Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 1e1a5419 by Salvatore Bonaccorso at 2018-02-23T06:20:51+01:00 Update status for puppet issues Add fixing version for CVE-2017-10689 which got resolved uploading new upstream version 5.4.0 to unstable. CVE-2017-10960 did affect only experimental and the 5.4.0-1 upload included the fix as well. - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -38846,13 +38846,12 @@ CVE-2017-10692 CVE-2017-10691 RESERVED CVE-2017-10690 (In previous versions of Puppet Agent it was possible for the agent to ...) - [experimental] - puppet <unfixed> (bug #890440) - puppet <not-affected> (Only affects Puppet 5, only in experimental) NOTE: https://puppet.com/security/cve/CVE-2017-10690 NOTE: https://tickets.puppetlabs.com/browse/PUP-8225 NOTE: Fixed by: https://github.com/puppetlabs/puppet/commit/bd87bef2c3862d333f4c1f2b148b147d449a375b CVE-2017-10689 (In previous versions of Puppet Agent it was possible to install a ...) - - puppet <unfixed> (bug #890412) + - puppet 5.4.0-1 (bug #890412) [stretch] - puppet <no-dsa> (Minor issue) [jessie] - puppet <no-dsa> (Minor issue) [wheezy] - puppet <not-affected> (vulnerable code not present) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1e1a5419e398ec030013a2fe9459d3c8dcda7908 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/1e1a5419e398ec030013a2fe9459d3c8dcda7908 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits