Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
398e9b46 by Salvatore Bonaccorso at 2019-07-13T22:08:16Z
Mark CVE-2017-7189 no-dsa for buster and stretch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -121499,11 +121499,14 @@ CVE-2017-7190
RESERVED
CVE-2017-7189 (main/streams/xp_socket.c in PHP 7.x before 2017-03-07 misparses
fsocko ...)
- php7.3 <unfixed>
+ [buster] - php7.3 <ignored> (Upstream patch breaks existing
applications, was reverted again, revisit if a new approach has been identified)
- php7.0 <removed>
+ [stretch] - php7.0 <ignored> (Upstream patch breaks existing
applications, was reverted again, revisit if a new approach has been identified)
- php5 <removed>
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=74192
NOTE:
https://github.com/php/php-src/commit/bab0b99f376dac9170ac81382a5ed526938d595a
NOTE: The commit was later on reverted again because of breaking some
features.
+ NOTE: See as well the related CVE-2017-7272.
CVE-2017-7188 (Zurmo 3.1.1 Stable allows a Cross-Site Scripting (XSS) attack
with a b ...)
NOT-FOR-US: Zurmo
CVE-2017-7187 (The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel
through ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/398e9b461896c6ce4cc1a3bb88ed297284fb8a73
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/398e9b461896c6ce4cc1a3bb88ed297284fb8a73
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
