[Secure-testing-commits] r57473 - data/CVE

Salvatore Bonaccorso Wed, 08 Nov 2017 13:47:38 -0800

Author: carnil
Date: 2017-11-08 21:47:21 +0000 (Wed, 08 Nov 2017)
New Revision: 57473


Modified:
   data/CVE/list
Log:
Reference CVE-2017-1000383 upstream report

Depending on how Emacs upstream decide we might readd the individual
source packages, but rather with unimportant severity?

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-11-08 21:41:41 UTC (rev 57472)
+++ data/CVE/list       2017-11-08 21:47:21 UTC (rev 57473)
@@ -1000,6 +1000,7 @@
 CVE-2017-1000383 (GNU Emacs version 25.3.1 (and other versions most likely) 
ignores ...)
        NOTE: This CVE assignment is nonsense, GNU emacs reuses the umask of 
the original
        NOTE: file when creating a backup file. That's hardly incorrect 
behaviour
+       NOTE: Upstream report: 
https://debbugs.gnu.org/cgi/bugreport.cgi?bug=29182
 CVE-2017-1000382 (VIM version 8.0.1187 (and other versions most likely) 
ignores umask ...)
        - vim <unfixed>
        [stretch] - vim <no-dsa> (Minor issue)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r57473 - data/CVE

Reply via email to