Author: carnil
Date: 2016-09-20 15:40:50 +0000 (Tue, 20 Sep 2016)
New Revision: 44751

Modified:
   data/CVE/list
Log:
Update information for CVE-2013-6499

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-09-20 06:24:21 UTC (rev 44750)
+++ data/CVE/list       2016-09-20 15:40:50 UTC (rev 44751)
@@ -79245,10 +79245,12 @@
        REJECTED
 CVE-2013-6499 [loading a module relative to the cwd]
        RESERVED
-       - libmp3-info-perl <unfixed> (bug #777230)
+       - libmp3-info-perl <unfixed> (bug #777230; unimportant)
        [jessie] - libmp3-info-perl <no-dsa> (Minor issue)
        [wheezy] - libmp3-info-perl <no-dsa> (Minor issue)
        [squeeze] - libmp3-info-perl <no-dsa> (Minor issue)
+       NOTE: Marked as unimportant at least for unstable, since the issue is 
mitigated
+       NOTE: by src:perl not having '.' in INC since 5.22.2-4 by default.
 CVE-2013-6498
        RESERVED
 CVE-2013-6497 (clamscan in ClamAV before 0.98.5, when using -a option, allows 
remote ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to