Author: carnil Date: 2017-12-29 07:20:18 +0000 (Fri, 29 Dec 2017) New Revision: 59010
Modified: data/CVE/list Log: Asked MITRE (and confirmed) for rejection of CVE-2017-17496 CVE is invalid, since the respective functions having the problems are just in dead code and unused. There is no vulnerability. The CVE is withdrawn by MITRE itself. Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-12-29 06:46:46 UTC (rev 59009) +++ data/CVE/list 2017-12-29 07:20:18 UTC (rev 59010) @@ -6105,8 +6105,8 @@ - tidy-html5 <not-affected> (Vulnerable code introduced after 5.6.0) - tidy <not-affected> (Vulnerable code not present) NOTE: https://github.com/htacg/tidy-html5/issues/656 -CVE-2017-17496 (The socket_create function in socket.c in idevicerestore through ...) - TODO: check +CVE-2017-17496 + REJECTED CVE-2017-17495 RESERVED CVE-2017-17494 _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits