[Git][security-tracker-team/security-tracker][master] libzypp bugs

Fri, 18 May 2018 12:57:31 -0700 

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
1813af28 by Moritz Muehlenhoff at 2018-05-18T21:56:58+02:00
libzypp bugs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -54445,7 +54445,7 @@ CVE-2017-9271 (The commandline package update tool 
zypper writes HTTP proxy ...)
 CVE-2017-9270 (In cryptctl before version 2.0 a malicious server could send 
RPC ...)
        NOT-FOR-US: SuSE cryptctl
 CVE-2017-9269 (In libzypp before August 2018 GPG keys attached to YUM 
repositories ...)
-       - libzypp <unfixed>
+       - libzypp <unfixed> (bug #899065)
        [jessie] - libzypp <ignored> (Minor issue)
 CVE-2017-9268 (In the open build service before 201707022 the wipetrigger and 
rebuild ...)
        - open-build-service <unfixed> (low)
@@ -60450,10 +60450,10 @@ CVE-2017-7438 (NetIQ Privileged Account Manager 
before 3.1 Patch Update 3 allowe
 CVE-2017-7437 (NetIQ Privileged Account Manager before 3.1 Patch Update 3 
allowed ...)
        NOT-FOR-US: NetIQ Privileged Account Manager
 CVE-2017-7436 (In libzypp before 20170803 it was possible to retrieve unsigned 
...)
-       - libzypp <unfixed>
+       - libzypp <unfixed> (bug #899065)
        [jessie] - libzypp <ignored> (Minor issue)
 CVE-2017-7435 (In libzypp before 20170803 it was possible to add unsigned YUM 
...)
-       - libzypp <unfixed>
+       - libzypp <unfixed> (bug #899065)
        [jessie] - libzypp <ignored> (Minor issue)
 CVE-2017-7434 (In the JDBC driver of NetIQ Identity Manager before 4.6 sending 
out ...)
        NOT-FOR-US: NetIQ Identity Manager



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1813af28a4e3ceb7456c345f4df001c38434b1a8

---
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/1813af28a4e3ceb7456c345f4df001c38434b1a8
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to