[Secure-testing-commits] r48644 - data/CVE

Author: fgeek-guest Date: 2017-02-01 07:15:36 + (Wed, 01 Feb 2017) New Revision: 48644 Modified: data/CVE/list Log: NFU Modified: data/CVE/list === --- data/CVE/list 2017-02-01 07:15:07 UTC (rev 48643) +++ data/CVE/list

[Secure-testing-commits] r48643 - data/CVE

Author: fgeek-guest Date: 2017-02-01 07:15:07 + (Wed, 01 Feb 2017) New Revision: 48643 Modified: data/CVE/list Log: NFU Modified: data/CVE/list === --- data/CVE/list 2017-02-01 07:10:34 UTC (rev 48642) +++ data/CVE/list

[Secure-testing-commits] r48642 - data/CVE

Author: fgeek-guest Date: 2017-02-01 07:10:34 + (Wed, 01 Feb 2017) New Revision: 48642 Modified: data/CVE/list Log: NFU Modified: data/CVE/list === --- data/CVE/list 2017-02-01 06:46:37 UTC (rev 48641) +++ data/CVE/list

[Secure-testing-commits] r48641 - in data: . DLA

Author: apo Date: 2017-02-01 06:46:37 + (Wed, 01 Feb 2017) New Revision: 48641 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-813-1 for wordpress Modified: data/DLA/list === --- data/DLA/list 2017-02-01

[Secure-testing-commits] r48640 - data/CVE

Author: apo Date: 2017-02-01 04:54:42 + (Wed, 01 Feb 2017) New Revision: 48640 Modified: data/CVE/list Log: CVE-2017-5487,wordpress: Mark as not-affected in Wheezy The vulnerable code was introduced later. Modified: data/CVE/list

[Secure-testing-commits] r48639 - data/CVE

Author: roberto Date: 2017-02-01 02:29:33 + (Wed, 01 Feb 2017) New Revision: 48639 Modified: data/CVE/list Log: Annotate CVE-2016-9138 [Use-after-free vulnerability in the CURLFile implementation] as not affecting wheezy Modified: data/CVE/list

[Secure-testing-commits] r48638 - data/CVE

Author: roberto Date: 2017-02-01 02:24:02 + (Wed, 01 Feb 2017) New Revision: 48638 Modified: data/CVE/list Log: Annotate CVE-2016-9137 [Use-after-free vulnerability in the CURLFile implementation] as not affecting wheezy Modified: data/CVE/list

[Secure-testing-commits] r48637 - in data: . CVE

Author: rbalint Date: 2017-01-31 23:19:41 + (Tue, 31 Jan 2017) New Revision: 48637 Modified: data/CVE/list data/dla-needed.txt Log: mysql-connector-python in not affected by CVE-2016-5598 in wheezy Modified: data/CVE/list

[Secure-testing-commits] r48636 - data

Author: rbalint Date: 2017-01-31 22:25:11 + (Tue, 31 Jan 2017) New Revision: 48636 Modified: data/dla-needed.txt Log: Claim mysql-connector-python for DLA Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-31

[Secure-testing-commits] r48635 - data/CVE

Author: jmm Date: 2017-01-31 22:18:37 + (Tue, 31 Jan 2017) New Revision: 48635 Modified: data/CVE/list Log: libav triage Modified: data/CVE/list === --- data/CVE/list 2017-01-31 21:13:45 UTC (rev 48634) +++

[Secure-testing-commits] r48634 - data

Author: alteholz Date: 2017-01-31 21:13:45 + (Tue, 31 Jan 2017) New Revision: 48634 Modified: data/dla-needed.txt Log: take bitlbee Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-31 21:10:48 UTC (rev 48633)

[Secure-testing-commits] r48633 - data

Author: pochu Date: 2017-01-31 21:10:48 + (Tue, 31 Jan 2017) New Revision: 48633 Modified: data/dla-needed.txt Log: dla: claim openssl Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-31 21:10:13 UTC (rev

[Secure-testing-commits] r48632 - data/CVE

Author: sectracker Date: 2017-01-31 21:10:13 + (Tue, 31 Jan 2017) New Revision: 48632 Modified: data/CVE/list Log: automatic update Modified: data/CVE/list === --- data/CVE/list 2017-01-31 20:46:30 UTC (rev 48631) +++

[Secure-testing-commits] r48631 - in data: . CVE

Author: rbalint Date: 2017-01-31 20:46:30 + (Tue, 31 Jan 2017) New Revision: 48631 Modified: data/CVE/list data/dla-needed.txt Log: wavpack's issues don't affect wheezy The first part of the upstream patch is not needed since the code is very different and not vulnerable. The second

[Secure-testing-commits] r48630 - in data: . DLA

Author: pochu Date: 2017-01-31 20:10:36 + (Tue, 31 Jan 2017) New Revision: 48630 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-812-1 for ikiwiki Modified: data/DLA/list === --- data/DLA/list 2017-01-31

[Secure-testing-commits] r48629 - data/CVE

Author: nluedtke-guest Date: 2017-01-31 19:58:39 + (Tue, 31 Jan 2017) New Revision: 48629 Modified: data/CVE/list Log: Correct some typo's Modified: data/CVE/list === --- data/CVE/list 2017-01-31 19:57:55 UTC (rev

[Secure-testing-commits] r48628 - in data: . DLA

Author: pochu Date: 2017-01-31 19:57:55 + (Tue, 31 Jan 2017) New Revision: 48628 Modified: data/DLA/list data/dla-needed.txt Log: Reserve DLA-811-1 for libplist Modified: data/DLA/list === --- data/DLA/list

[Secure-testing-commits] r48627 - in data: . DSA

Author: carnil Date: 2017-01-31 19:52:16 + (Tue, 31 Jan 2017) New Revision: 48627 Modified: data/DSA/list data/dsa-needed.txt Log: Reserve DSA number for ruby-archive-tar-minitar Modified: data/DSA/list === ---

[Secure-testing-commits] r48626 - data/CVE

Author: carnil Date: 2017-01-31 19:32:08 + (Tue, 31 Jan 2017) New Revision: 48626 Modified: data/CVE/list Log: Add more information about one firejail issue Modified: data/CVE/list === --- data/CVE/list 2017-01-31

[Secure-testing-commits] r48625 - data/CVE

Author: alteholz Date: 2017-01-31 18:37:33 + (Tue, 31 Jan 2017) New Revision: 48625 Modified: data/CVE/list Log: mark some Microsoft issues as NOT-FOR-US: Modified: data/CVE/list === --- data/CVE/list 2017-01-31

[Secure-testing-commits] r48624 - in data: . DSA

Author: carnil Date: 2017-01-31 18:14:40 + (Tue, 31 Jan 2017) New Revision: 48624 Modified: data/DSA/list data/dsa-needed.txt Log: Reserve DSA number for libgd2 update Modified: data/DSA/list === --- data/DSA/list

[Secure-testing-commits] r48623 - data

Author: carnil Date: 2017-01-31 18:10:45 + (Tue, 31 Jan 2017) New Revision: 48623 Modified: data/dsa-needed.txt Log: Take libgd2 from dsa-needed Modified: data/dsa-needed.txt === --- data/dsa-needed.txt 2017-01-31 18:00:46

[Secure-testing-commits] r48622 - data/CVE

Author: jmm Date: 2017-01-31 18:00:46 + (Tue, 31 Jan 2017) New Revision: 48622 Modified: data/CVE/list Log: android NFUs Modified: data/CVE/list === --- data/CVE/list 2017-01-31 17:12:47 UTC (rev 48621) +++

[Secure-testing-commits] r48620 - data/CVE

Author: jmm Date: 2017-01-31 17:11:25 + (Tue, 31 Jan 2017) New Revision: 48620 Modified: data/CVE/list Log: kf5-messagelib n/a Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:34:35 UTC (rev 48619) +++

[Secure-testing-commits] r48621 - data/CVE

Author: jmm Date: 2017-01-31 17:12:47 + (Tue, 31 Jan 2017) New Revision: 48621 Modified: data/CVE/list Log: mp3splt issue unimportant Modified: data/CVE/list === --- data/CVE/list 2017-01-31 17:11:25 UTC (rev 48620)

[Secure-testing-commits] r48618 - data/CVE

Author: carnil Date: 2017-01-31 16:33:26 + (Tue, 31 Jan 2017) New Revision: 48618 Modified: data/CVE/list Log: Add CVE-2017-5666/mp3splt Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:31:28 UTC (rev 48617)

[Secure-testing-commits] r48619 - data/CVE

Author: carnil Date: 2017-01-31 16:34:35 + (Tue, 31 Jan 2017) New Revision: 48619 Modified: data/CVE/list Log: Add CVE-2017-5665/mp3splt Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:33:26 UTC (rev 48618)

[Secure-testing-commits] r48617 - data/CVE

Author: carnil Date: 2017-01-31 16:31:28 + (Tue, 31 Jan 2017) New Revision: 48617 Modified: data/CVE/list Log: Reference full commit id Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:19:12 UTC (rev 48616)

[Secure-testing-commits] r48616 - data/CVE

Author: carnil Date: 2017-01-31 16:19:12 + (Tue, 31 Jan 2017) New Revision: 48616 Modified: data/CVE/list Log: CVE-2017-5668/bitlbee assigned Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:19:02 UTC (rev

[Secure-testing-commits] r48615 - data/CVE

Author: carnil Date: 2017-01-31 16:19:02 + (Tue, 31 Jan 2017) New Revision: 48615 Modified: data/CVE/list Log: CVE-2016-10189/bitlbee assigned Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:16:30 UTC (rev

[Secure-testing-commits] r48614 - data/CVE

Author: carnil Date: 2017-01-31 16:16:30 + (Tue, 31 Jan 2017) New Revision: 48614 Modified: data/CVE/list Log: CVE-2016-10188/bitlbee assigned Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:13:52 UTC (rev

[Secure-testing-commits] r48613 - data/CVE

Author: carnil Date: 2017-01-31 16:13:52 + (Tue, 31 Jan 2017) New Revision: 48613 Modified: data/CVE/list Log: CVE-2017-5667/qemu assigned Modified: data/CVE/list === --- data/CVE/list 2017-01-31 16:13:02 UTC (rev

[Secure-testing-commits] r48612 - data/CVE

Author: carnil Date: 2017-01-31 16:13:02 + (Tue, 31 Jan 2017) New Revision: 48612 Modified: data/CVE/list Log: Remove annotation for pending CVE request Modified: data/CVE/list === --- data/CVE/list 2017-01-31 15:31:12

[Secure-testing-commits] r48611 - data/CVE

Author: anarcat Date: 2017-01-31 15:31:12 + (Tue, 31 Jan 2017) New Revision: 48611 Modified: data/CVE/list Log: use issued CVE ID for claibre bug #853004 Modified: data/CVE/list === --- data/CVE/list 2017-01-31

[Secure-testing-commits] r48608 - data/CVE

Author: carnil Date: 2017-01-31 13:09:59 + (Tue, 31 Jan 2017) New Revision: 48608 Modified: data/CVE/list Log: Adjust note wich would not be needed Modified: data/CVE/list === --- data/CVE/list 2017-01-31 13:05:49 UTC

[Secure-testing-commits] r48610 - in data: CVE DLA

Author: carnil Date: 2017-01-31 13:10:24 + (Tue, 31 Jan 2017) New Revision: 48610 Modified: data/CVE/list data/DLA/list Log: php5: Add CVE-2016-7125 to DLA-628-1 list since apparently fixed there This quraantees the cross references are built correctly. Otherwise the explicitly added

[Secure-testing-commits] r48609 - data/CVE

Author: carnil Date: 2017-01-31 13:10:09 + (Tue, 31 Jan 2017) New Revision: 48609 Modified: data/CVE/list Log: Remove unneded TODO Once MITRE will reject the entry we can clean it up. Until then this is still associated with given refences. It is marked as unimportant already. Modified:

