dsa> (Minor issue)
        [wheezy] - binutils <no-dsa> (Minor issue)
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75ec1fdbb797a389e4fe4aaf2e15358a070dcc19
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c4ab9505b53cdc899506ed421fddb7e1f8faf7a3
 CVE-2017-9040 (GNU Binutils 2017-04-03 allows remote attackers to cause a 
denial of ...)
        - binutils <unfixed> (bug #863674)
+       [stretch] - binutils <no-dsa> (Minor issue)
        [jessie] - binutils <no-dsa> (Minor issue)
        [wheezy] - binutils <no-dsa> (Minor issue)
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf
 CVE-2017-9039 (GNU Binutils 2.28 allows remote attackers to cause a denial of 
service ...)
        - binutils <unfixed> (bug #863674)
+       [stretch] - binutils <no-dsa> (Minor issue)
        [jessie] - binutils <no-dsa> (Minor issue)
        [wheezy] - binutils <no-dsa> (Minor issue)
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=82156ab704b08b124d319c0decdbd48b3ca2dac5
 CVE-2017-9038 (GNU Binutils 2.28 allows remote attackers to cause a denial of 
service ...)
        - binutils <unfixed> (bug #863674)
+       [stretch] - binutils <no-dsa> (Minor issue)
        [jessie] - binutils <no-dsa> (Minor issue)
        [wheezy] - binutils <no-dsa> (Minor issue)
        NOTE: 
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f32ba72991d2406b21ab17edc234a2f3fa7fb23d
@@ -4445,6 +4452,7 @@
        NOTE: Vulnerable code removed with the 0.9.2+dfs1-2 upload
 CVE-2017-7697 (In libsamplerate before 0.1.9, a buffer over-read occurs in the 
...)
        - libsamplerate <unfixed> (bug #860159)
+       [stretch] - libsamplerate <no-dsa> (Minor issue)
        [jessie] - libsamplerate <no-dsa> (Minor issue)
        [wheezy] - libsamplerate <no-dsa> (Minor issue)
        NOTE: https://github.com/erikd/libsamplerate/issues/11
@@ -26603,7 +26611,8 @@
        NOTE: XML::SAX::PurePerl which is uncapable of processing external 
entities
        NOTE: but unfortunately it is also a slow parser.
 CVE-2016-9180 (perl-XML-Twig: The option to `expand_external_ents`, documented 
as ...)
-       - libxml-twig-perl <unfixed> (bug #842893)
+       - libxml-twig-perl <unfixed> (low; bug #842893)
+       [stretch] - libxml-twig-perl <no-dsa> (Minor issue; can be fixed via 
point release)
        [jessie] - libxml-twig-perl <no-dsa> (Minor issue; can be fixed via 
point release)
        [wheezy] - libxml-twig-perl <no-dsa> (Minor issue, new flag would 
require changes to applications too, not worth the effort)
        NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=118097
@@ -66353,6 +66362,7 @@
 CVE-2015-5160 [Ceph id/key leaked in the process list]
        RESERVED
        - libvirt <unfixed> (low; bug #796111)
+       [stretch] - libvirt <no-dsa> (Minor issue)
        [jessie] - libvirt <no-dsa> (Minor issue; needs changes first in QEMU)
        [wheezy] - libvirt <no-dsa> (Minor issue; needs changes first in QEMU)
        [squeeze] - libvirt <end-of-life> (Unsupported in squeeze-lts)
@@ -121877,6 +121887,7 @@
        - typo3-src 4.5.19+dfsg1-5 (bug #702574)
 CVE-2013-1841 (Net-Server, when the reverse-lookups option is enabled, does 
not check ...)
        - libnet-server-perl <unfixed> (low; bug #702914)
+       [stretch] - libnet-server-perl <no-dsa> (Minor issue)
        [jessie] - libnet-server-perl <no-dsa> (Minor issue)
        [wheezy] - libnet-server-perl <no-dsa> (Minor issue)
        [squeeze] - libnet-server-perl <no-dsa> (Minor issue)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r52156 - data/CVE

Reply via email to