Author: hertzog Date: 2017-10-26 16:43:58 +0000 (Thu, 26 Oct 2017) New Revision: 56995
Modified: data/CVE/list data/dla-needed.txt Log: Demote CVE-2017-1000047 on wheezy to no-dsa like the security team did Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-10-26 16:43:48 UTC (rev 56994) +++ data/CVE/list 2017-10-26 16:43:58 UTC (rev 56995) @@ -13336,7 +13336,9 @@ - rbenv <unfixed> (bug #869702) [stretch] - rbenv <no-dsa> (Minor issue) [jessie] - rbenv <no-dsa> (Minor issue) + [wheezy] - rbenv <no-dsa> (Minor issue) NOTE: https://github.com/rbenv/rbenv/issues/977 + NOTE: .ruby-version is .rbenv-version in wheezy CVE-2017-1000046 (Mautic 2.6.1 and earlier fails to set flags on session cookies ...) NOT-FOR-US: Mautic CVE-2017-1000045 (Mautic SSO/OAuth2 plugins are vulnerable to CSRF of the state ...) Modified: data/dla-needed.txt =================================================================== --- data/dla-needed.txt 2017-10-26 16:43:48 UTC (rev 56994) +++ data/dla-needed.txt 2017-10-26 16:43:58 UTC (rev 56995) @@ -96,10 +96,6 @@ qemu-kvm NOTE: 20171012 Can wait for more issues to pile up -- -rbenv - NOTE: .ruby-version is .rbenv-version in wheezy - NOTE: 20170802: No upstream patch (lamby) --- redis (Chris Lamb) NOTE: 20171009: Waiting for upstream to bless patch. (lamby) NOTE: 20171016: Waiting for upstream to bless patch. (lamby) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits