Author: jmm Date: 2017-05-31 17:25:40 +0000 (Wed, 31 May 2017) New Revision: 52156
Modified: data/CVE/list Log: multiple no-dsa for stretch Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-05-31 14:37:13 UTC (rev 52155) +++ data/CVE/list 2017-05-31 17:25:40 UTC (rev 52156) @@ -876,36 +876,43 @@ NOT-FOR-US: Google I/O 2017 application CVE-2017-9044 (The print_symbol_for_build_attribute function in readelf.c in GNU ...) - binutils <unfixed> + [stretch] - binutils <no-dsa> (Minor issue) [jessie] - binutils <no-dsa> (Minor issue) [wheezy] - binutils <no-dsa> (Minor issue) CVE-2017-9043 (readelf.c in GNU Binutils 2017-04-12 has a "shift exponent too large ...) - binutils <unfixed> (bug #863674) + [stretch] - binutils <no-dsa> (Minor issue) [jessie] - binutils <no-dsa> (Minor issue) [wheezy] - binutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ddef72cdc10d82ba011a7ff81cafbbd3466acf54 CVE-2017-9042 (readelf.c in GNU Binutils 2017-04-12 has a "cannot be represented in ...) - binutils <unfixed> (bug #863674) + [stretch] - binutils <no-dsa> (Minor issue) [jessie] - binutils <no-dsa> (Minor issue) [wheezy] - binutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf CVE-2017-9041 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...) - binutils <unfixed> (bug #863674) + [stretch] - binutils <no-dsa> (Minor issue) [jessie] - binutils <no-dsa> (Minor issue) [wheezy] - binutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75ec1fdbb797a389e4fe4aaf2e15358a070dcc19 NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c4ab9505b53cdc899506ed421fddb7e1f8faf7a3 CVE-2017-9040 (GNU Binutils 2017-04-03 allows remote attackers to cause a denial of ...) - binutils <unfixed> (bug #863674) + [stretch] - binutils <no-dsa> (Minor issue) [jessie] - binutils <no-dsa> (Minor issue) [wheezy] - binutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7296a62a2a237f6b1ad8db8c38b090e9f592c8cf CVE-2017-9039 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...) - binutils <unfixed> (bug #863674) + [stretch] - binutils <no-dsa> (Minor issue) [jessie] - binutils <no-dsa> (Minor issue) [wheezy] - binutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=82156ab704b08b124d319c0decdbd48b3ca2dac5 CVE-2017-9038 (GNU Binutils 2.28 allows remote attackers to cause a denial of service ...) - binutils <unfixed> (bug #863674) + [stretch] - binutils <no-dsa> (Minor issue) [jessie] - binutils <no-dsa> (Minor issue) [wheezy] - binutils <no-dsa> (Minor issue) NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f32ba72991d2406b21ab17edc234a2f3fa7fb23d @@ -4445,6 +4452,7 @@ NOTE: Vulnerable code removed with the 0.9.2+dfs1-2 upload CVE-2017-7697 (In libsamplerate before 0.1.9, a buffer over-read occurs in the ...) - libsamplerate <unfixed> (bug #860159) + [stretch] - libsamplerate <no-dsa> (Minor issue) [jessie] - libsamplerate <no-dsa> (Minor issue) [wheezy] - libsamplerate <no-dsa> (Minor issue) NOTE: https://github.com/erikd/libsamplerate/issues/11 @@ -26603,7 +26611,8 @@ NOTE: XML::SAX::PurePerl which is uncapable of processing external entities NOTE: but unfortunately it is also a slow parser. CVE-2016-9180 (perl-XML-Twig: The option to `expand_external_ents`, documented as ...) - - libxml-twig-perl <unfixed> (bug #842893) + - libxml-twig-perl <unfixed> (low; bug #842893) + [stretch] - libxml-twig-perl <no-dsa> (Minor issue; can be fixed via point release) [jessie] - libxml-twig-perl <no-dsa> (Minor issue; can be fixed via point release) [wheezy] - libxml-twig-perl <no-dsa> (Minor issue, new flag would require changes to applications too, not worth the effort) NOTE: https://rt.cpan.org/Public/Bug/Display.html?id=118097 @@ -66353,6 +66362,7 @@ CVE-2015-5160 [Ceph id/key leaked in the process list] RESERVED - libvirt <unfixed> (low; bug #796111) + [stretch] - libvirt <no-dsa> (Minor issue) [jessie] - libvirt <no-dsa> (Minor issue; needs changes first in QEMU) [wheezy] - libvirt <no-dsa> (Minor issue; needs changes first in QEMU) [squeeze] - libvirt <end-of-life> (Unsupported in squeeze-lts) @@ -121877,6 +121887,7 @@ - typo3-src 4.5.19+dfsg1-5 (bug #702574) CVE-2013-1841 (Net-Server, when the reverse-lookups option is enabled, does not check ...) - libnet-server-perl <unfixed> (low; bug #702914) + [stretch] - libnet-server-perl <no-dsa> (Minor issue) [jessie] - libnet-server-perl <no-dsa> (Minor issue) [wheezy] - libnet-server-perl <no-dsa> (Minor issue) [squeeze] - libnet-server-perl <no-dsa> (Minor issue) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits