[Secure-testing-commits] r50669 - in data: . CVE

Raphaël Hertzog Fri, 14 Apr 2017 06:38:58 -0700

Author: hertzog
Date: 2017-04-14 13:38:24 +0000 (Fri, 14 Apr 2017)
New Revision: 50669


Modified:
   data/CVE/list
   data/dla-needed.txt
Log:
Requalify libarchive CVE as no-dsa

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-04-14 13:38:12 UTC (rev 50668)
+++ data/CVE/list       2017-04-14 13:38:24 UTC (rev 50669)
@@ -5451,6 +5451,7 @@
 CVE-2016-10209 (The archive_wstring_append_from_mbs function in 
archive_string.c in ...)
        - libarchive <unfixed> (bug #859456)
        [jessie] - libarchive <no-dsa> (Minor issue)
+       [wheezy] - libarchive <no-dsa> (Minor issue, not reproducible in Debian)
        NOTE: https://github.com/libarchive/libarchive/issues/842
        NOTE: Fixed by: 
https://github.com/libarchive/libarchive/commit/42a3408ac7df1e69bea9ea12b72e14f59f7400c0
 (v3.3.0)
 CVE-2017-5919

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-04-14 13:38:12 UTC (rev 50668)
+++ data/dla-needed.txt 2017-04-14 13:38:24 UTC (rev 50669)
@@ -32,8 +32,6 @@
 --
 jasper (Thorsten Alteholz)
 --
-libarchive (Raphaël Hertzog)
---
 libav (Hugo Lefeuvre)
   NOTE: Upstream should provide new point-releases fixing open security issues 
in the next months.
   NOTE: Lots of CVEs are open, this is going to take some time. (See 
debian-lts ML)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r50669 - in data: . CVE

Reply via email to