[Secure-testing-commits] r39364 - in data: . CVE

Sat, 30 Jan 2016 22:04:44 -0800 

Author: carnil
Date: 2016-01-31 06:04:18 +0000 (Sun, 31 Jan 2016)
New Revision: 39364

Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
Move note about tenatitve package to dla-needed list

NOTE: Suggesting moving it there since once the DLA is released we do
not forcibly need that additional note. Let me know if you disagree.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-01-31 06:04:04 UTC (rev 39363)
+++ data/CVE/list       2016-01-31 06:04:18 UTC (rev 39364)
@@ -4878,7 +4878,6 @@
        NOTE: ICU not directly affected by CVE-2016-0494 itself since original 
patch for
        NOTE: CVE-2015-4844 was not yet applied. CVE-2016-0494 was introduced 
as part of
        NOTE: the CVE-2015-4844 fix.
-       NOTE: tentative package for icu 
https://lists.debian.org/debian-lts/2016/01/msg00133.html
 CVE-2016-0493 (Unspecified vulnerability in Oracle Sun Solaris 11 allows local 
users ...)
        TODO: check
 CVE-2016-0492 (Unspecified vulnerability in the Oracle Application Testing 
Suite ...)
@@ -16308,7 +16307,6 @@
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1273318
        NOTE: see also CVE-2016-0494, introduced in through the fix for this 
CVE.
        NOTE: patch: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/dbb4e2bdfa9e
-       NOTE: tentative package for icu 
https://lists.debian.org/debian-lts/2016/01/msg00133.html
 CVE-2015-4843 (Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 
8u60, and ...)
        {DSA-3381-1 DLA-346-1}
        - openjdk-6 <removed>

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2016-01-31 06:04:04 UTC (rev 39363)
+++ data/dla-needed.txt 2016-01-31 06:04:18 UTC (rev 39364)
@@ -39,6 +39,7 @@
 --
 icu (Antoine Beaupré)
   NOTE: check comments on CVE-2016-0494 as well
+  NOTE: tentative package for icu 
https://lists.debian.org/debian-lts/2016/01/msg00133.html
 --
 imagemagick
   NOTE: only minor issues without CVE


_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to