[Secure-testing-commits] r48607 - data/CVE

Author: roberto Date: 2017-01-31 13:05:49 + (Tue, 31 Jan 2017) New Revision: 48607 Modified: data/CVE/list Log: Annotate php5 upload that fixed CVE-2016-7125 in wheezy Modified: data/CVE/list === --- data/CVE/list

[Secure-testing-commits] r48606 - data/CVE

Author: roberto Date: 2017-01-31 12:46:11 + (Tue, 31 Jan 2017) New Revision: 48606 Modified: data/CVE/list Log: Annotate DLA 628-1 as addressing CVE-2016-7125 Modified: data/CVE/list === --- data/CVE/list 2017-01-31

[Secure-testing-commits] r48605 - data/CVE

Author: alteholz Date: 2017-01-31 11:42:16 + (Tue, 31 Jan 2017) New Revision: 48605 Modified: data/CVE/list Log: first version in unstable containing the fix Modified: data/CVE/list === --- data/CVE/list 2017-01-31

[Secure-testing-commits] r48604 - data

Author: rbalint Date: 2017-01-31 11:40:23 + (Tue, 31 Jan 2017) New Revision: 48604 Modified: data/dla-needed.txt Log: Claim wavpack for DLA Modified: data/dla-needed.txt === --- data/dla-needed.txt 2017-01-31 11:24:18 UTC

[Secure-testing-commits] r48603 - data/CVE

Author: alteholz Date: 2017-01-31 11:24:18 + (Tue, 31 Jan 2017) New Revision: 48603 Modified: data/CVE/list Log: TODO for CVE-2011-4076 done Modified: data/CVE/list === --- data/CVE/list 2017-01-31 10:49:50 UTC (rev

[Secure-testing-commits] r48602 - data/CVE

Author: alteholz Date: 2017-01-31 10:49:50 + (Tue, 31 Jan 2017) New Revision: 48602 Modified: data/CVE/list Log: change check to NOFU Modified: data/CVE/list === --- data/CVE/list 2017-01-31 10:48:12 UTC (rev 48601) +++

[Secure-testing-commits] r48601 - data/CVE

Author: alteholz Date: 2017-01-31 10:48:12 + (Tue, 31 Jan 2017) New Revision: 48601 Modified: data/CVE/list Log: change check to NOFU Modified: data/CVE/list === --- data/CVE/list 2017-01-31 10:11:31 UTC (rev 48600) +++

[Secure-testing-commits] r48600 - data/CVE

Author: carnil Date: 2017-01-31 10:11:31 + (Tue, 31 Jan 2017) New Revision: 48600 Modified: data/CVE/list Log: CVE-2017-2592 fixed in unstable Modified: data/CVE/list === --- data/CVE/list 2017-01-31 10:10:37 UTC (rev

[Secure-testing-commits] r48599 - data/CVE

Author: carnil Date: 2017-01-31 10:10:37 + (Tue, 31 Jan 2017) New Revision: 48599 Modified: data/CVE/list Log: CVE-2017-5601/libarchive fixed in unstable Modified: data/CVE/list === --- data/CVE/list 2017-01-31 08:13:55

[Secure-testing-commits] r48598 - data/CVE

Author: carnil Date: 2017-01-31 08:13:55 + (Tue, 31 Jan 2017) New Revision: 48598 Modified: data/CVE/list Log: Mark libarchive issue as no-dsa, since crash only, can be fixed along in later DSA Modified: data/CVE/list ===

[Secure-testing-commits] r48597 - data/CVE

Author: carnil Date: 2017-01-31 08:02:11 + (Tue, 31 Jan 2017) New Revision: 48597 Modified: data/CVE/list Log: Add CVE-2017-2596 Modified: data/CVE/list === --- data/CVE/list 2017-01-31 07:46:57 UTC (rev 48596) +++