Thorsten Alteholz pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2c75a16d by Thorsten Alteholz at 2018-05-29T15:51:12+02:00
Jessie not affected by CVE-2017-15400
- - - - -
b5018173 by Thorsten Alteholz at 2018-05-29T15:52:18+02:00
follow security with no-dsa for CVE-2018-5729 and CVE-2018-5730
- - - - -
4a453fab by Thorsten Alteholz at 2018-05-29T15:52:44+02:00
krb5 is no-dsa
- - - - -
2 changed files:
- data/CVE/list
- data/dla-needed.txt
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -15827,11 +15827,13 @@ CVE-2018-5730 (MIT krb5 1.6 or later allows an
authenticated kadmin with permiss
- krb5 <unfixed> (bug #891869)
[stretch] - krb5 <no-dsa> (Minor issue)
[jessie] - krb5 <no-dsa> (Minor issue)
+ [wheezy] - krb5 <no-dsa> (Minor issue)
NOTE: Fixed by:
https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
CVE-2018-5729 (MIT krb5 1.6 or later allows an authenticated kadmin with
permission ...)
- krb5 <unfixed> (bug #891869)
[stretch] - krb5 <no-dsa> (Minor issue)
[jessie] - krb5 <no-dsa> (Minor issue)
+ [wheezy] - krb5 <no-dsa> (Minor issue)
NOTE: Fixed by:
https://github.com/krb5/krb5/commit/e1caf6fb74981da62039846931ebdffed71309d1
CVE-2018-5728 (Cobham Sea Tel 121 build 222701 devices allow remote attackers
to ...)
NOT-FOR-US: Cobham Sea Tel 121 build 222701 devices
@@ -36839,6 +36841,7 @@ CVE-2017-15401
RESERVED
CVE-2017-15400 (Insufficient restriction of IPP filters in CUPS in Google
Chrome OS ...)
- cups 2.2.3-2
+ [jessie] - cups <not-affected> (Vulnerable code not present,
ppdCreateFromIPP() introduced in v2.2.0)
[wheezy] - cups <not-affected> (Vulnerable code not present)
NOTE: https://bugs.chromium.org/p/chromium/issues/detail?id=777215
NOTE: Patches from upstream to restrict what filters will be accpeted
=====================================
data/dla-needed.txt
=====================================
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -19,11 +19,6 @@ firefox-esr (Emilio Pozuelo)
NOTE: 20180525: We will need an update to Firefox ESR 60 in jessie once 52
goes EOL.
NOTE: 20180525: This needs some backports (llvm, rustc, cargo) which need
some work.
--
-krb5 (Thorsten Alteholz)
- NOTE: 20180131: lts-do-not-call
- NOTE: 20180411: Details not public yet. Security team in contact with
upstream. (anarcat)
- NOTE: 20180411: See also
https://lists.debian.org/msgid-search/[email protected]
(anarcat)
---
lame (Hugo Lefeuvre)
NOTE: 20180515: Patch available and tested. Will coordinate with Fabian to
provide Wheezy and Jessie uploads for the next Jessie point release.
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/ed8742f39e4aafa3d40eeffa695975355056103c...4a453fab3a0f2b6a292c4aa127ef4ac894fa8a1f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/ed8742f39e4aafa3d40eeffa695975355056103c...4a453fab3a0f2b6a292c4aa127ef4ac894fa8a1f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
