[Secure-testing-commits] r54377 - data/CVE

Salvatore Bonaccorso Mon, 07 Aug 2017 01:20:18 -0700

Author: carnil
Date: 2017-08-07 08:19:54 +0000 (Mon, 07 Aug 2017)
New Revision: 54377


Modified:
   data/CVE/list
Log:
Mark CVE-2017-12588 as unimportant

The zmq3 input and output modules not enabled and build in Debian.

---{ input plugins }---
[...]
    imzmq3 input module enabled:              no
[...]
---{ output plugins }---
    omzmq3 module will be compiled:           no

and both not compiled.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-08-07 07:38:42 UTC (rev 54376)
+++ data/CVE/list       2017-08-07 08:19:54 UTC (rev 54377)
@@ -11,9 +11,10 @@
 CVE-2017-12589
        RESERVED
 CVE-2017-12588 (The zmq3 input and output modules in rsyslog before 8.28.0 
interpreted ...)
-       - rsyslog 8.28.0-1
+       - rsyslog 8.28.0-1 (unimportant)
        NOTE: 
https://github.com/rsyslog/rsyslog/commit/062d0c671a29f7c6f7dff4a2f1f35df375bbb30b
        NOTE: https://github.com/rsyslog/rsyslog/pull/1565
+       NOTE: The zmq3 input and output modules are not enabled and built in 
Debian
 CVE-2017-12587 (ImageMagick 7.0.6-1 has a large loop vulnerability in the 
ReadPWPImage ...)
        - imagemagick 8:6.9.7.4+dfsg-16 (bug #870526)
        NOTE: https://github.com/ImageMagick/ImageMagick/issues/535


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r54377 - data/CVE

Reply via email to