Author: jmm
Date: 2016-10-12 07:00:24 +0000 (Wed, 12 Oct 2016)
New Revision: 45247

Modified:
   data/CVE/list
Log:
guile/repl n/a for 1.8, no-dsa for 2.0/jessie


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2016-10-12 05:49:22 UTC (rev 45246)
+++ data/CVE/list       2016-10-12 07:00:24 UTC (rev 45247)
@@ -1,12 +1,14 @@
 CVE-2016-8606 [REPL server vulnerable to HTTP inter-protocol attacks]
-       - guile-2.0 <unfixed>
+       - guile-2.0 <unfixed> (low)
+       [jessie] - guile-2.0 <no-dsa> (Minor issue)
+       - guile-1.8 <not-affected> (repl server introduced in 2.0)
        NOTE: Patch: 
http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=08c021916dbd3a235a9f9cc33df4c418c0724e03
-       TODO: check and if this potentially affects guile-1.8 as well
 CVE-2016-8605 [Thread-unsafe umask modification]
-       - guile-2.0 <unfixed>
+       - guile-2.0 <unfixed> (low)
+       [jessie] - guile-2.0 <no-dsa> (Minor issue)
+       - guile-1.8 <not-affected> (repl server introduced in 2.0)
        NOTE: http://bugs.gnu.org/24659
        NOTE: Patch: 
http://git.savannah.gnu.org/cgit/guile.git/commit/?h=stable-2.0&id=245608911698adb3472803856019bdd5670b6614
-       TODO: check and if this potentially affects guile-1.8 as well
 CVE-2016-8593
        RESERVED
 CVE-2016-8592


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to