Author: jmm Date: 2017-11-08 09:14:34 +0000 (Wed, 08 Nov 2017) New Revision: 57438
Modified: data/CVE/list Log: NFUs golang no-dsa Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-11-08 09:10:21 UTC (rev 57437) +++ data/CVE/list 2017-11-08 09:14:34 UTC (rev 57438) @@ -99,13 +99,13 @@ CVE-2017-16619 RESERVED CVE-2017-16618 (An exploitable vulnerability exists in the YAML loading functionality ...) - TODO: check + NOT-FOR-US: OwlMixin CVE-2017-16617 RESERVED CVE-2017-16616 (An exploitable vulnerability exists in the YAML parsing functionality ...) - TODO: check + NOT-FOR-US: pyanyapi CVE-2017-16615 (An exploitable vulnerability exists in the YAML parsing functionality ...) - TODO: check + NOT-FOR-US: MLAlchemy CVE-2017-16614 RESERVED CVE-2017-16613 @@ -213,7 +213,7 @@ CVE-2017-16562 RESERVED CVE-2017-16561 (/view/friend_profile.php in Ingenious School Management System 2.3.0 is ...) - TODO: check + NOT-FOR-US: Ingenious School Management System CVE-2017-16560 RESERVED CVE-2017-16559 @@ -4287,6 +4287,7 @@ - golang-1.7 <unfixed> [stretch] - golang-1.7 <ignored> (Minor issue, would require builds of all go packages in stable) - golang <removed> + [jessie] - golang <ignored> (Minor issue, would require builds of all go packages in stable) [wheezy] - golang <not-affected> (Vulnerable code introduced later in version 1.1) NOTE: https://github.com/golang/go/issues/22134 NOTE: https://golang.org/cl/68023 @@ -4299,6 +4300,7 @@ [stretch] - golang-1.8 <ignored> (Minor issue) - golang-1.7 <unfixed> [stretch] - golang-1.7 <ignored> (Minor issue) + [jessie] - golang <no-dsa> (Minor issue) - golang <removed> NOTE: https://go.googlesource.com/go/+/a4544a0f8af001d1fb6df0e70750f570ec49ccf9%5E%21/ NOTE: https://github.com/golang/go/issues/22125 @@ -76735,7 +76737,7 @@ CVE-2016-0873 RESERVED CVE-2016-0872 (A Plaintext Storage of a Password issue was discovered in Kabona AB ...) - TODO: check + NOT-FOR-US: Kabona AB WebDatorCentral CVE-2016-0871 (Eaton Lighting EG2 Web Control 4.04P and earlier allows remote ...) NOT-FOR-US: Eaton Lighting EG2 Web Control CVE-2016-0870 (The web server in Trane Tracer SC 4.2.1134 and earlier allows remote ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits