Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits: 187a0967 by Ola Lundqvist at 2018-05-13T19:49:09+02:00 Found that spice-gtk is not affected as the demarchal.py file that was vulnerable is not included in any binary package. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -45042,6 +45042,7 @@ CVE-2017-12195 NOT-FOR-US: OpenShift CVE-2017-12194 (A flaw was found in the way spice-client processed certain messages ...) - spice-gtk <unfixed> (bug #898503) + [wheezy] - spice-gtk <not-affected> (Vulnerable code is not in any binary package, only in the source package) NOTE: Proposed patches in: https://bugzilla.redhat.com/show_bug.cgi?id=1240165 CVE-2017-12193 (The assoc_array_insert_into_terminal_node function in lib/assoc_array.c ...) - linux 4.13.13-1 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/187a09672114547cf497d85ca7a4412593d5c874 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/187a09672114547cf497d85ca7a4412593d5c874 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits