[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Triage result.

Wed, 28 Mar 2018 10:18:56 -0700 

Ola Lundqvist pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
2b096652 by Ola Lundqvist at 2018-03-28T19:18:11+02:00
Triage result.

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -104,6 +104,7 @@ CVE-2018-9058 (In Long Range Zip (aka lrzip) 0.631, there 
is an infinite loop in
        - lrzip <unfixed>
        [stretch] - lrzip <no-dsa> (Minor issue)
        [jessie] - lrzip <no-dsa> (Minor issue)
+       [wheezy] - lrzip <ignored> (Minor issue)
        NOTE: https://github.com/ckolivas/lrzip/issues/93
 CVE-2018-XXXX [DRUPAL-PSA-2018-001]
        - drupal7 <unfixed> (bug #894259)
@@ -709,6 +710,7 @@ CVE-2018-1000135 (GNOME NetworkManager version 1.10.2 and 
earlier contains a Inf
        - network-manager <unfixed>
        [stretch] - network-manager <no-dsa> (Minor issue)
        [jessie] - network-manager <no-dsa> (Minor issue)
+       [wheezy] - network-manager <no-dsa> (Minor issue)
        NOTE: 
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1754671
        NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=746422
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1553634
@@ -5082,6 +5084,7 @@ CVE-2018-7185 (The protocol engine in ntp 4.2.6 before 
4.2.8p11 allows a remote 
        - ntp 1:4.2.8p11+dfsg-1 (low)
        [stretch] - ntp <no-dsa> (Minor issue)
        [jessie] - ntp <no-dsa> (Minor issue)
+       [wheezy] - ntp <ignored> (Minor issue)
        - ntpsec <not-affected> (Issue not present)
        NOTE: http://www.kb.cert.org/vuls/id/961909
        NOTE: http://support.ntp.org/bin/view/Main/NtpBug3454
@@ -5090,6 +5093,7 @@ CVE-2018-7184 (ntpd in ntp 4.2.8p4 before 4.2.8p11 drops 
bad packets before upda
        - ntp 1:4.2.8p11+dfsg-1 (low)
        [stretch] - ntp <no-dsa> (Minor issue)
        [jessie] - ntp <no-dsa> (Minor issue)
+       [wheezy] - ntp <ignored> (Minor issue)
        - ntpsec <not-affected> (Issue not present)
        NOTE: http://www.kb.cert.org/vuls/id/961909
        NOTE: http://support.ntp.org/bin/view/Main/NtpBug3453


=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -123,6 +123,8 @@ opencv
 --
 openjdk-7 (Emilio Pozuelo)
 --
+openssl
+--
 php5
   NOTE: 20180226: consider reviewing the backlog of issues fixed in jessie to 
see if it is worth fixing a few DOS in the backlog (anarcat)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2b0966525de1a2641b2c65ad3df6abbde424930c

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/2b0966525de1a2641b2c65ad3df6abbde424930c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to