Author: pochu
Date: 2017-09-23 16:25:26 +0000 (Sat, 23 Sep 2017)
New Revision: 56059
Modified:
data/CVE/list
data/dla-needed.txt
Log:
mark ledger as no-dsa on wheezy following jessie/stretch
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-23 16:08:45 UTC (rev 56058)
+++ data/CVE/list 2017-09-23 16:25:26 UTC (rev 56059)
@@ -35188,11 +35188,13 @@
- ledger <unfixed> (low)
[stretch] - ledger <no-dsa> (Minor issue)
[jessie] - ledger <no-dsa> (Minor issue)
+ [wheezy] - ledger <no-dsa> (Minor issue)
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0304
CVE-2017-2807 (An exploitable buffer overflow vulnerability exists in the tag
parsing ...)
- ledger <unfixed> (low)
[stretch] - ledger <no-dsa> (Minor issue)
[jessie] - ledger <no-dsa> (Minor issue)
+ [wheezy] - ledger <no-dsa> (Minor issue)
NOTE:
https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0303
CVE-2017-2806 (An exploitable arbitrary read exists in the XLS parsing of the
Lexmark ...)
NOT-FOR-US: Lexmark Perspective Document Filters conversion
functionality
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-09-23 16:08:45 UTC (rev 56058)
+++ data/dla-needed.txt 2017-09-23 16:25:26 UTC (rev 56059)
@@ -53,10 +53,6 @@
NOTE: are not exactly identical, wait for more infos.
NOTE: Patch is available for CVE-2017-13712, but wait for CVE-2017-{69-72}
--
-ledger (Emilio Pozuelo)
- NOTE: The maintainer will not do an update.
- NOTE: 20170907: no fix available
---
libarchive
--
libav
_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
